$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24213.roa File: AS24213.roa (raw, json) Hash identifier: /gCJ2PY/MGcBuLpR2eKsL0abmWZ0eQW0IYMAA7cXfII= Subject key identifier: CB:BE:B6:52:02:E5:C4:3E:AB:56:88:B7:CB:22:B1:AF:20:46:A0:AB Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1FC93F8E0DF2586858C8EFCED18C2E01CACA4C10 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24213.roa Signing time: Mon 02 Jun 2025 07:40:04 +0000 ROA not before: Mon 02 Jun 2025 07:35:04 +0000 ROA not after: Mon 01 Jun 2026 07:40:04 +0000 asID: 24213 IP address blocks: 2402:680::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Jun 2025 02:27:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:c9:3f:8e:0d:f2:58:68:58:c8:ef:ce:d1:8c:2e:01:ca:ca:4c:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 2 07:35:04 2025 GMT Not After : Jun 1 07:40:04 2026 GMT Subject: CN=CBBEB65202E5C43EAB5688B7CB22B1AF2046A0AB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:51:de:a1:58:a7:cb:64:02:4f:c0:d4:f4:07: 9b:cb:7f:6f:df:2c:82:98:28:09:86:33:6c:a8:32: 92:eb:2f:18:c7:1f:7f:fa:89:e7:cc:0d:f3:22:6b: a0:2b:7e:05:a4:95:eb:1b:bb:c5:e1:61:86:d8:a9: 81:9b:22:52:ff:5b:08:cd:71:3a:cd:2e:3b:f2:a8: e1:80:65:73:9e:46:cf:e2:6f:a6:04:3b:75:c3:27: 9c:c2:71:fe:07:78:0b:03:f7:11:ec:24:26:b2:c0: e5:09:7d:67:ff:31:94:51:a3:09:ab:ae:2f:4c:22: 4b:07:92:67:5f:8d:d0:56:f1:31:76:52:4d:54:8a: 1f:24:ab:f5:1f:c2:97:ee:5e:3a:54:f6:a8:ba:01: 8e:8a:57:ab:48:76:28:b9:6c:ff:9a:bd:9e:cd:df: 37:be:77:07:59:ff:02:81:45:65:0c:e4:08:aa:15: f6:e3:00:73:36:b6:9d:02:4a:59:8a:ba:27:89:d0: 52:c1:3f:8e:01:fc:64:91:b8:d2:70:61:b5:2f:40: c3:90:11:50:8a:9f:f6:1c:61:a4:21:06:9e:fa:ba: 16:39:a8:2d:9b:f2:ca:ee:92:80:3a:8b:cf:30:4d: 2e:2e:96:e6:ff:f9:36:44:a3:a2:04:4d:8d:5c:fd: 73:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:BE:B6:52:02:E5:C4:3E:AB:56:88:B7:CB:22:B1:AF:20:46:A0:AB X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24213.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2402:680::/32 Signature Algorithm: sha256WithRSAEncryption 19:76:55:c2:04:9e:15:ec:3a:aa:90:18:97:e5:df:bf:ba:00: ac:0e:ef:20:8b:fa:52:f0:5f:b6:d0:db:38:3b:fe:6a:ea:5d: 68:4a:d2:ee:eb:52:54:ad:4e:4f:2c:3b:5c:bc:da:c7:ac:e8: aa:5c:15:1a:55:e8:c9:b9:a6:ee:4e:cd:cb:18:9d:50:69:65: 70:14:39:e4:80:8e:63:cf:d8:19:3f:65:ff:9f:93:63:64:fb: b6:ef:30:22:f3:18:f4:49:bb:7b:bf:50:c2:f1:54:80:3c:69: fc:9f:73:46:f7:75:e0:9d:78:fc:26:9a:91:51:8f:ad:a7:88: 3d:eb:b3:0c:1e:68:02:7c:ab:a8:4e:f7:67:d4:b7:3f:d6:96: f3:f0:5b:fe:b4:a1:7f:3a:53:d7:69:6c:15:a0:77:8d:a0:cb: de:a6:d0:48:62:d0:27:4f:82:3b:35:26:f5:34:01:7d:bf:dc: d3:a0:5c:fc:4b:6b:16:f5:98:b2:7d:5f:4e:55:0e:c8:3c:00: 6e:20:c6:00:c2:89:32:6c:b4:f9:b3:5e:dc:97:b7:a0:2b:ea: 9e:e2:45:85:99:fa:f5:db:de:f2:fd:9e:3d:1b:8b:ba:5e:11: a7:e5:ba:52:b4:7a:57:26:6a:6a:96:96:d4:f5:3c:1b:15:0b: 30:7c:41:1f -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUH8k/jg3yWGhYyO/O0YwuAcrKTBAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYwMjA3MzUwNFoX DTI2MDYwMTA3NDAwNFowMzExMC8GA1UEAxMoQ0JCRUI2NTIwMkU1QzQzRUFCNTY4 OEI3Q0IyMkIxQUYyMDQ2QTBBQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL9R3qFYp8tkAk/A1PQHm8t/b98sgpgoCYYzbKgykusvGMcff/qJ58wN8yJr oCt+BaSV6xu7xeFhhtipgZsiUv9bCM1xOs0uO/Ko4YBlc55Gz+JvpgQ7dcMnnMJx /gd4CwP3EewkJrLA5Ql9Z/8xlFGjCauuL0wiSweSZ1+N0FbxMXZSTVSKHySr9R/C l+5eOlT2qLoBjopXq0h2KLls/5q9ns3fN753B1n/AoFFZQzkCKoV9uMAcza2nQJK WYq6J4nQUsE/jgH8ZJG40nBhtS9Aw5ARUIqf9hxhpCEGnvq6FjmoLZvyyu6SgDqL zzBNLi6W5v/5NkSjogRNjVz9c6sCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTLvrZS AuXEPqtWiLfLIrGvIEagqzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzI0MjEzLnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAIGgDANBgkqhkiG9w0BAQsFAAOCAQEAGXZVwgSeFew6qpAYl+Xf v7oArA7vIIv6UvBfttDbODv+aupdaErS7utSVK1OTyw7XLzax6zoqlwVGlXoybmm 7k7NyxidUGllcBQ55ICOY8/YGT9l/5+TY2T7tu8wIvMY9Em7e79QwvFUgDxp/J9z Rvd14J14/CaakVGPraeIPeuzDB5oAnyrqE73Z9S3P9aW8/Bb/rShfzpT12lsFaB3 jaDL3qbQSGLQJ0+COzUm9TQBfb/c06Bc/EtrFvWYsn1fTlUOyDwAbiDGAMKJMmy0 +bNe3Je3oCvqnuJFhZn69dve8v2ePRuLul4Rp+W6UrR6VyZqapaW1PU8GxULMHxB Hw== -----END CERTIFICATE-----Generated at Sat Jun 7 20:57:19 2025 by rpki-client