$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24209.roa File: AS24209.roa (raw, json) Hash identifier: xzFylYLtuzqHi9YYOnzIz8mmxrqToeyrhFatbvrml30= Subject key identifier: 50:8A:1F:99:90:99:63:2C:9C:C1:EB:D0:37:D8:4D:04:6F:77:26:2C Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 13F741CDA945E5C0F64BA588C4DB2F7C3664969E Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24209.roa Signing time: Tue 09 Jan 2024 04:00:06 +0000 ROA not before: Tue 09 Jan 2024 03:55:06 +0000 ROA not after: Tue 07 Jan 2025 04:00:06 +0000 asID: 24209 IP address blocks: 202.122.8.0/21 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 10 May 2024 16:39:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:f7:41:cd:a9:45:e5:c0:f6:4b:a5:88:c4:db:2f:7c:36:64:96:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:06 2024 GMT Not After : Jan 7 04:00:06 2025 GMT Subject: CN=508A1F999099632C9CC1EBD037D84D046F77262C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:e6:2b:d0:7a:30:e1:9f:ef:80:b1:42:64:23: f6:d2:4c:13:0f:39:64:0d:9b:4c:95:82:36:bd:5a: 13:eb:6f:f1:f9:67:9d:cd:8a:cf:1d:cb:2c:21:33: 2f:95:6d:bd:92:0a:97:b5:54:ee:88:4f:bb:0b:6a: 6f:71:e8:34:ac:7c:b6:dd:02:b7:4b:09:82:f3:31: aa:8d:3b:96:d6:3e:13:f1:77:8d:6b:a2:be:ea:bd: 70:9b:4a:e5:78:48:9d:8f:e1:96:cf:8b:bc:13:26: bb:15:de:06:31:80:37:99:c3:04:a8:ef:c4:27:3b: b9:ab:73:e0:78:b6:f0:c0:6e:a4:89:80:9a:d8:d3: 32:fa:8d:2c:3b:3b:4b:45:04:d2:c2:7d:a7:db:cf: b4:4d:b6:d0:65:e4:1f:99:23:34:c3:64:94:75:e2: 13:71:90:0a:fe:b9:21:8a:76:ed:26:2a:a1:ed:c1: 48:90:54:fd:9a:97:97:e6:2e:41:7f:16:37:33:0f: 30:18:1d:9d:90:5a:8f:9d:02:be:f7:14:bd:40:ad: ef:6e:7f:9b:61:37:25:ab:1b:c8:c9:12:fb:3a:81: 90:f2:66:bf:0e:1d:40:3f:93:9a:78:94:ee:4e:ef: 9c:28:1b:7d:2c:f0:44:04:3e:58:bd:72:02:79:03: e1:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:8A:1F:99:90:99:63:2C:9C:C1:EB:D0:37:D8:4D:04:6F:77:26:2C X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24209.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.122.8.0/21 Signature Algorithm: sha256WithRSAEncryption 27:df:cc:53:f0:46:c4:f9:75:e7:75:c9:d1:0d:f9:d9:de:73: a8:c5:34:df:37:f9:c3:a9:62:87:83:53:61:ff:f1:a3:4a:ab: d5:74:68:1d:54:ca:6a:fe:d9:6d:ac:8a:30:49:60:8f:88:d5: fb:6b:b7:8d:b5:fa:92:69:56:ad:62:73:73:5e:88:4d:83:35: 5b:bf:cb:12:59:34:a7:c5:d6:9d:81:3a:46:f4:2b:e3:1e:55: 54:1b:dd:e3:30:57:e1:24:51:24:f5:c2:07:8a:62:64:70:f0: d5:7b:7c:b6:ea:eb:b9:76:f7:b3:a6:5e:06:11:9b:89:d2:42: 8d:c6:2d:21:45:b2:70:32:be:64:f7:1c:7d:c1:83:e3:e3:ac: 10:ef:5e:b7:00:30:8e:f8:a1:b1:e8:d8:1c:d4:81:eb:22:33: cf:0b:53:83:1f:78:b4:83:43:b2:ea:3b:23:84:55:92:39:f0: 3f:53:9a:32:cc:54:a7:37:39:50:07:1e:e5:39:61:97:18:41: 78:6b:d9:85:39:8b:b7:9f:fe:ab:f1:8a:86:86:49:d0:32:62: 21:af:3c:a9:96:84:e1:3e:eb:da:43:b1:6a:fc:b5:4e:c5:fa: ec:cd:be:de:00:37:e3:b6:8f:a2:9a:58:24:09:3c:01:de:cd: 23:ab:41:80 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUE/dBzalF5cD2S6WIxNsvfDZklp4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUwNloX DTI1MDEwNzA0MDAwNlowMzExMC8GA1UEAxMoNTA4QTFGOTk5MDk5NjMyQzlDQzFF QkQwMzdEODREMDQ2Rjc3MjYyQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANzmK9B6MOGf74CxQmQj9tJMEw85ZA2bTJWCNr1aE+tv8flnnc2Kzx3LLCEz L5VtvZIKl7VU7ohPuwtqb3HoNKx8tt0Ct0sJgvMxqo07ltY+E/F3jWuivuq9cJtK 5XhInY/hls+LvBMmuxXeBjGAN5nDBKjvxCc7uatz4Hi28MBupImAmtjTMvqNLDs7 S0UE0sJ9p9vPtE220GXkH5kjNMNklHXiE3GQCv65IYp27SYqoe3BSJBU/ZqXl+Yu QX8WNzMPMBgdnZBaj50CvvcUvUCt725/m2E3JasbyMkS+zqBkPJmvw4dQD+TmniU 7k7vnCgbfSzwRAQ+WL1yAnkD4aUCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBRQih+Z kJljLJzB69A32E0Eb3cmLDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzI0MjA5LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDynoIMA0GCSqGSIb3DQEBCwUAA4IBAQAn38xT8EbE+XXndcnRDfnZ 3nOoxTTfN/nDqWKHg1Nh//GjSqvVdGgdVMpq/tltrIowSWCPiNX7a7eNtfqSaVat YnNzXohNgzVbv8sSWTSnxdadgTpG9CvjHlVUG93jMFfhJFEk9cIHimJkcPDVe3y2 6uu5dvezpl4GEZuJ0kKNxi0hRbJwMr5k9xx9wYPj46wQ7163ADCO+KGx6Ngc1IHr IjPPC1ODH3i0g0Oy6jsjhFWSOfA/U5oyzFSnNzlQBx7lOWGXGEF4a9mFOYu3n/6r 8YqGhknQMmIhrzyploThPuvaQ7Fq/LVOxfrszb7eADfjto+imlgkCTwB3s0jq0GA -----END CERTIFICATE-----Generated at Tue May 7 18:07:20 2024 by rpki-client on console-fra.rpki-client.org