$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS23947.roa File: AS23947.roa (raw, json) Hash identifier: x8YrcYgG14bvLaEN+i0TBErz77B2hz2+mzXSerMo7cE= Subject key identifier: 2B:5E:D1:7C:98:EC:BB:BD:E0:F5:64:06:0E:9A:45:AF:E5:3F:E0:AC Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3D8EA4CCE2FA6C476A05971CAB0ED52809B77768 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS23947.roa Signing time: Sat 23 Sep 2023 08:45:32 +0000 ROA not before: Sat 23 Sep 2023 08:40:32 +0000 ROA not after: Sat 21 Sep 2024 08:45:32 +0000 asID: 23947 IP address blocks: 103.129.216.0/22 maxlen: 24 103.154.136.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 18:02:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:8e:a4:cc:e2:fa:6c:47:6a:05:97:1c:ab:0e:d5:28:09:b7:77:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 23 08:40:32 2023 GMT Not After : Sep 21 08:45:32 2024 GMT Subject: CN=2B5ED17C98ECBBBDE0F564060E9A45AFE53FE0AC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:3d:0a:3f:79:52:99:3f:db:04:d5:1c:2d:b4: b9:8e:53:e0:6c:68:ad:31:70:7a:68:48:a0:44:d0: f8:2d:b5:1d:9f:db:01:f9:bb:af:8a:b5:cc:56:48: 83:0c:76:57:1e:79:99:0f:d9:bf:0e:98:02:31:80: 92:23:b7:aa:04:8f:3a:18:6b:ce:f8:b5:28:bc:9f: b8:69:18:0e:50:b1:08:3d:d6:13:11:26:df:65:42: 65:82:da:9b:c0:f6:62:89:6a:66:c1:3f:fc:ba:6f: c0:0a:f6:74:fb:01:d6:2d:0e:5d:30:53:94:03:2f: 83:28:8c:ff:e3:c1:fb:64:51:e3:6b:94:41:80:5c: 40:3f:fb:41:03:c2:b6:df:f8:35:9b:e7:33:95:cd: bd:89:01:51:22:c5:73:95:35:c7:e1:c8:5e:43:57: 8e:48:81:56:36:1e:79:a2:e0:d1:0d:9d:39:6b:8e: 54:59:2f:bb:41:18:7d:45:b7:d4:e6:ea:a6:c2:ee: 59:e3:a1:7e:8e:63:c3:43:3a:d7:46:83:c1:ef:c4: b3:7e:90:64:46:f2:7f:40:79:9f:ac:1a:5c:77:42: 54:d3:da:7c:3b:63:35:7f:94:28:44:1b:1d:9e:0a: 6c:8e:a1:23:65:a3:bf:37:8b:f7:c1:43:2c:57:4e: ba:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:5E:D1:7C:98:EC:BB:BD:E0:F5:64:06:0E:9A:45:AF:E5:3F:E0:AC X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS23947.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.129.216.0/22 103.154.136.0/24 Signature Algorithm: sha256WithRSAEncryption 73:3a:f5:9a:e1:2f:b5:dd:70:f0:95:3e:81:e4:ff:66:05:4f: 8c:47:61:cd:28:81:d9:74:21:32:90:be:5d:1f:39:bb:f8:1a: 91:8f:71:ab:b8:3f:f0:59:5f:50:f5:69:3d:d3:68:f5:81:04: cc:78:3e:ff:11:11:c7:89:e7:33:9e:23:10:70:c1:8f:00:45: ac:c4:a2:ea:15:54:96:f3:c3:87:a1:e6:79:d4:45:23:00:64: bd:3d:58:c1:ea:2b:37:75:56:bb:e5:17:bb:46:cb:08:4a:dd: 33:77:dd:a9:a9:c7:e1:fa:61:26:35:2b:6f:c2:aa:5d:ed:30: 0a:5c:1f:b0:d6:12:82:5f:ee:a8:06:2c:e8:43:82:9f:45:4c: fd:98:0a:b8:dd:f0:49:52:bf:5d:a5:61:ed:47:d5:2f:08:ee: e4:4d:a1:dc:71:14:3d:5a:40:b6:d2:c2:9d:1c:ae:63:72:79: 5c:13:b0:4c:6b:0f:61:19:d2:94:a0:05:d0:a5:cf:ab:40:74: af:8c:d7:e7:0c:c9:e0:ed:21:04:46:5c:70:65:5f:cc:75:58: 7a:3e:9a:db:7f:67:15:a3:11:90:5d:a7:25:27:01:1f:fe:73: e5:cd:fd:63:15:b6:5e:d3:a3:ac:c0:f6:14:19:45:d1:ec:4e: a3:08:38:b7 -----BEGIN CERTIFICATE----- MIIE4jCCA8qgAwIBAgIUPY6kzOL6bEdqBZccqw7VKAm3d2gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDkyMzA4NDAzMloX DTI0MDkyMTA4NDUzMlowMzExMC8GA1UEAxMoMkI1RUQxN0M5OEVDQkJCREUwRjU2 NDA2MEU5QTQ1QUZFNTNGRTBBQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKo9Cj95Upk/2wTVHC20uY5T4GxorTFwemhIoETQ+C21HZ/bAfm7r4q1zFZI gwx2Vx55mQ/Zvw6YAjGAkiO3qgSPOhhrzvi1KLyfuGkYDlCxCD3WExEm32VCZYLa m8D2YolqZsE//LpvwAr2dPsB1i0OXTBTlAMvgyiM/+PB+2RR42uUQYBcQD/7QQPC tt/4NZvnM5XNvYkBUSLFc5U1x+HIXkNXjkiBVjYeeaLg0Q2dOWuOVFkvu0EYfUW3 1ObqpsLuWeOhfo5jw0M610aDwe/Es36QZEbyf0B5n6waXHdCVNPafDtjNX+UKEQb HZ4KbI6hI2WjvzeL98FDLFdOuhkCAwEAAaOCAdUwggHRMB0GA1UdDgQWBBQrXtF8 mOy7veD1ZAYOmkWv5T/grDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzIzOTQ3LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQCZ4HYAwQAZ5qIMA0GCSqGSIb3DQEBCwUAA4IBAQBzOvWa4S+13XDw lT6B5P9mBU+MR2HNKIHZdCEykL5dHzm7+BqRj3GruD/wWV9Q9Wk902j1gQTMeD7/ ERHHieczniMQcMGPAEWsxKLqFVSW88OHoeZ51EUjAGS9PVjB6is3dVa75Re7RssI St0zd92pqcfh+mEmNStvwqpd7TAKXB+w1hKCX+6oBizoQ4KfRUz9mAq43fBJUr9d pWHtR9UvCO7kTaHccRQ9WkC20sKdHK5jcnlcE7BMaw9hGdKUoAXQpc+rQHSvjNfn DMng7SEERlxwZV/MdVh6Pprbf2cVoxGQXaclJwEf/nPlzf1jFbZe06OswPYUGUXR 7E6jCDi3 -----END CERTIFICATE-----Generated at Wed May 8 17:45:24 2024 by rpki-client on console-ams.rpki-client.org