$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58404.roa File: AS58404.roa (raw, json) Hash identifier: 8knvMhqKlPi/kJysVTSiWZF49OyBKtg9PPPsO7WrRrE= Subject key identifier: 97:8A:97:92:AC:C6:F1:4A:CA:C1:B0:55:48:F1:69:C8:F5:62:97:98 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3AE6C1CE4AB2E04166506D2E012B864854A885F5 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58404.roa Signing time: Tue 09 Jan 2024 04:00:30 +0000 ROA not before: Tue 09 Jan 2024 03:55:30 +0000 ROA not after: Tue 07 Jan 2025 04:00:30 +0000 asID: 58404 IP address blocks: 123.253.28.0/22 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:e6:c1:ce:4a:b2:e0:41:66:50:6d:2e:01:2b:86:48:54:a8:85:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:30 2024 GMT Not After : Jan 7 04:00:30 2025 GMT Subject: CN=978A9792ACC6F14ACAC1B05548F169C8F5629798 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:36:00:4d:7e:9c:c6:ca:81:6a:b1:e4:ba:48: 3b:de:3b:de:d1:2f:c7:bc:3f:a6:f2:7c:ed:85:2d: 1c:48:50:13:23:c1:53:72:2b:a5:39:71:99:bf:0d: 64:df:6e:d8:be:45:54:77:4c:12:66:38:9d:4c:c6: 7e:c8:91:91:f9:05:ab:b1:65:c9:84:27:f2:a2:08: d8:64:8a:2c:8e:c7:14:52:ec:e9:8c:f2:9e:f1:eb: e6:1c:f2:a3:db:af:57:7c:4e:43:4d:74:72:f9:74: 6c:a5:03:b3:7f:f4:0b:11:95:a2:7d:a1:50:ed:94: c4:f3:2e:c8:bb:58:87:46:f1:6f:e1:c9:03:06:57: 10:11:4f:66:93:1a:38:f1:ab:a7:2c:2f:c3:66:bf: e0:6b:35:e4:82:a1:91:fe:bb:25:ed:df:5e:40:74: b7:6a:7a:01:09:e3:2f:59:b2:3f:e2:7f:9e:e6:e1: 6b:64:10:b7:a2:48:78:61:01:1e:65:96:4b:f4:3e: 51:1d:3f:db:7a:e6:a6:a9:bf:33:d3:8a:2b:0f:aa: 92:93:be:10:66:2f:29:30:53:46:3c:84:fa:89:a3: d2:62:c3:69:ca:76:07:30:d4:78:52:dc:10:ba:d2: b1:cc:9d:15:44:fe:c9:bf:59:ca:2a:3c:d0:86:4b: 2a:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:8A:97:92:AC:C6:F1:4A:CA:C1:B0:55:48:F1:69:C8:F5:62:97:98 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58404.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 123.253.28.0/22 Signature Algorithm: sha256WithRSAEncryption 7e:79:3c:5e:0d:a6:1b:56:22:d7:a5:0d:91:0b:3e:a8:6d:77: 83:05:f3:e4:96:f5:9d:ca:bc:ff:0a:d3:94:1e:8a:be:ad:1b: 50:fc:99:ed:d0:7e:7f:f1:cd:d7:bd:df:5a:2b:4f:94:88:e2: ec:a7:28:fb:60:4e:7b:5d:6a:65:81:51:76:37:53:46:3a:32: fb:2f:c8:e9:8a:59:51:58:66:84:e6:a1:14:49:de:61:aa:c2: 56:1e:8c:2a:b8:e5:c5:0d:68:ac:3c:19:ed:8b:64:b6:7d:2d: 2f:7d:f2:32:c7:e0:ac:46:f5:db:eb:4e:81:3b:e8:5c:a2:7a: 61:34:72:22:2c:3f:6d:52:90:ed:60:fe:18:e9:84:eb:24:ac: 4d:3f:e0:81:8a:1c:56:ba:c7:11:82:f0:83:e4:44:da:4d:5f: 17:39:ab:0c:d5:90:c8:b0:10:b9:74:a9:cc:76:74:39:8b:64: c0:4a:7a:d1:2c:f5:c3:c4:27:72:95:5e:06:df:0e:23:25:bc: 8a:0a:8f:b7:d0:c8:bb:41:00:dd:45:16:40:a0:97:05:89:66: c1:4a:30:f4:10:1f:86:4d:c3:e9:3a:70:06:c7:34:17:c4:97: 30:5b:f7:65:48:e6:e1:80:25:6c:f4:b2:50:56:99:d4:74:26: 19:6e:0e:9d -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUOubBzkqy4EFmUG0uASuGSFSohfUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUzMFoX DTI1MDEwNzA0MDAzMFowMzExMC8GA1UEAxMoOTc4QTk3OTJBQ0M2RjE0QUNBQzFC MDU1NDhGMTY5QzhGNTYyOTc5ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMY2AE1+nMbKgWqx5LpIO9473tEvx7w/pvJ87YUtHEhQEyPBU3IrpTlxmb8N ZN9u2L5FVHdMEmY4nUzGfsiRkfkFq7FlyYQn8qII2GSKLI7HFFLs6YzynvHr5hzy o9uvV3xOQ010cvl0bKUDs3/0CxGVon2hUO2UxPMuyLtYh0bxb+HJAwZXEBFPZpMa OPGrpywvw2a/4Gs15IKhkf67Je3fXkB0t2p6AQnjL1myP+J/nubha2QQt6JIeGEB HmWWS/Q+UR0/23rmpqm/M9OKKw+qkpO+EGYvKTBTRjyE+omj0mLDacp2BzDUeFLc ELrSscydFUT+yb9Zyio80IZLKgkCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBSXipeS rMbxSsrBsFVI8WnI9WKXmDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzU4NDA0LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCe/0cMA0GCSqGSIb3DQEBCwUAA4IBAQB+eTxeDaYbViLXpQ2RCz6o bXeDBfPklvWdyrz/CtOUHoq+rRtQ/Jnt0H5/8c3Xvd9aK0+UiOLspyj7YE57XWpl gVF2N1NGOjL7L8jpillRWGaE5qEUSd5hqsJWHowquOXFDWisPBnti2S2fS0vffIy x+CsRvXb606BO+hconphNHIiLD9tUpDtYP4Y6YTrJKxNP+CBihxWuscRgvCD5ETa TV8XOasM1ZDIsBC5dKnMdnQ5i2TASnrRLPXDxCdylV4G3w4jJbyKCo+30Mi7QQDd RRZAoJcFiWbBSjD0EB+GTcPpOnAGxzQXxJcwW/dlSObhgCVs9LJQVpnUdCYZbg6d -----END CERTIFICATE-----Generated at Mon Nov 25 13:01:58 2024 by rpki-client on console-fra.rpki-client.org