$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24199.roa File: AS24199.roa (raw, json) Hash identifier: LJ8En4RCOdtqqnXs0Spif2rjkACDuBH85XrGTlYDHpU= Subject key identifier: 8D:9C:05:EE:C1:ED:B9:5F:67:F4:03:8C:AD:C0:F7:1A:85:C1:40:EA Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4114C0A1175B36BCE7CF4272EFE26E006C4E7016 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24199.roa Signing time: Tue 14 Nov 2023 03:59:47 +0000 ROA not before: Tue 14 Nov 2023 03:54:47 +0000 ROA not after: Tue 12 Nov 2024 03:59:47 +0000 asID: 24199 IP address blocks: 202.89.208.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 00:20:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:14:c0:a1:17:5b:36:bc:e7:cf:42:72:ef:e2:6e:00:6c:4e:70:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 14 03:54:47 2023 GMT Not After : Nov 12 03:59:47 2024 GMT Subject: CN=8D9C05EEC1EDB95F67F4038CADC0F71A85C140EA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:d4:83:ac:0b:87:00:03:04:f0:8d:20:77:92: a7:41:01:01:c4:73:0a:42:f3:47:a3:9f:e8:58:a4: 9b:c1:a9:60:7f:1f:c2:49:6a:fe:f3:5d:8c:cc:fb: 72:f7:52:c4:35:9f:b2:f6:91:ff:f2:64:f0:5b:bd: 1d:76:b0:28:7d:b5:75:4f:0d:6f:03:aa:53:0d:b3: bd:b5:d5:13:ad:63:57:cb:44:b7:fe:a7:71:c5:ca: b2:c0:fc:f6:3d:8e:20:7b:e6:88:d1:7f:91:a8:fe: c6:b8:f4:91:f0:5d:04:da:9e:bd:6f:80:22:fd:56: 99:fb:d4:18:3c:74:b1:9e:80:1a:1e:8d:84:e1:d4: 2a:ba:1e:bd:37:48:99:8c:9f:1c:34:e6:90:0d:d8: ac:68:df:e5:94:89:3b:31:d9:23:37:01:7b:b1:6d: e5:7b:57:fa:5b:8a:27:95:bb:c3:92:42:02:e2:57: 79:27:91:f5:d9:df:f7:91:48:b6:74:5e:1e:77:b6: a6:a2:14:1a:95:9c:ee:49:2e:ca:e5:27:91:57:ad: 1a:98:a1:d6:ae:4b:f8:fa:16:60:97:af:42:1a:b6: c4:f7:56:ac:8e:2a:4f:e8:96:9d:c3:29:3d:a5:b4: 1c:c9:ca:ee:c0:08:2f:d6:0a:29:d4:fa:2e:3f:2d: 08:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:9C:05:EE:C1:ED:B9:5F:67:F4:03:8C:AD:C0:F7:1A:85:C1:40:EA X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24199.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.89.208.0/24 Signature Algorithm: sha256WithRSAEncryption 77:14:27:06:ba:05:bd:6f:e0:3c:1d:24:67:81:cc:bc:b6:27: 15:91:9f:20:0c:c1:eb:68:01:ff:92:36:a7:7f:c7:23:aa:56: e9:98:55:52:32:22:91:53:f4:9c:aa:3b:b6:21:26:2f:5a:0f: a0:03:d2:49:19:2e:4c:af:a2:f1:5f:fa:17:10:ab:4f:f4:ad: e0:91:16:39:45:e1:2b:83:de:2c:5d:c1:56:3f:6d:14:04:dc: 85:ca:50:ff:aa:ee:91:16:05:45:2d:7d:63:d1:75:bb:d2:86: 5d:f5:5b:61:1f:f0:53:30:00:7c:76:91:89:48:b7:19:2e:4e: f0:45:43:fb:29:c5:97:31:a7:fd:54:cd:74:11:77:3a:91:7f: eb:c1:84:5f:6e:04:3f:43:8d:cd:ab:a7:90:0d:88:23:ec:7f: 1b:96:14:56:3d:6e:12:33:f6:dd:a4:d0:24:d7:1a:d3:ed:ab: 95:1a:34:b6:7a:69:a0:47:4c:ab:e2:24:2c:79:3f:bd:c7:b8: 18:7a:0c:33:7d:0b:8f:e1:16:58:6d:c9:4d:2e:13:f5:e5:4b: 87:cf:48:51:ce:05:11:08:79:f5:e4:b7:f4:3a:28:35:b6:fc: f1:9c:b4:c8:f0:94:01:04:e7:47:ca:a8:49:e4:5b:ff:6b:77: 4d:8b:89:b1 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUQRTAoRdbNrznz0Jy7+JuAGxOcBYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMTExNDAzNTQ0N1oX DTI0MTExMjAzNTk0N1owMzExMC8GA1UEAxMoOEQ5QzA1RUVDMUVEQjk1RjY3RjQw MzhDQURDMEY3MUE4NUMxNDBFQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN3Ug6wLhwADBPCNIHeSp0EBAcRzCkLzR6Of6Fikm8GpYH8fwklq/vNdjMz7 cvdSxDWfsvaR//Jk8Fu9HXawKH21dU8NbwOqUw2zvbXVE61jV8tEt/6nccXKssD8 9j2OIHvmiNF/kaj+xrj0kfBdBNqevW+AIv1WmfvUGDx0sZ6AGh6NhOHUKroevTdI mYyfHDTmkA3YrGjf5ZSJOzHZIzcBe7Ft5XtX+luKJ5W7w5JCAuJXeSeR9dnf95FI tnReHne2pqIUGpWc7kkuyuUnkVetGpih1q5L+PoWYJevQhq2xPdWrI4qT+iWncMp PaW0HMnK7sAIL9YKKdT6Lj8tCO0CAwEAAaOCAc8wggHLMB0GA1UdDgQWBBSNnAXu we25X2f0A4ytwPcahcFA6jAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzI0MTk5LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAylnQMA0GCSqGSIb3DQEBCwUAA4IBAQB3FCcGugW9b+A8HSRngcy8 ticVkZ8gDMHraAH/kjanf8cjqlbpmFVSMiKRU/Scqju2ISYvWg+gA9JJGS5Mr6Lx X/oXEKtP9K3gkRY5ReErg94sXcFWP20UBNyFylD/qu6RFgVFLX1j0XW70oZd9Vth H/BTMAB8dpGJSLcZLk7wRUP7KcWXMaf9VM10EXc6kX/rwYRfbgQ/Q43Nq6eQDYgj 7H8blhRWPW4SM/bdpNAk1xrT7auVGjS2emmgR0yr4iQseT+9x7gYegwzfQuP4RZY bclNLhP15UuHz0hRzgURCHn15Lf0Oig1tvzxnLTI8JQBBOdHyqhJ5Fv/a3dNi4mx -----END CERTIFICATE-----Generated at Thu May 9 00:29:16 2024 by rpki-client on console-ams.rpki-client.org