$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24199.roa File: AS24199.roa (raw, json) Hash identifier: 8913rc6LF4UzSmRRzDWELgjbsX21w9i6Ko1Rvbj5o9A= Subject key identifier: 44:21:50:22:45:9D:05:AE:D4:11:57:8A:3D:33:44:3F:6F:A3:36:11 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5FE235AC623BA2DA6549F15E1A0DA85463EAFE18 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24199.roa Signing time: Tue 15 Oct 2024 04:01:02 +0000 ROA not before: Tue 15 Oct 2024 03:56:02 +0000 ROA not after: Tue 14 Oct 2025 04:01:02 +0000 asID: 24199 IP address blocks: 202.89.208.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:e2:35:ac:62:3b:a2:da:65:49:f1:5e:1a:0d:a8:54:63:ea:fe:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Oct 15 03:56:02 2024 GMT Not After : Oct 14 04:01:02 2025 GMT Subject: CN=44215022459D05AED411578A3D33443F6FA33611 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:05:54:78:b6:4c:8c:60:03:e9:5a:51:df:ff: 14:b2:5d:58:c1:b1:37:27:91:7e:51:58:d0:18:ef: 94:d4:27:16:74:b0:d2:22:40:30:b3:8c:30:cb:68: 2a:0d:68:d6:8c:14:ad:f2:c2:95:f9:26:11:d5:01: 78:af:89:d9:a4:0d:ab:3e:01:df:01:46:c0:f3:c5: f0:c9:f3:9d:9b:a8:f0:33:73:fb:5a:56:7c:59:ce: 7e:8a:a0:dd:fd:3c:d6:5e:b0:4d:fa:c3:c7:62:48: c0:22:5e:04:73:f4:61:67:54:c0:e3:f5:09:aa:dc: a8:49:38:49:53:70:64:8f:df:09:c9:28:c5:e5:dd: 57:ee:78:dd:c2:9c:39:f1:4b:8d:91:9b:d3:3d:b5: 22:13:d8:76:78:56:e3:cf:7f:ab:6c:24:52:c9:28: 1d:85:ee:f7:a8:56:b7:e0:f0:2b:66:0a:7f:1e:fb: 35:05:de:4d:65:7d:1e:e8:85:77:37:53:e2:cb:0d: 08:11:7c:a0:c4:d0:31:a2:0d:d8:9d:56:dc:e1:ff: c2:60:f3:19:e9:83:f6:a6:34:96:8d:49:69:e7:15: a5:ba:b3:f2:55:48:3a:44:e4:1c:28:4a:ba:04:b4: f9:cc:7e:f3:f1:7e:1a:d2:49:db:2f:19:da:67:ad: 3a:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:21:50:22:45:9D:05:AE:D4:11:57:8A:3D:33:44:3F:6F:A3:36:11 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24199.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.89.208.0/24 Signature Algorithm: sha256WithRSAEncryption 14:78:25:f2:ce:9d:49:13:4f:fa:92:02:e3:c1:cc:8d:c1:11: cb:ad:41:f7:eb:21:a0:9e:fb:9f:40:c5:3b:b6:9d:8a:8f:cb: ba:a6:c4:7f:02:b5:0e:b5:ed:5b:c9:75:f0:c5:5f:97:93:45: cf:b2:51:b8:53:25:e3:09:1b:9f:c4:c0:38:a5:f1:e6:6d:eb: 50:a1:45:09:35:b3:52:99:ea:0e:df:85:c3:c2:2e:f6:2a:c8: e5:b7:2b:54:b1:b8:58:a6:80:83:5c:77:6d:1b:4e:a4:b9:76: de:83:c8:9b:a8:9f:71:7d:d3:fd:c5:c5:c1:bc:db:c4:36:25: 53:b0:c3:25:95:6a:c3:d3:ca:5a:28:f4:27:5e:59:6f:c9:ed: a4:92:83:99:76:9a:f3:33:99:19:d4:2f:9d:3a:23:5d:dc:16: b5:ee:e9:ed:c0:5a:bd:41:63:b5:9b:af:a4:22:63:35:5e:93: ea:5e:f9:0f:22:9a:b1:b4:d8:ba:8a:b2:23:fd:84:2e:2e:38: 74:74:95:c3:ec:73:37:ac:f5:03:89:64:ae:ec:24:8f:d8:fa: 82:32:6a:13:be:41:b5:a6:90:68:bf:a1:8a:51:ea:5c:a0:b6: 0f:63:c4:70:ac:fb:bb:ad:02:ef:ec:e3:98:bd:a2:af:c0:30: a6:35:4b:cd -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUX+I1rGI7otplSfFeGg2oVGPq/hgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTAxNTAzNTYwMloX DTI1MTAxNDA0MDEwMlowMzExMC8GA1UEAxMoNDQyMTUwMjI0NTlEMDVBRUQ0MTE1 NzhBM0QzMzQ0M0Y2RkEzMzYxMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKgFVHi2TIxgA+laUd//FLJdWMGxNyeRflFY0BjvlNQnFnSw0iJAMLOMMMto Kg1o1owUrfLClfkmEdUBeK+J2aQNqz4B3wFGwPPF8MnznZuo8DNz+1pWfFnOfoqg 3f081l6wTfrDx2JIwCJeBHP0YWdUwOP1CarcqEk4SVNwZI/fCckoxeXdV+543cKc OfFLjZGb0z21IhPYdnhW489/q2wkUskoHYXu96hWt+DwK2YKfx77NQXeTWV9HuiF dzdT4ssNCBF8oMTQMaIN2J1W3OH/wmDzGemD9qY0lo1JaecVpbqz8lVIOkTkHChK ugS0+cx+8/F+GtJJ2y8Z2metOgcCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBREIVAi RZ0FrtQRV4o9M0Q/b6M2ETAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzI0MTk5LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAylnQMA0GCSqGSIb3DQEBCwUAA4IBAQAUeCXyzp1JE0/6kgLjwcyN wRHLrUH36yGgnvufQMU7tp2Kj8u6psR/ArUOte1byXXwxV+Xk0XPslG4UyXjCRuf xMA4pfHmbetQoUUJNbNSmeoO34XDwi72KsjltytUsbhYpoCDXHdtG06kuXbeg8ib qJ9xfdP9xcXBvNvENiVTsMMllWrD08paKPQnXllvye2kkoOZdprzM5kZ1C+dOiNd 3Ba17untwFq9QWO1m6+kImM1XpPqXvkPIpqxtNi6irIj/YQuLjh0dJXD7HM3rPUD iWSu7CSP2PqCMmoTvkG1ppBov6GKUepcoLYPY8RwrPu7rQLv7OOYvaKvwDCmNUvN -----END CERTIFICATE-----Generated at Mon Nov 25 13:01:58 2024 by rpki-client on console-fra.rpki-client.org