$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS38154.roa File: AS38154.roa (raw, json) Hash identifier: I5mgJjfWlyTAamrAKzhN2qBj1IgEfK1Mn/ehILYBYoc= Subject key identifier: C6:B6:D1:93:BB:44:C5:3E:87:28:C5:80:8C:C2:48:DB:75:32:A5:BB Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 53838DD51B7D60D37C8D37EC2D482846559328BA Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS38154.roa Signing time: Tue 20 Feb 2024 02:27:59 +0000 ROA not before: Tue 20 Feb 2024 02:22:59 +0000 ROA not after: Tue 18 Feb 2025 02:27:59 +0000 asID: 38154 IP address blocks: 2401:78a0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 10:29:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:83:8d:d5:1b:7d:60:d3:7c:8d:37:ec:2d:48:28:46:55:93:28:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Feb 20 02:22:59 2024 GMT Not After : Feb 18 02:27:59 2025 GMT Subject: CN=C6B6D193BB44C53E8728C5808CC248DB7532A5BB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:25:49:b5:8a:d8:8a:9a:9c:4f:c0:35:a9:8d: 60:d1:fd:f2:50:ea:af:82:19:7b:4e:39:6f:ca:5a: 62:e6:35:fe:e1:b8:4e:6e:bd:67:42:d0:16:62:62: a1:b3:15:20:19:50:a4:8e:d7:c2:9b:83:ae:60:ea: 5b:5e:fa:0b:a7:69:dd:fc:0a:f3:5d:c9:5a:e5:d1: 00:67:8f:c6:fa:e2:f9:95:04:0e:43:4d:f9:4c:1a: 15:80:4a:e4:88:eb:bf:00:1d:45:8e:4b:e0:10:a7: 56:15:42:e7:b7:d4:6f:fc:2a:e6:23:75:60:6d:5f: 49:8f:89:94:ef:c8:d6:a7:1b:31:1c:70:89:66:f4: 7f:6e:95:fe:e7:71:64:ec:9d:d6:64:c8:f6:bc:c5: 6a:53:b2:d5:76:7f:3f:03:ed:8d:31:92:4b:67:ae: bf:73:1b:be:b5:b9:e0:49:99:5c:e8:6d:1f:93:38: e7:ca:43:74:d2:05:ac:30:eb:5d:6f:83:ec:1d:5a: e6:51:78:81:c9:61:4f:36:32:6d:8a:58:8e:1d:84: 80:76:9b:55:91:61:f2:59:b8:20:54:82:68:b8:68: 83:47:2a:f3:3b:03:7b:c9:35:a3:89:e3:b3:c5:11: 33:25:ee:a4:2c:8f:f3:96:ae:a6:26:ad:f9:13:13: 0f:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:B6:D1:93:BB:44:C5:3E:87:28:C5:80:8C:C2:48:DB:75:32:A5:BB X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS38154.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:78a0::/32 Signature Algorithm: sha256WithRSAEncryption 97:c7:b0:df:62:3e:2d:41:65:52:17:a1:33:d4:1c:aa:28:ef: 21:37:9e:af:a8:23:d0:d2:02:ef:ac:29:8c:96:62:69:f6:43: 8a:71:1c:96:ee:ab:cb:48:31:24:8d:0c:d5:83:7b:b0:2a:fb: d1:3a:73:b5:16:94:2c:f0:66:d4:90:7f:79:b8:67:1e:1d:5b: 99:f1:51:ae:f4:ca:b4:26:b0:d9:71:26:2a:47:af:cc:54:e1: ac:d5:03:7b:0e:a0:70:0e:4f:97:23:b1:e2:32:65:d7:5f:47: ea:42:4f:e5:0e:77:2b:86:fa:fa:90:91:39:f5:ef:6c:21:b9: 98:88:84:a0:f8:f1:1f:9b:8e:45:09:a6:40:d4:38:1e:8a:7b: 89:61:c9:a5:7a:17:9c:f8:a2:4f:08:b7:48:b3:1e:ec:a3:d9: 2c:d2:a1:da:99:e4:e1:a6:58:fa:f9:61:83:41:e3:08:ed:e3: 81:e9:17:5f:c7:53:f8:bb:85:09:f7:97:a3:f5:9d:2f:f2:81: 3d:54:6f:3d:12:1d:3d:8a:94:c2:ad:e4:08:4b:20:7d:28:88: 0c:03:42:9a:c4:13:15:6a:36:20:e5:86:ae:8e:2e:12:25:da: 31:8f:66:c3:98:5b:89:ed:8c:16:45:4f:3b:44:d0:fb:a4:32: 50:4f:e7:44 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUU4ON1Rt9YNN8jTfsLUgoRlWTKLowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDIyMDAyMjI1OVoX DTI1MDIxODAyMjc1OVowMzExMC8GA1UEAxMoQzZCNkQxOTNCQjQ0QzUzRTg3MjhD NTgwOENDMjQ4REI3NTMyQTVCQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ4lSbWK2IqanE/ANamNYNH98lDqr4IZe045b8paYuY1/uG4Tm69Z0LQFmJi obMVIBlQpI7XwpuDrmDqW176C6dp3fwK813JWuXRAGePxvri+ZUEDkNN+UwaFYBK 5IjrvwAdRY5L4BCnVhVC57fUb/wq5iN1YG1fSY+JlO/I1qcbMRxwiWb0f26V/udx ZOyd1mTI9rzFalOy1XZ/PwPtjTGSS2euv3MbvrW54EmZXOhtH5M458pDdNIFrDDr XW+D7B1a5lF4gclhTzYybYpYjh2EgHabVZFh8lm4IFSCaLhog0cq8zsDe8k1o4nj s8URMyXupCyP85aupiat+RMTD28CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTGttGT u0TFPocoxYCMwkjbdTKluzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzM4MTU0LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAF4oDANBgkqhkiG9w0BAQsFAAOCAQEAl8ew32I+LUFlUhehM9Qc qijvITeer6gj0NIC76wpjJZiafZDinEclu6ry0gxJI0M1YN7sCr70TpztRaULPBm 1JB/ebhnHh1bmfFRrvTKtCaw2XEmKkevzFThrNUDew6gcA5PlyOx4jJl119H6kJP 5Q53K4b6+pCROfXvbCG5mIiEoPjxH5uORQmmQNQ4Hop7iWHJpXoXnPiiTwi3SLMe 7KPZLNKh2pnk4aZY+vlhg0HjCO3jgekXX8dT+LuFCfeXo/WdL/KBPVRvPRIdPYqU wq3kCEsgfSiIDANCmsQTFWo2IOWGro4uEiXaMY9mw5hbie2MFkVPO0TQ+6QyUE/n RA== -----END CERTIFICATE-----Generated at Wed May 8 04:37:59 2024 by rpki-client on console-fra.rpki-client.org