$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141109.roa File: AS141109.roa (raw, json) Hash identifier: YUIopsSY94lF34ldjsZmhMUhHhjyajCL07Ij3ZNENZA= Subject key identifier: 13:34:62:F0:91:A2:CC:C3:3F:EF:33:BB:E5:06:69:B1:4F:28:78:F4 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5962ED3F27F58128704A3929ED068DC1689B0950 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141109.roa Signing time: Tue 09 Jan 2024 04:00:15 +0000 ROA not before: Tue 09 Jan 2024 03:55:15 +0000 ROA not after: Tue 07 Jan 2025 04:00:15 +0000 asID: 141109 IP address blocks: 103.157.32.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 05:34:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:62:ed:3f:27:f5:81:28:70:4a:39:29:ed:06:8d:c1:68:9b:09:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:15 2024 GMT Not After : Jan 7 04:00:15 2025 GMT Subject: CN=133462F091A2CCC33FEF33BBE50669B14F2878F4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:76:78:24:31:1b:38:7e:67:40:ce:f9:97:4b: 37:21:1f:b8:3a:39:1c:56:45:87:88:cf:b4:df:23: 35:a6:e2:21:38:66:19:c7:ad:e6:d1:86:0d:de:60: 5e:e8:b0:dd:bc:a5:c1:99:95:32:ab:4d:45:e3:3f: aa:48:2c:ef:b8:9f:b3:50:20:ac:1a:67:c0:5b:9a: 2f:e5:d0:22:0e:69:e1:ac:b4:1e:3d:26:fc:d4:7e: ca:3f:db:aa:7b:52:13:e6:81:e4:e2:6c:bd:f1:a2: d3:cb:6c:29:11:ec:73:c0:3f:a3:89:55:1a:cd:da: 0b:e1:a8:17:e5:36:e4:97:4e:95:39:04:ce:20:7f: 7a:b4:f9:fe:fe:f3:ad:c6:8f:37:15:37:37:e4:9f: b6:43:6e:99:25:58:c8:8b:ec:e4:35:ff:fa:d2:b9: 83:bc:5a:95:b5:bf:30:2b:82:86:17:aa:52:c3:de: 7a:5e:84:c3:fc:93:1c:31:71:57:7e:ea:03:38:32: e5:25:1d:59:f1:62:e1:a7:23:a3:e3:db:2e:5d:33: 1e:12:b1:15:85:3d:4b:5a:f7:9b:6b:7c:57:9c:b7: 53:1c:0f:f8:ca:f6:a9:29:fc:af:48:1f:f8:b2:14: da:6f:c5:0e:99:b2:eb:6d:5a:c8:a5:df:03:9a:08: 33:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:34:62:F0:91:A2:CC:C3:3F:EF:33:BB:E5:06:69:B1:4F:28:78:F4 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141109.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.157.32.0/23 Signature Algorithm: sha256WithRSAEncryption 1e:81:37:52:f0:32:4c:e2:57:c9:92:0e:f6:c6:a6:5e:1f:9e: c8:4e:ba:ad:01:aa:09:01:e3:f8:71:cd:24:60:db:1e:be:60: 72:fd:15:e8:f0:64:e7:f4:85:41:07:f5:d7:b6:13:a3:82:44: 30:fa:04:e8:53:88:9a:57:ca:d0:ac:da:79:0f:4c:0c:2e:90: 89:ce:71:58:62:47:ef:16:e4:53:e6:91:5d:3e:a1:8d:73:fa: f9:18:6a:b7:96:3f:9b:b2:4a:e4:e5:f3:30:e1:b7:79:39:02: cf:a1:3c:8e:a7:d9:76:58:e0:2f:11:d4:3f:d1:b7:ef:ac:07: 23:ab:5e:ff:51:81:90:c4:ea:c5:59:78:1e:7b:a6:e8:e8:0d: 93:97:c9:88:22:48:5b:9c:76:51:a6:44:34:3d:aa:59:74:8d: b4:35:06:91:91:4e:18:c9:60:70:66:6d:11:58:34:f0:e6:f8: 76:fe:ef:29:a0:16:1a:37:72:16:d0:eb:63:37:e2:7d:34:27: 40:f7:d8:f0:c8:6c:06:10:4a:9d:0c:fc:d9:99:e7:a1:62:45: 51:85:24:fd:02:55:aa:47:97:c0:0e:4f:02:b3:4f:a5:94:f7: 05:cf:1a:42:7e:cb:a9:a1:48:4f:cc:28:8b:e1:37:fa:fc:31: c6:53:80:a2 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUWWLtPyf1gShwSjkp7QaNwWibCVAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUxNVoX DTI1MDEwNzA0MDAxNVowMzExMC8GA1UEAxMoMTMzNDYyRjA5MUEyQ0NDMzNGRUYz M0JCRTUwNjY5QjE0RjI4NzhGNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALB2eCQxGzh+Z0DO+ZdLNyEfuDo5HFZFh4jPtN8jNabiIThmGcet5tGGDd5g Xuiw3bylwZmVMqtNReM/qkgs77ifs1AgrBpnwFuaL+XQIg5p4ay0Hj0m/NR+yj/b qntSE+aB5OJsvfGi08tsKRHsc8A/o4lVGs3aC+GoF+U25JdOlTkEziB/erT5/v7z rcaPNxU3N+SftkNumSVYyIvs5DX/+tK5g7xalbW/MCuChheqUsPeel6Ew/yTHDFx V37qAzgy5SUdWfFi4acjo+PbLl0zHhKxFYU9S1r3m2t8V5y3UxwP+Mr2qSn8r0gf +LIU2m/FDpmy621ayKXfA5oIMzsCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQTNGLw kaLMwz/vM7vlBmmxTyh49DAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MTEwOS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWedIDANBgkqhkiG9w0BAQsFAAOCAQEAHoE3UvAyTOJXyZIO9sam Xh+eyE66rQGqCQHj+HHNJGDbHr5gcv0V6PBk5/SFQQf117YTo4JEMPoE6FOImlfK 0KzaeQ9MDC6Qic5xWGJH7xbkU+aRXT6hjXP6+Rhqt5Y/m7JK5OXzMOG3eTkCz6E8 jqfZdljgLxHUP9G376wHI6te/1GBkMTqxVl4Hnum6OgNk5fJiCJIW5x2UaZEND2q WXSNtDUGkZFOGMlgcGZtEVg08Ob4dv7vKaAWGjdyFtDrYzfifTQnQPfY8MhsBhBK nQz82ZnnoWJFUYUk/QJVqkeXwA5PArNPpZT3Bc8aQn7LqaFIT8woi+E3+vwxxlOA og== -----END CERTIFICATE-----Generated at Thu May 2 23:02:00 2024 by rpki-client on console-fra.rpki-client.org