$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141947.roa File: AS141947.roa (raw, json) Hash identifier: oZhcspVBFb89Q58mqD4M0M08etNE+cIrYpMkZ9+8GIg= Subject key identifier: 1F:14:07:74:71:B5:A9:C9:C5:DE:E4:68:5B:A8:3D:D5:73:C3:5E:52 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 489CA9C5ECCCCBAACC3E0CB3F04D558A36441177 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141947.roa Signing time: Wed 09 Apr 2025 04:00:00 +0000 ROA not before: Wed 09 Apr 2025 03:55:00 +0000 ROA not after: Wed 08 Apr 2026 04:00:00 +0000 asID: 141947 IP address blocks: 2001:df2:6c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 20:52:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:9c:a9:c5:ec:cc:cb:aa:cc:3e:0c:b3:f0:4d:55:8a:36:44:11:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Apr 9 03:55:00 2025 GMT Not After : Apr 8 04:00:00 2026 GMT Subject: CN=1F14077471B5A9C9C5DEE4685BA83DD573C35E52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:cc:ac:e5:91:4a:ab:19:49:ae:29:40:12:8d: a1:12:0b:3f:61:7d:10:e4:f9:a0:2a:0f:15:b6:3a: 73:6c:a2:73:87:bb:ab:c6:7f:c8:81:26:9c:7d:f7: b9:dd:ec:52:a7:27:61:d0:bc:95:0a:da:e1:9f:86: 36:3a:5f:0f:02:2a:d4:b4:05:92:5e:79:7e:73:20: d7:f4:80:46:89:d4:1a:93:17:98:d1:87:8a:ea:6f: 5e:a7:1e:9d:53:43:69:ef:77:55:a6:11:e9:06:3a: df:50:f9:04:df:9b:45:e9:60:38:5c:7d:73:42:a6: f3:79:03:f9:12:39:5c:fd:0b:db:3b:33:df:19:23: 10:cf:82:4e:a7:cb:71:e5:0d:da:89:1e:5b:8c:fb: 5c:85:5f:a4:81:8d:cf:07:85:a9:db:4b:af:5e:86: bc:77:b4:45:ec:25:46:09:7f:25:49:ed:4c:ef:d0: 42:7c:d5:d3:06:4f:21:a6:16:11:09:26:fc:06:dd: 27:0c:d2:11:4d:d3:88:5c:e9:b8:2a:b1:97:a6:72: bb:9c:fd:26:40:fa:74:33:79:2d:2a:b8:c5:ef:cd: 53:dd:d5:35:a8:27:ab:8f:3f:83:23:49:d5:a4:35: 2b:05:69:ca:80:f5:08:ce:22:6b:a1:23:82:6a:68: c3:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:14:07:74:71:B5:A9:C9:C5:DE:E4:68:5B:A8:3D:D5:73:C3:5E:52 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141947.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:6c0::/48 Signature Algorithm: sha256WithRSAEncryption 6e:bb:3e:a3:ea:96:ac:6c:75:93:dd:27:9b:27:ec:4f:fe:fa: fd:14:c9:f0:6e:99:41:e6:f5:13:3c:6a:83:89:f8:a0:2c:a0: 35:a0:7a:5c:15:37:2b:c8:40:81:87:45:51:ba:03:d9:c9:71: 9c:97:14:a7:11:2e:9c:fd:45:75:a0:02:b7:bd:38:3a:a1:0a: a2:74:cf:99:22:6f:ac:88:88:b6:d5:9a:d1:23:32:ed:b5:44: af:bb:82:6e:89:11:20:70:bf:f9:bf:fc:2f:45:b1:7c:b1:86: dc:67:c5:f7:05:32:fe:8e:78:54:8a:f3:2b:0d:1a:6e:93:d2: 73:8f:f9:dc:c9:86:5c:21:55:49:1f:8f:9a:56:95:a3:de:3b: 01:c5:27:58:77:c9:90:8f:55:b2:d0:0f:66:6c:bf:cf:81:2a: 62:1f:83:e2:5d:83:d0:94:ae:f3:73:57:45:c2:3e:db:0d:69: 90:9e:51:49:5e:ec:11:8e:4b:d7:cb:5d:ea:d7:95:40:35:fc: 65:95:46:53:1c:e5:42:ed:d7:e3:9f:8a:78:c8:c7:3e:06:b3: a3:45:21:c6:8b:eb:3d:d5:b7:43:d4:37:7a:3b:f6:75:c2:14: 0a:41:2b:89:d6:49:ba:a7:e1:9e:c9:9d:b7:b9:51:9e:36:14: 97:e1:8f:05 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUSJypxezMy6rMPgyz8E1VijZEEXcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDQwOTAzNTUwMFoX DTI2MDQwODA0MDAwMFowMzExMC8GA1UEAxMoMUYxNDA3NzQ3MUI1QTlDOUM1REVF NDY4NUJBODNERDU3M0MzNUU1MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKzMrOWRSqsZSa4pQBKNoRILP2F9EOT5oCoPFbY6c2yic4e7q8Z/yIEmnH33 ud3sUqcnYdC8lQra4Z+GNjpfDwIq1LQFkl55fnMg1/SARonUGpMXmNGHiupvXqce nVNDae93VaYR6QY631D5BN+bRelgOFx9c0Km83kD+RI5XP0L2zsz3xkjEM+CTqfL ceUN2okeW4z7XIVfpIGNzweFqdtLr16GvHe0RewlRgl/JUntTO/QQnzV0wZPIaYW EQkm/AbdJwzSEU3TiFzpuCqxl6Zyu5z9JkD6dDN5LSq4xe/NU93VNagnq48/gyNJ 1aQ1KwVpyoD1CM4ia6Ejgmpow+0CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQfFAd0 cbWpycXe5GhbqD3Vc8NeUjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MTk0Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfIGwDANBgkqhkiG9w0BAQsFAAOCAQEAbrs+o+qWrGx1k90n myfsT/76/RTJ8G6ZQeb1Ezxqg4n4oCygNaB6XBU3K8hAgYdFUboD2clxnJcUpxEu nP1FdaACt704OqEKonTPmSJvrIiIttWa0SMy7bVEr7uCbokRIHC/+b/8L0WxfLGG 3GfF9wUy/o54VIrzKw0abpPSc4/53MmGXCFVSR+PmlaVo947AcUnWHfJkI9VstAP Zmy/z4EqYh+D4l2D0JSu83NXRcI+2w1pkJ5RSV7sEY5L18td6teVQDX8ZZVGUxzl Qu3X45+KeMjHPgazo0UhxovrPdW3Q9Q3ejv2dcIUCkEridZJuqfhnsmdt7lRnjYU l+GPBQ== -----END CERTIFICATE-----Generated at Thu Apr 24 20:37:19 2025 by rpki-client on console.sobornost.net