$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/AS139994.roa File: AS139994.roa (raw, json) Hash identifier: qQltgFfwVL/3I/WF5jdvT+0y4h9eAXdWfrNk3+Op/RY= Subject key identifier: 8F:FB:CF:9C:51:B2:C9:B7:99:53:DE:F3:82:7E:51:2A:C1:B2:9D:98 Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA Certificate serial: 54D079079FEABBD934B8FF0A736E21CDACDCB8CB Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/AS139994.roa Signing time: Mon 22 Apr 2024 10:12:41 +0000 ROA not before: Mon 22 Apr 2024 10:07:41 +0000 ROA not after: Mon 21 Apr 2025 10:12:41 +0000 asID: 139994 IP address blocks: 103.3.220.0/22 maxlen: 22 103.3.220.0/24 maxlen: 24 103.3.221.0/24 maxlen: 24 103.3.222.0/24 maxlen: 24 2400:9800:6011::/48 maxlen: 48 2400:9800:6012::/48 maxlen: 48 2400:9800:6013::/48 maxlen: 48 2400:9800:6014::/48 maxlen: 48 2400:9800:6015::/48 maxlen: 48 2400:9800:6026::/48 maxlen: 48 2400:9800:6027::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 04 May 2024 13:47:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:d0:79:07:9f:ea:bb:d9:34:b8:ff:0a:73:6e:21:cd:ac:dc:b8:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA Validity Not Before: Apr 22 10:07:41 2024 GMT Not After : Apr 21 10:12:41 2025 GMT Subject: CN=8FFBCF9C51B2C9B79953DEF3827E512AC1B29D98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:1f:7f:43:1c:b6:d5:2b:f8:ac:5d:bc:cc:bb: 42:52:7b:c5:7d:d1:41:9c:1d:59:0c:64:64:24:4d: 9e:27:70:51:80:29:b5:9c:ad:f0:49:7e:c2:c6:02: bd:c1:1e:77:f8:6a:9d:ec:64:de:23:08:9b:32:bb: 8d:fa:48:93:3f:a3:d7:91:6d:da:f2:bf:bc:c8:da: 86:c3:e9:ab:f5:ed:e5:88:0c:29:ce:9a:25:60:cc: 61:57:2b:a0:88:74:99:a2:4c:39:f4:f7:79:9d:34: db:35:28:29:36:ab:18:ca:e0:84:61:31:17:58:3b: 68:5a:a4:16:51:b5:c1:8c:96:1f:de:2f:ba:19:a6: 67:28:47:80:9c:a4:3e:ab:fe:7b:43:f5:ab:94:12: 6a:0a:68:72:6a:f1:79:ea:48:c6:e4:81:9f:ab:86: dd:b9:ae:b4:0b:dd:a9:20:b0:bb:9b:90:ed:20:4d: 3d:7d:94:73:87:45:27:c5:76:c9:dd:fc:4c:4d:fb: d5:b3:d0:ea:ac:d9:91:d8:11:2e:a4:90:17:5f:22: 8c:5e:e9:ac:2c:f6:bc:2a:d8:da:69:e2:6e:68:53: bd:63:ac:7e:0c:d8:27:ef:17:03:a8:2d:0f:91:ae: 74:c3:7a:03:0c:0e:96:d2:a6:8b:0f:5a:b9:88:4b: 15:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:FB:CF:9C:51:B2:C9:B7:99:53:DE:F3:82:7E:51:2A:C1:B2:9D:98 X509v3 Authority Key Identifier: keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/AS139994.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.3.220.0/22 IPv6: 2400:9800:6011::-2400:9800:6015:ffff:ffff:ffff:ffff:ffff 2400:9800:6026::/47 Signature Algorithm: sha256WithRSAEncryption 84:9d:d0:ae:d0:59:c2:83:17:d7:22:07:f9:90:9c:3b:37:81: c9:39:94:3e:9e:90:8a:6d:87:1f:83:ee:df:8d:43:39:23:b7: 76:76:de:99:73:53:e9:ad:fe:51:6f:32:63:28:cd:73:44:c9: 22:d9:fb:48:5c:53:e5:23:4e:b0:0b:94:bf:2a:ad:34:78:4a: 15:40:58:86:c7:9b:a6:72:c7:df:c7:a6:d8:aa:54:b4:2b:c1: 0e:d6:16:0c:06:6e:29:c8:c0:3c:d6:e8:b1:ba:41:ec:77:f2: dd:35:65:fe:cc:ab:ce:58:4c:10:e9:81:d7:b6:b7:2e:6d:df: 4c:c0:c1:88:96:44:fa:d9:eb:b3:00:e4:2d:37:d6:82:cd:8b: 8e:db:6a:aa:d4:a9:c5:55:74:ae:f5:a1:96:25:fa:8f:eb:ef: 6f:44:40:93:07:75:d3:00:e9:fd:76:47:73:df:82:9d:f0:88: e3:ca:94:11:08:d0:c7:05:21:0c:0a:43:c6:ad:1f:22:69:21: 7c:6a:f7:8f:60:14:78:86:64:3d:23:93:3e:02:85:c6:13:ca: 39:94:a2:49:88:16:9e:21:de:f1:a6:73:15:b1:ab:31:9b:d4: ef:a6:4c:6e:25:af:29:81:d8:91:a2:d7:b0:e3:80:be:a1:79: 36:6c:c1:c0 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgIUVNB5B5/qu9k0uP8Kc24hzazcuMswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw OTU2ODdEQTAeFw0yNDA0MjIxMDA3NDFaFw0yNTA0MjExMDEyNDFaMDMxMTAvBgNV BAMTKDhGRkJDRjlDNTFCMkM5Qjc5OTUzREVGMzgyN0U1MTJBQzFCMjlEOTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuH39DHLbVK/isXbzMu0JSe8V9 0UGcHVkMZGQkTZ4ncFGAKbWcrfBJfsLGAr3BHnf4ap3sZN4jCJsyu436SJM/o9eR bdryv7zI2obD6av17eWIDCnOmiVgzGFXK6CIdJmiTDn093mdNNs1KCk2qxjK4IRh MRdYO2hapBZRtcGMlh/eL7oZpmcoR4CcpD6r/ntD9auUEmoKaHJq8XnqSMbkgZ+r ht25rrQL3akgsLubkO0gTT19lHOHRSfFdsnd/ExN+9Wz0Oqs2ZHYES6kkBdfIoxe 6aws9rwq2Npp4m5oU71jrH4M2CfvFwOoLQ+RrnTDegMMDpbSposPWrmISxW7AgMB AAGjggIkMIICIDAdBgNVHQ4EFgQUj/vPnFGyybeZU97zgn5RKsGynZgwHwYDVR0j BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2 ODdEQS5jZXIwcAYIKwYBBQUHAQsEZDBiMGAGCCsGAQUFBzALhlRyc3luYzovL3Jl cG8tcnBraS5pZG5pYy5uZXQvcmVwby80YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04 ZDdlN2ZjMmMyMjcvMC9BUzEzOTk5NC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjBEBggrBgEFBQcBBwEB/wQ1MDMwDAQCAAEwBgMEAmcD3DAjBAIAAjAdMBID BwAkAJgAYBEDBwEkAJgAYBQDBwEkAJgAYCYwDQYJKoZIhvcNAQELBQADggEBAISd 0K7QWcKDF9ciB/mQnDs3gck5lD6ekIpthx+D7t+NQzkjt3Z23plzU+mt/lFvMmMo zXNEySLZ+0hcU+UjTrALlL8qrTR4ShVAWIbHm6Zyx9/HptiqVLQrwQ7WFgwGbinI wDzW6LG6Qex38t01Zf7Mq85YTBDpgde2ty5t30zAwYiWRPrZ67MA5C031oLNi47b aqrUqcVVdK71oZYl+o/r729EQJMHddMA6f12R3Pfgp3wiOPKlBEI0McFIQwKQ8at HyJpIXxq949gFHiGZD0jkz4ChcYTyjmUokmIFp4h3vGmcxWxqzGb1O+mTG4lrymB 2JGi17DjgL6heTZswcA= -----END CERTIFICATE-----Generated at Wed May 1 12:16:02 2024 by rpki-client on console-ams.rpki-client.org