$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152411.roa File: AS152411.roa (raw, json) Hash identifier: IXnOwxED1FOKMord/7+LbD2luH9+5gHOufLhJPtreoU= Subject key identifier: E0:13:A5:95:47:0F:46:85:25:1D:B1:43:EE:94:2F:11:32:A3:E2:B5 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 6F4D3CB7BC5BB12F97D7B056CF418C0197814C99 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152411.roa Signing time: Tue 03 Dec 2024 08:40:08 +0000 ROA not before: Tue 03 Dec 2024 08:35:08 +0000 ROA not after: Tue 02 Dec 2025 08:40:08 +0000 asID: 152411 IP address blocks: 2001:df3:a1c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 08 May 2025 14:41:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:4d:3c:b7:bc:5b:b1:2f:97:d7:b0:56:cf:41:8c:01:97:81:4c:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Dec 3 08:35:08 2024 GMT Not After : Dec 2 08:40:08 2025 GMT Subject: CN=E013A595470F4685251DB143EE942F1132A3E2B5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:65:a1:86:52:f8:5c:b0:f5:2d:c4:f1:9d:22: bd:9a:a6:2e:19:3e:d5:fa:0a:bc:41:0c:91:c2:cf: f7:9f:65:a6:24:9c:af:7d:0c:bb:d6:20:d0:9c:ce: 99:c3:c3:bd:8b:2b:1d:03:0a:3d:76:b2:b3:f2:7a: ef:23:fc:e6:b1:ca:1a:4b:bc:d5:70:f4:5b:26:80: 3d:76:ad:48:d8:64:1b:34:de:d0:27:23:77:59:96: d1:57:90:a8:f7:98:71:63:7c:c3:2c:99:90:bc:82: 87:7b:39:e9:34:3f:9e:c6:2b:95:cc:22:83:38:43: d8:a9:e0:4f:6f:07:e8:5f:e9:8e:32:5c:a0:aa:df: 32:ee:19:2b:f1:dd:7c:aa:2d:e6:57:e0:db:86:09: bd:0b:9d:f9:65:9e:fa:10:b0:d7:dd:18:de:86:06: 01:6d:ea:15:ab:11:9e:08:91:26:49:b5:eb:3e:56: b2:e1:14:c1:38:46:ba:5b:74:a4:83:11:b2:42:e6: 80:b1:9a:73:67:5d:70:19:9a:84:09:ef:c6:4e:a8: b8:16:43:88:49:6e:6e:bc:94:cb:5d:aa:13:57:02: b7:2d:d5:bb:25:84:b7:a5:72:8d:2f:3e:d1:3e:7b: cd:fc:37:9d:8e:8e:be:74:5c:0a:7f:c5:8e:4b:74: e1:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:13:A5:95:47:0F:46:85:25:1D:B1:43:EE:94:2F:11:32:A3:E2:B5 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152411.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:a1c0::/48 Signature Algorithm: sha256WithRSAEncryption 37:94:18:a6:7f:80:98:06:4c:9a:04:74:f3:f0:9c:d3:ff:e3: 33:1b:ce:b7:94:19:bf:4d:31:99:fa:c9:37:9a:42:2f:fc:a7: 71:e6:73:7d:27:0d:35:bc:29:c5:ba:d3:70:9b:e7:a2:63:18: d2:15:e9:3f:f4:8a:e0:2f:3b:11:8c:66:1b:8f:19:57:94:72: 5d:46:ee:3b:c2:ca:1c:d5:46:79:c5:6e:22:72:34:a0:56:d6: 3f:d5:e5:45:3d:ed:03:f5:9a:be:76:79:af:bf:db:67:58:6a: 4c:48:13:de:51:57:60:a3:41:71:2c:a4:d3:af:cf:19:22:2e: a0:f8:75:f3:dc:09:8b:57:b8:04:85:1e:bc:60:ff:8b:ad:ad: f8:16:d8:d9:04:f3:06:7d:a0:9a:5c:7c:13:f8:96:3a:b5:02: 32:e4:21:1e:c3:93:20:be:3d:4a:e2:6e:97:83:80:69:06:78: d2:01:0b:fd:15:99:bb:41:34:c9:9a:11:ab:a1:67:79:e5:4b: 73:ec:77:83:7c:c0:56:7f:9a:01:36:1d:3d:2c:a5:d5:0f:2a: 9c:61:33:b1:21:63:66:d7:77:4d:a1:2f:f9:1a:ef:01:44:38: ea:dc:cd:bb:7e:54:f4:bc:4a:fb:ae:47:4d:c5:15:58:1a:cb: 50:b8:66:3d -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUb008t7xbsS+X17BWz0GMAZeBTJkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIwMzA4MzUwOFoX DTI1MTIwMjA4NDAwOFowMzExMC8GA1UEAxMoRTAxM0E1OTU0NzBGNDY4NTI1MURC MTQzRUU5NDJGMTEzMkEzRTJCNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM5loYZS+Fyw9S3E8Z0ivZqmLhk+1foKvEEMkcLP959lpiScr30Mu9Yg0JzO mcPDvYsrHQMKPXays/J67yP85rHKGku81XD0WyaAPXatSNhkGzTe0Ccjd1mW0VeQ qPeYcWN8wyyZkLyCh3s56TQ/nsYrlcwigzhD2KngT28H6F/pjjJcoKrfMu4ZK/Hd fKot5lfg24YJvQud+WWe+hCw190Y3oYGAW3qFasRngiRJkm16z5WsuEUwThGult0 pIMRskLmgLGac2ddcBmahAnvxk6ouBZDiElubryUy12qE1cCty3VuyWEt6VyjS8+ 0T57zfw3nY6OvnRcCn/Fjkt04aUCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBTgE6WV Rw9GhSUdsUPulC8RMqPitTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjQxMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfOhwDANBgkqhkiG9w0BAQsFAAOCAQEAN5QYpn+AmAZMmgR0 8/Cc0//jMxvOt5QZv00xmfrJN5pCL/ynceZzfScNNbwpxbrTcJvnomMY0hXpP/SK 4C87EYxmG48ZV5RyXUbuO8LKHNVGecVuInI0oFbWP9XlRT3tA/WavnZ5r7/bZ1hq TEgT3lFXYKNBcSyk06/PGSIuoPh189wJi1e4BIUevGD/i62t+BbY2QTzBn2gmlx8 E/iWOrUCMuQhHsOTIL49SuJul4OAaQZ40gEL/RWZu0E0yZoRq6FneeVLc+x3g3zA Vn+aATYdPSyl1Q8qnGEzsSFjZtd3TaEv+RrvAUQ46tzNu35U9LxK+65HTcUVWBrL ULhmPQ== -----END CERTIFICATE-----Generated at Mon May 5 22:03:40 2025 by rpki-client