$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS59796.roa File: AS59796.roa (raw, json) Hash identifier: z2raJPaNINOixg9qvr/VttMn+UU/rzov5woYc7W8KqU= Subject key identifier: B9:12:94:C9:E2:F1:D3:36:AB:E1:37:4D:AF:40:3D:D1:DC:47:C7:CF Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 646F6D6176023B33A1A9640BC9F31EF1AE37DDDE Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS59796.roa Signing time: Wed 12 Feb 2025 08:56:27 +0000 ROA not before: Wed 12 Feb 2025 08:51:27 +0000 ROA not after: Wed 11 Feb 2026 08:56:27 +0000 asID: 59796 IP address blocks: 160.25.252.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 19:57:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:6f:6d:61:76:02:3b:33:a1:a9:64:0b:c9:f3:1e:f1:ae:37:dd:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 12 08:51:27 2025 GMT Not After : Feb 11 08:56:27 2026 GMT Subject: CN=B91294C9E2F1D336ABE1374DAF403DD1DC47C7CF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:15:38:f5:b6:96:97:28:84:6c:dd:0d:64:d7: 81:12:78:eb:bd:7b:8c:0c:4c:ab:a1:28:2f:4a:c1: fb:90:f4:ef:cc:98:31:a7:14:63:ef:d6:ad:51:98: 55:10:06:ee:60:d9:5f:d9:e1:09:fa:b3:68:70:d8: 8f:91:bf:84:36:9b:6f:05:a6:18:d3:cc:7c:56:94: b0:10:27:fe:5e:95:7b:8d:48:1c:30:81:65:4f:b7: 01:f6:51:f3:7b:71:c9:83:fb:1b:62:1d:f2:12:96: 19:70:5c:28:aa:3a:c7:bc:a4:b1:d7:a6:9b:74:58: 07:a4:d6:4b:8c:65:5a:12:9b:2f:b4:b5:17:03:b8: e6:c5:a7:58:e8:64:03:ff:12:e0:45:62:7b:cb:6f: 7e:dd:53:93:3f:9d:f5:dc:66:bf:b0:94:e6:0f:c3: b1:5f:61:e4:2a:94:28:9d:a8:7c:61:b0:e9:39:05: 92:fd:18:91:b9:df:05:d5:9a:ab:89:f6:cc:f0:d4: 5b:e1:a4:29:92:85:38:75:4b:b6:41:a6:b8:dc:e8: a9:07:9d:4a:4b:b1:20:6c:52:a0:6c:62:d4:76:8f: 3f:52:6f:fc:37:ec:a8:8a:a6:19:40:ac:08:3d:06: 2f:4e:e4:a2:f3:fc:30:13:68:33:a9:1e:4e:af:bb: 95:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:12:94:C9:E2:F1:D3:36:AB:E1:37:4D:AF:40:3D:D1:DC:47:C7:CF X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS59796.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.252.0/23 Signature Algorithm: sha256WithRSAEncryption 2e:b3:4c:6d:54:0d:8f:35:43:2c:79:16:f7:83:24:60:09:67: 0b:02:dc:87:93:58:02:a7:ac:e3:0a:5f:25:90:d0:7d:4b:08: f3:ca:d5:56:a0:ca:22:72:7b:88:ea:fe:23:db:f2:ae:59:7a: e3:8c:42:33:76:af:80:cb:f3:a2:2f:76:f3:2e:74:8e:fa:a4: 0c:12:ef:ca:cc:40:6c:29:f4:89:3f:66:39:ea:7e:d2:18:98: 1b:91:6d:e0:64:51:f4:bc:1a:93:d2:92:2c:ef:76:26:7e:24: 79:05:12:25:f6:d3:c3:05:be:0d:be:43:ea:e3:e6:2b:ba:30: 02:7f:07:70:e3:38:83:a1:0b:af:d5:77:2d:b0:72:28:98:57: b5:22:99:7c:1d:b3:c3:23:d1:e6:90:c0:fe:16:f3:2f:a4:4f: 29:0b:0d:c3:2b:0f:f2:bf:e5:9b:1a:2f:b5:97:61:ba:52:82: b8:02:f7:32:0d:13:f1:b3:a6:58:be:66:b3:97:44:9a:c5:60: 7a:fa:40:1a:9f:48:28:0e:fc:34:93:03:b3:28:e3:db:c4:91: 03:3e:98:76:8c:4f:16:17:e8:2a:d1:af:2e:38:fa:f9:bd:0b: 6f:32:90:d2:66:5d:63:14:57:21:44:c9:ef:6d:c0:bb:f7:22: 35:1b:75:90 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUZG9tYXYCOzOhqWQLyfMe8a433d4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIxMjA4NTEyN1oX DTI2MDIxMTA4NTYyN1owMzExMC8GA1UEAxMoQjkxMjk0QzlFMkYxRDMzNkFCRTEz NzREQUY0MDNERDFEQzQ3QzdDRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALwVOPW2lpcohGzdDWTXgRJ46717jAxMq6EoL0rB+5D078yYMacUY+/WrVGY VRAG7mDZX9nhCfqzaHDYj5G/hDabbwWmGNPMfFaUsBAn/l6Ve41IHDCBZU+3AfZR 83txyYP7G2Id8hKWGXBcKKo6x7yksdemm3RYB6TWS4xlWhKbL7S1FwO45sWnWOhk A/8S4EVie8tvft1Tkz+d9dxmv7CU5g/DsV9h5CqUKJ2ofGGw6TkFkv0YkbnfBdWa q4n2zPDUW+GkKZKFOHVLtkGmuNzoqQedSkuxIGxSoGxi1HaPP1Jv/DfsqIqmGUCs CD0GL07kovP8MBNoM6keTq+7lYcCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBS5EpTJ 4vHTNqvhN02vQD3R3EfHzzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzU5Nzk2LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBoBn8MA0GCSqGSIb3DQEBCwUAA4IBAQAus0xtVA2PNUMseRb3gyRg CWcLAtyHk1gCp6zjCl8lkNB9SwjzytVWoMoicnuI6v4j2/KuWXrjjEIzdq+Ay/Oi L3bzLnSO+qQMEu/KzEBsKfSJP2Y56n7SGJgbkW3gZFH0vBqT0pIs73YmfiR5BRIl 9tPDBb4NvkPq4+YrujACfwdw4ziDoQuv1XctsHIomFe1Ipl8HbPDI9HmkMD+FvMv pE8pCw3DKw/yv+WbGi+1l2G6UoK4AvcyDRPxs6ZYvmazl0SaxWB6+kAan0goDvw0 kwOzKOPbxJEDPph2jE8WF+gq0a8uOPr5vQtvMpDSZl1jFFchRMnvbcC79yI1G3WQ -----END CERTIFICATE-----Generated at Thu Apr 24 18:01:27 2025 by rpki-client on console.sobornost.net