$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS38778.roa File: AS38778.roa (raw, json) Hash identifier: yoxUasDSUPQnIJQtt1fKEqKKvksTt9yiiRNKYkrYdKo= Subject key identifier: 0A:32:3A:DE:DD:81:40:30:87:6D:A5:58:A2:A7:40:2B:E6:0B:FA:91 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3A086C5C07C6B5D005F8CB12BE40A4CE47949155 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS38778.roa Signing time: Thu 17 Oct 2024 04:00:00 +0000 ROA not before: Thu 17 Oct 2024 03:55:00 +0000 ROA not after: Thu 16 Oct 2025 04:00:00 +0000 asID: 38778 IP address blocks: 2407:f900::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:08:6c:5c:07:c6:b5:d0:05:f8:cb:12:be:40:a4:ce:47:94:91:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Oct 17 03:55:00 2024 GMT Not After : Oct 16 04:00:00 2025 GMT Subject: CN=0A323ADEDD814030876DA558A2A7402BE60BFA91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:65:c0:17:fd:e6:af:d4:06:eb:52:6e:e9:1c: d6:dc:33:dd:3b:9e:90:55:eb:08:fe:69:ca:c9:31: 03:25:2a:62:04:af:17:91:f2:1c:c1:49:47:b6:92: fe:38:c1:ab:9e:2c:82:b8:8d:0f:2e:f1:52:6d:e7: 3e:c4:46:01:d5:45:da:1e:42:ad:03:5b:0d:b9:aa: 3b:24:9f:97:4e:7f:65:7c:42:5a:1f:10:b3:5c:ba: 16:97:f1:6a:33:36:d8:f3:6f:15:4b:50:45:1e:b7: 1e:17:ec:b0:6a:ed:77:85:9c:93:c8:1e:59:3b:6f: 2d:7c:f7:ae:56:be:5b:5d:40:9d:00:9d:6d:6a:fe: b5:7c:e5:4a:fb:a7:2c:9d:05:49:8a:f3:ac:c6:37: af:0d:42:3a:16:ff:ac:ca:cc:c0:2a:ae:56:00:b4: 4a:c8:08:6c:39:f3:b9:59:c6:e3:d0:81:65:22:aa: 0f:f7:d0:5b:b4:04:c7:bb:5c:06:45:cf:b3:ce:d3: 46:00:15:c3:98:aa:8c:4d:8a:a7:b3:c7:af:4b:17: 9f:ab:35:be:9d:7a:cc:75:66:1b:37:b7:1d:e6:c8: 1e:1c:a0:57:b3:39:78:d3:36:2a:0b:2b:a7:2b:0d: 92:25:73:69:b2:a9:fd:75:8f:3f:bc:b4:17:db:c6: c1:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:32:3A:DE:DD:81:40:30:87:6D:A5:58:A2:A7:40:2B:E6:0B:FA:91 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS38778.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2407:f900::/32 Signature Algorithm: sha256WithRSAEncryption 1e:01:fa:a7:9f:ab:67:53:fa:96:f0:14:c0:e3:98:5a:02:3d: 52:59:0b:f0:e4:f1:ab:b0:39:eb:ff:aa:da:61:7e:74:d2:8c: 46:cb:7d:bd:fe:40:ca:ce:3a:c3:cf:02:37:4a:22:c9:05:03: 1d:21:d2:eb:b9:01:fa:38:83:2c:fd:8b:97:e6:f5:2e:ff:41: 66:31:3c:b2:91:67:d7:e0:53:db:38:ba:b2:da:b9:f4:25:41: c8:64:66:79:91:27:ba:ad:f3:27:cd:92:7f:e9:2b:9e:0f:29: 49:3b:68:08:b9:b3:fa:75:e6:55:a0:7a:8d:0e:5f:1a:63:e6: ee:94:fd:d1:7f:05:82:d1:4e:d1:fe:b6:d1:62:7e:81:db:6f: a0:4b:c7:0c:9e:67:d0:5b:bd:32:c5:c1:b3:c7:02:e0:53:c7: 02:c7:c6:5f:42:7f:b6:cc:c3:5f:18:5f:1e:f2:7f:31:73:49: 00:5f:9a:1b:cc:ab:1e:65:e3:b8:67:ff:ac:f1:b1:81:76:73: be:39:7f:7c:fe:80:64:58:fb:69:ae:09:f8:74:ea:9c:21:81: 06:16:c7:70:63:ef:80:f3:15:05:15:1d:83:33:91:de:ea:67: a2:d9:03:45:0a:50:71:92:b5:49:8e:ab:5e:d5:10:9e:91:36: f1:a3:24:be -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUOghsXAfGtdAF+MsSvkCkzkeUkVUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTAxNzAzNTUwMFoX DTI1MTAxNjA0MDAwMFowMzExMC8GA1UEAxMoMEEzMjNBREVERDgxNDAzMDg3NkRB NTU4QTJBNzQwMkJFNjBCRkE5MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMllwBf95q/UButSbukc1twz3TuekFXrCP5pyskxAyUqYgSvF5HyHMFJR7aS /jjBq54sgriNDy7xUm3nPsRGAdVF2h5CrQNbDbmqOySfl05/ZXxCWh8Qs1y6Fpfx ajM22PNvFUtQRR63HhfssGrtd4Wck8geWTtvLXz3rla+W11AnQCdbWr+tXzlSvun LJ0FSYrzrMY3rw1COhb/rMrMwCquVgC0SsgIbDnzuVnG49CBZSKqD/fQW7QEx7tc BkXPs87TRgAVw5iqjE2Kp7PHr0sXn6s1vp16zHVmGze3HebIHhygV7M5eNM2Kgsr pysNkiVzabKp/XWPP7y0F9vGwX0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQKMjre 3YFAMIdtpViip0Ar5gv6kTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzM4Nzc4LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAf5ADANBgkqhkiG9w0BAQsFAAOCAQEAHgH6p5+rZ1P6lvAUwOOY WgI9UlkL8OTxq7A56/+q2mF+dNKMRst9vf5Ays46w88CN0oiyQUDHSHS67kB+jiD LP2Ll+b1Lv9BZjE8spFn1+BT2zi6stq59CVByGRmeZEnuq3zJ82Sf+krng8pSTto CLmz+nXmVaB6jQ5fGmPm7pT90X8FgtFO0f620WJ+gdtvoEvHDJ5n0Fu9MsXBs8cC 4FPHAsfGX0J/tszDXxhfHvJ/MXNJAF+aG8yrHmXjuGf/rPGxgXZzvjl/fP6AZFj7 aa4J+HTqnCGBBhbHcGPvgPMVBRUdgzOR3upnotkDRQpQcZK1SY6rXtUQnpE28aMk vg== -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:50 2024 by rpki-client on console-ams.rpki-client.org