$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS63878.roa File: AS63878.roa (raw, json) Hash identifier: 2JrA1Rpon/tgY93MyLue4kSFY3zTghYhERTHx19h57k= Subject key identifier: 1F:90:59:EF:CA:A7:51:31:B3:CA:D1:20:8D:0D:B2:8E:9D:DD:34:98 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2CD772E3D8B31B356878A5C45F209ED6B1AC672C Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS63878.roa Signing time: Tue 09 Jan 2024 04:00:12 +0000 ROA not before: Tue 09 Jan 2024 03:55:12 +0000 ROA not after: Tue 07 Jan 2025 04:00:12 +0000 asID: 63878 IP address blocks: 2400:46e0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 13:23:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:d7:72:e3:d8:b3:1b:35:68:78:a5:c4:5f:20:9e:d6:b1:ac:67:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:12 2024 GMT Not After : Jan 7 04:00:12 2025 GMT Subject: CN=1F9059EFCAA75131B3CAD1208D0DB28E9DDD3498 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:a3:21:63:38:68:4b:a2:1e:76:3f:d1:6d:33: 42:ab:bb:8a:50:7a:c6:78:c9:50:12:9d:b2:53:7a: 70:35:2e:cd:bf:b6:67:c1:7b:8d:7c:ff:ec:8e:49: 8a:c3:93:13:4a:73:3b:4c:84:d0:aa:69:f3:3c:99: 5c:9e:27:16:77:25:39:72:8e:97:4f:5b:b0:c5:d7: b2:16:29:4b:4c:18:cf:7d:36:fe:1a:57:b2:60:04: 16:11:68:16:62:d7:94:a1:78:28:6b:93:75:7e:cb: 93:7f:2e:bf:4c:8b:18:a2:8a:47:af:19:ad:53:58: e0:f1:c1:c5:8f:87:71:54:63:f1:4a:06:40:c4:4b: 11:ed:84:1c:4d:6d:8d:98:2b:da:30:0b:74:d9:70: 4c:0f:25:e6:ed:26:9f:7a:8a:3c:a8:11:60:3e:f6: 33:7e:07:03:8c:41:d5:d7:bc:98:a6:e0:a6:0b:59: b4:e0:c0:ee:11:e8:eb:ea:1d:6a:62:71:05:b2:ea: ca:ef:f7:52:bb:30:92:db:82:0d:59:2e:8e:fb:a1: d0:a0:88:31:eb:8f:1e:49:dc:6b:1e:90:dc:1c:4d: e9:16:9a:4d:57:7c:53:cf:e3:e3:61:56:a5:9b:7c: 3b:5f:90:e0:b9:a9:0e:f5:e2:5d:bf:8a:d4:15:d1: 65:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:90:59:EF:CA:A7:51:31:B3:CA:D1:20:8D:0D:B2:8E:9D:DD:34:98 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS63878.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:46e0::/32 Signature Algorithm: sha256WithRSAEncryption 7a:b3:63:bb:89:36:f0:6c:a1:6b:6a:9c:67:90:83:be:fb:ba: 3f:12:11:b1:4f:02:10:a3:a1:b8:58:23:8e:dd:a3:92:05:0e: ea:cc:80:28:17:81:dd:1e:2c:8a:5c:4a:e8:07:d7:d6:82:62: b6:b8:11:ea:de:d7:2c:78:53:04:7b:33:73:ab:df:4c:17:dc: 23:f4:e1:16:de:87:5c:67:ad:17:e6:76:a5:a6:35:cb:09:4a: 9d:f1:78:f3:a8:10:4c:67:06:aa:e9:d1:03:8f:c7:a1:b5:74: cb:88:3e:52:4a:b0:ec:96:80:44:59:b3:b9:72:8b:66:30:82: 9c:18:2e:df:b8:d7:7f:c3:3d:4e:f6:83:c0:08:94:9a:64:c5: af:7c:d6:83:80:67:8c:40:d6:f4:c5:9b:d4:1e:bf:82:61:57: 93:ba:41:aa:d9:19:c4:f9:32:a6:53:d8:69:c1:f7:f3:08:8c: 58:83:35:55:75:ab:c2:36:fa:db:25:28:69:7c:aa:73:c1:94: 48:a5:ee:11:b7:b3:0e:96:50:d4:44:85:f4:dd:e2:75:60:08: a3:3e:fd:ba:a2:df:0f:b7:f2:06:13:13:08:4a:f5:52:28:d0: 45:14:78:8f:6a:7c:1e:86:e0:55:60:ce:c4:c0:ff:6b:e6:25: 84:84:91:7e -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIULNdy49izGzVoeKXEXyCe1rGsZywwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUxMloX DTI1MDEwNzA0MDAxMlowMzExMC8GA1UEAxMoMUY5MDU5RUZDQUE3NTEzMUIzQ0FE MTIwOEQwREIyOEU5REREMzQ5ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANmjIWM4aEuiHnY/0W0zQqu7ilB6xnjJUBKdslN6cDUuzb+2Z8F7jXz/7I5J isOTE0pzO0yE0Kpp8zyZXJ4nFnclOXKOl09bsMXXshYpS0wYz302/hpXsmAEFhFo FmLXlKF4KGuTdX7Lk38uv0yLGKKKR68ZrVNY4PHBxY+HcVRj8UoGQMRLEe2EHE1t jZgr2jALdNlwTA8l5u0mn3qKPKgRYD72M34HA4xB1de8mKbgpgtZtODA7hHo6+od amJxBbLqyu/3UrswktuCDVkujvuh0KCIMeuPHkncax6Q3BxN6RaaTVd8U8/j42FW pZt8O1+Q4LmpDvXiXb+K1BXRZccCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQfkFnv yqdRMbPK0SCNDbKOnd00mDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzYzODc4LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABG4DANBgkqhkiG9w0BAQsFAAOCAQEAerNju4k28Gyha2qcZ5CD vvu6PxIRsU8CEKOhuFgjjt2jkgUO6syAKBeB3R4silxK6AfX1oJitrgR6t7XLHhT BHszc6vfTBfcI/ThFt6HXGetF+Z2paY1ywlKnfF486gQTGcGqunRA4/HobV0y4g+ Ukqw7JaARFmzuXKLZjCCnBgu37jXf8M9TvaDwAiUmmTFr3zWg4BnjEDW9MWb1B6/ gmFXk7pBqtkZxPkyplPYacH38wiMWIM1VXWrwjb62yUoaXyqc8GUSKXuEbezDpZQ 1ESF9N3idWAIoz79uqLfD7fyBhMTCEr1UijQRRR4j2p8HobgVWDOxMD/a+YlhISR fg== -----END CERTIFICATE-----Generated at Wed May 8 10:06:55 2024 by rpki-client on console-ams.rpki-client.org