$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS7597.roa File: AS7597.roa (raw, json) Hash identifier: rC62XRZCkvA+O3IDecPObLWE58NN6F+8984hKvBo5OE= Subject key identifier: 9B:63:1C:29:04:BA:D1:2A:C0:BD:CA:80:9C:7C:A6:8F:EB:28:6E:80 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 41855FC6D83CFB231701830047C6332E47150ABC Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS7597.roa Signing time: Mon 22 Jul 2024 08:00:00 +0000 ROA not before: Mon 22 Jul 2024 07:55:00 +0000 ROA not after: Mon 21 Jul 2025 08:00:00 +0000 asID: 7597 IP address blocks: 123.108.8.0/21 maxlen: 24 203.119.13.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 06:34:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:85:5f:c6:d8:3c:fb:23:17:01:83:00:47:c6:33:2e:47:15:0a:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Jul 22 07:55:00 2024 GMT Not After : Jul 21 08:00:00 2025 GMT Subject: CN=9B631C2904BAD12AC0BDCA809C7CA68FEB286E80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:d5:60:f3:43:b2:f9:a1:87:36:fe:d1:bc:fa: 7b:84:b3:71:03:bc:f0:5e:94:af:f7:6d:03:72:9f: a9:99:cf:4d:c0:99:0e:d3:30:df:0c:52:11:66:6d: 3d:0a:f0:2e:9d:80:c4:64:8f:4f:43:6e:bb:b9:71: 56:35:3b:b9:80:0d:c9:75:69:17:e4:37:45:ee:d5: 53:36:99:6c:57:44:61:fe:97:58:9c:45:0b:c4:64: e7:e3:df:5f:89:0e:88:e7:af:ab:89:21:31:98:28: 60:51:c3:3a:14:84:e6:68:1e:ee:b9:c4:f4:df:3f: f7:d9:7e:2d:bd:e0:f6:3a:ad:98:57:15:40:23:75: b5:65:63:f8:a3:31:99:d3:63:f5:1c:c2:cc:d4:7c: 47:0d:30:86:fb:56:c3:84:ee:d5:d9:7e:25:18:4b: ce:72:1e:f3:e8:9f:55:de:0a:3c:43:06:e7:3b:69: 8a:bb:30:9e:3e:2f:cd:67:85:2c:40:12:6d:83:e0: c6:f4:2f:19:a7:62:b9:62:a7:71:a2:e4:91:82:ba: 81:be:cd:df:6b:3c:7d:b7:26:0d:a2:ef:37:65:7d: 54:19:31:2d:4b:98:b8:f7:26:06:00:87:6e:aa:79: 64:e7:4c:c3:75:d4:bc:35:d3:3d:53:92:3e:0a:23: 12:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:63:1C:29:04:BA:D1:2A:C0:BD:CA:80:9C:7C:A6:8F:EB:28:6E:80 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS7597.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 123.108.8.0/21 203.119.13.0/24 Signature Algorithm: sha256WithRSAEncryption 6f:7e:4a:de:89:aa:d4:c7:61:de:76:13:7b:dd:90:8f:c5:52: ff:28:13:b8:ab:34:0c:bc:ca:fd:51:0d:74:67:47:14:ff:fa: 8c:21:89:c0:ce:2a:28:a9:aa:f0:7e:bc:16:ad:80:90:d5:de: 4c:a4:c9:0e:4f:11:3e:22:35:71:77:3b:31:8c:d3:1f:0c:f8: b7:05:02:ec:fd:67:0b:2c:cd:74:91:06:66:57:56:3c:1d:a1: c2:0b:45:91:d0:4e:e9:0c:01:a2:34:89:fd:10:1d:06:f7:57: b5:6f:b8:12:5d:8d:91:65:52:62:18:52:0b:f0:c8:22:cc:25: d4:1a:ec:e7:32:dd:84:21:c5:0d:ea:d4:eb:06:35:0b:f6:ee: 80:82:68:6b:b0:0d:3f:52:ea:db:61:eb:3a:28:07:d8:44:69: b3:2a:72:8e:f1:6d:36:e0:50:72:14:19:48:25:ec:f8:15:66: d1:21:a7:92:91:ea:dd:7f:2d:d6:ae:9f:d8:3c:95:1c:fd:5b: c2:33:62:a4:1e:6c:3f:8e:f4:fe:65:1f:49:1d:e4:f7:50:6c: 1a:3b:55:10:f2:fc:69:ba:ed:38:54:b6:b5:4e:69:73:c7:d1: 17:78:1a:d1:d3:76:a7:da:49:8e:cd:d3:52:6f:0a:d3:fe:5c: 29:e4:e8:69 -----BEGIN CERTIFICATE----- MIIE4TCCA8mgAwIBAgIUQYVfxtg8+yMXAYMAR8YzLkcVCrwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDcyMjA3NTUwMFoX DTI1MDcyMTA4MDAwMFowMzExMC8GA1UEAxMoOUI2MzFDMjkwNEJBRDEyQUMwQkRD QTgwOUM3Q0E2OEZFQjI4NkU4MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALHVYPNDsvmhhzb+0bz6e4SzcQO88F6Ur/dtA3KfqZnPTcCZDtMw3wxSEWZt PQrwLp2AxGSPT0Nuu7lxVjU7uYANyXVpF+Q3Re7VUzaZbFdEYf6XWJxFC8Rk5+Pf X4kOiOevq4khMZgoYFHDOhSE5mge7rnE9N8/99l+Lb3g9jqtmFcVQCN1tWVj+KMx mdNj9RzCzNR8Rw0whvtWw4Tu1dl+JRhLznIe8+ifVd4KPEMG5ztpirswnj4vzWeF LEASbYPgxvQvGadiuWKncaLkkYK6gb7N32s8fbcmDaLvN2V9VBkxLUuYuPcmBgCH bqp5ZOdMw3XUvDXTPVOSPgojEm0CAwEAAaOCAdQwggHQMB0GA1UdDgQWBBSbYxwp BLrRKsC9yoCcfKaP6yhugDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFIGCCsGAQUFBwELBEYwRDBCBggrBgEFBQcwC4Y2cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzc1OTcucm9h MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIE AgABMAwDBAN7bAgDBADLdw0wDQYJKoZIhvcNAQELBQADggEBAG9+St6JqtTHYd52 E3vdkI/FUv8oE7irNAy8yv1RDXRnRxT/+owhicDOKiipqvB+vBatgJDV3kykyQ5P ET4iNXF3OzGM0x8M+LcFAuz9ZwsszXSRBmZXVjwdocILRZHQTukMAaI0if0QHQb3 V7VvuBJdjZFlUmIYUgvwyCLMJdQa7Ocy3YQhxQ3q1OsGNQv27oCCaGuwDT9S6tth 6zooB9hEabMqco7xbTbgUHIUGUgl7PgVZtEhp5KR6t1/Ldaun9g8lRz9W8IzYqQe bD+O9P5lH0kd5PdQbBo7VRDy/Gm67ThUtrVOaXPH0Rd4GtHTdqfaSY7N01JvCtP+ XCnk6Gk= -----END CERTIFICATE-----Generated at Sun Feb 16 21:06:19 2025 by rpki-client