$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138880.roa File: AS138880.roa (raw, json) Hash identifier: ZCc8wzUw8PWr+6lzfuQa/Q3ZBFZ9gnkc1yvrJ+whzBA= Subject key identifier: 24:8E:34:5E:F0:DA:EA:8C:77:CA:FB:F6:F8:02:70:4C:E3:18:DB:29 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 294689074DD3002D86D178E7C7691090C8DD16C3 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138880.roa Signing time: Tue 09 Jan 2024 04:00:20 +0000 ROA not before: Tue 09 Jan 2024 03:55:20 +0000 ROA not after: Tue 07 Jan 2025 04:00:20 +0000 asID: 138880 IP address blocks: 103.140.184.0/24 maxlen: 24 2001:df0:e180::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 04 May 2024 06:31:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:46:89:07:4d:d3:00:2d:86:d1:78:e7:c7:69:10:90:c8:dd:16:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:20 2024 GMT Not After : Jan 7 04:00:20 2025 GMT Subject: CN=248E345EF0DAEA8C77CAFBF6F802704CE318DB29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:4c:65:2a:4d:40:bf:9e:da:d7:d0:aa:63:be: d5:fe:ed:2c:07:cf:6f:17:55:a1:74:98:1e:97:7e: 1f:10:1b:9e:08:6b:bb:9f:a8:b7:bf:3f:c0:ee:eb: 78:cf:4a:8e:bb:9b:65:f8:11:19:18:a9:d6:36:85: 42:6f:58:b7:f9:be:88:85:31:56:89:4d:db:5a:7a: 9c:1b:d6:26:63:54:65:0e:f6:4d:fb:8b:e0:99:70: ed:1b:b6:95:7e:de:f7:64:3a:5c:ea:46:26:06:51: 97:d3:2f:f8:bf:99:da:c9:32:29:67:ec:11:2b:cd: 0e:c7:66:4c:f6:25:34:81:5f:25:7c:fa:f2:8c:e1: 13:4e:6f:19:2d:92:64:5c:3a:49:ab:24:8f:e2:b2: 93:53:1e:77:62:a5:42:0e:fc:a0:ab:27:29:dd:17: a9:54:d7:43:bd:c1:25:23:a6:d1:83:89:48:99:88: 30:74:b4:3a:ed:20:37:c0:4b:e7:cb:c0:88:e1:ec: ab:e2:e2:f3:c9:d0:24:21:ab:d1:02:ab:14:1c:da: 1c:a8:26:fe:f7:9c:38:fe:e2:3a:d9:35:71:75:28: 7e:01:03:0f:37:83:b1:9c:f2:92:52:34:d6:23:40: 6f:f4:a9:86:bc:54:69:25:c8:14:04:73:27:3c:85: c5:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:8E:34:5E:F0:DA:EA:8C:77:CA:FB:F6:F8:02:70:4C:E3:18:DB:29 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138880.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.140.184.0/24 IPv6: 2001:df0:e180::/48 Signature Algorithm: sha256WithRSAEncryption 04:7f:f8:60:9f:00:51:1c:3e:77:40:9c:29:ce:dd:5f:7d:47: 70:f7:72:cd:91:21:3b:3c:c1:5f:df:dd:24:34:78:8f:8c:e8: 72:65:94:c3:4d:eb:fd:9c:5f:15:fd:ed:db:5d:e9:fa:b5:db: a0:72:2c:f0:1d:48:cc:18:8f:a2:ea:95:c0:cf:d0:0d:5f:41: 02:aa:5c:2d:51:ce:76:85:35:d8:8a:57:2a:3e:e3:89:ea:af: b8:f0:86:53:82:39:c3:8c:a8:db:fd:fd:a5:50:8d:d7:f5:d5: f4:c2:98:1c:f2:4d:30:fa:d9:e8:6a:bf:e1:57:7f:87:f5:79: 23:02:ae:5b:a9:64:61:d5:d6:4c:59:6c:eb:77:0c:13:e5:09: 60:a3:6b:5c:7b:8b:9d:b9:7d:8b:3a:1d:b8:11:b9:f5:57:56: 93:79:5b:35:c4:25:77:ab:a0:29:1b:c0:9f:11:91:a0:1f:7f: 6a:a4:ca:28:83:68:59:0f:80:5b:8e:03:12:b2:5e:df:0f:ac: 1d:53:2a:56:09:73:12:83:1d:21:7c:56:80:40:ed:75:2b:74: ff:7f:ea:c5:c5:36:c0:bd:65:0a:2a:30:fe:ee:6b:7a:85:64: 67:39:39:b2:18:93:d7:8a:38:90:34:be:a2:4d:f3:71:db:99: a4:a5:6d:62 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUKUaJB03TAC2G0Xjnx2kQkMjdFsMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUyMFoX DTI1MDEwNzA0MDAyMFowMzExMC8GA1UEAxMoMjQ4RTM0NUVGMERBRUE4Qzc3Q0FG QkY2RjgwMjcwNENFMzE4REIyOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO5MZSpNQL+e2tfQqmO+1f7tLAfPbxdVoXSYHpd+HxAbnghru5+ot78/wO7r eM9KjrubZfgRGRip1jaFQm9Yt/m+iIUxVolN21p6nBvWJmNUZQ72TfuL4Jlw7Ru2 lX7e92Q6XOpGJgZRl9Mv+L+Z2skyKWfsESvNDsdmTPYlNIFfJXz68ozhE05vGS2S ZFw6Saskj+Kyk1Med2KlQg78oKsnKd0XqVTXQ73BJSOm0YOJSJmIMHS0Ou0gN8BL 58vAiOHsq+Li88nQJCGr0QKrFBzaHKgm/vecOP7iOtk1cXUofgEDDzeDsZzyklI0 1iNAb/SphrxUaSXIFARzJzyFxbkCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBQkjjRe 8NrqjHfK+/b4AnBM4xjbKTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzODg4MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAGeMuDAPBAIAAjAJAwcAIAEN8OGAMA0GCSqGSIb3DQEBCwUAA4IB AQAEf/hgnwBRHD53QJwpzt1ffUdw93LNkSE7PMFf390kNHiPjOhyZZTDTev9nF8V /e3bXen6tdugcizwHUjMGI+i6pXAz9ANX0ECqlwtUc52hTXYilcqPuOJ6q+48IZT gjnDjKjb/f2lUI3X9dX0wpgc8k0w+tnoar/hV3+H9XkjAq5bqWRh1dZMWWzrdwwT 5Qlgo2tce4uduX2LOh24Ebn1V1aTeVs1xCV3q6ApG8CfEZGgH39qpMoog2hZD4Bb jgMSsl7fD6wdUypWCXMSgx0hfFaAQO11K3T/f+rFxTbAvWUKKjD+7mt6hWRnOTmy GJPXijiQNL6iTfNx25mkpW1i -----END CERTIFICATE-----Generated at Tue Apr 30 21:36:21 2024 by rpki-client on console-fra.rpki-client.org