$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/AS139994.roa File: AS139994.roa (raw, json) Hash identifier: tapfWc9CLo0LUCDs2SNV3i2P+yVogKVvWIPgt3+MIWw= Subject key identifier: E0:B4:D6:F1:D2:30:70:B2:CC:BD:2E:A5:4F:F9:B7:2C:02:30:D3:93 Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA Certificate serial: 63683845306B86D34051B91EE7154ADAB349AE43 Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/AS139994.roa Signing time: Mon 20 May 2024 09:23:02 +0000 ROA not before: Mon 20 May 2024 09:18:02 +0000 ROA not after: Mon 19 May 2025 09:23:02 +0000 asID: 139994 IP address blocks: 103.3.220.0/22 maxlen: 22 103.3.220.0/24 maxlen: 24 103.3.221.0/24 maxlen: 24 103.3.222.0/24 maxlen: 24 2400:9800:6011::/48 maxlen: 48 2400:9800:6012::/48 maxlen: 48 2400:9800:6013::/48 maxlen: 48 2400:9800:6014::/48 maxlen: 48 2400:9800:6015::/48 maxlen: 48 2400:9800:6026::/48 maxlen: 48 2400:9800:6027::/48 maxlen: 48 2400:9800:6040::/47 maxlen: 47 2400:9800:6042::/47 maxlen: 47 2400:9800:6050::/47 maxlen: 47 2400:9800:6052::/47 maxlen: 47 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 01:21:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:68:38:45:30:6b:86:d3:40:51:b9:1e:e7:15:4a:da:b3:49:ae:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA Validity Not Before: May 20 09:18:02 2024 GMT Not After : May 19 09:23:02 2025 GMT Subject: CN=E0B4D6F1D23070B2CCBD2EA54FF9B72C0230D393 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:b5:76:34:61:03:01:d5:59:a5:ad:7d:0c:9c: 34:93:b0:8d:af:04:bf:14:83:10:2a:81:87:87:9d: da:94:04:a5:50:53:6a:8e:08:c5:47:b2:4d:98:d3: a6:fc:bb:6f:7a:8a:06:91:7f:c4:68:99:4e:a5:ed: 3c:30:46:84:92:c1:b0:64:fe:0c:1d:6e:17:84:fa: 32:77:dd:a9:f7:15:e8:46:fe:58:a1:1f:98:0b:ab: 47:0f:74:76:cd:9c:22:34:da:6c:c7:af:f0:ec:a4: 9d:2b:b6:0c:62:a9:3a:0f:ba:83:a9:7e:00:29:32: ea:06:4f:e5:fe:5d:7a:31:95:f0:49:bb:57:a3:ed: be:fd:b4:e0:dc:f0:2a:df:1b:fb:84:5c:8b:9b:d2: a1:cf:35:a6:22:95:41:01:4b:17:ea:48:8b:ec:97: 6e:a2:3f:50:16:94:5b:1f:65:76:36:04:df:d8:a6: 9a:d6:e4:9f:fb:3d:e2:75:5e:dd:63:3d:73:eb:18: df:9f:14:84:82:8d:f8:3b:d3:3b:f4:96:91:0b:1f: 6e:49:70:d2:b6:df:2e:e3:64:3d:3d:f4:4b:0b:48: 7e:87:a8:f3:bf:ea:db:aa:44:77:57:4c:04:49:ee: b2:75:36:ab:d6:94:0f:63:4b:a5:68:4e:ac:7a:9d: 59:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:B4:D6:F1:D2:30:70:B2:CC:BD:2E:A5:4F:F9:B7:2C:02:30:D3:93 X509v3 Authority Key Identifier: keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/AS139994.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.3.220.0/22 IPv6: 2400:9800:6011::-2400:9800:6015:ffff:ffff:ffff:ffff:ffff 2400:9800:6026::/47 2400:9800:6040::/46 2400:9800:6050::/46 Signature Algorithm: sha256WithRSAEncryption 63:15:57:66:03:b2:b8:0f:44:71:73:78:c3:8f:37:4e:7f:2c: 63:2a:9e:b5:40:0f:8d:9f:f2:27:6c:98:34:90:42:98:30:f7: 91:75:c3:70:bd:08:c3:76:8c:7a:27:00:32:b4:a4:7b:11:c5: cb:88:de:f8:1b:4f:a8:75:ff:e2:e2:4d:81:6f:e2:5c:42:fb: 83:cd:9d:7f:98:7b:10:c6:af:13:d2:54:20:16:3c:40:fb:95: 39:7e:16:c1:8a:f9:c7:98:f8:f6:59:09:2d:18:63:a9:8c:e6: a8:0c:53:9d:3d:3c:c2:38:20:e5:49:6c:0e:8f:1a:ae:72:22: 82:81:39:da:bb:b9:db:44:1d:27:64:45:44:d0:39:01:8b:d5: 90:8d:31:4f:11:4e:9b:80:5a:30:7a:f2:0b:0b:f4:94:22:46: 81:fc:fd:5a:d4:9a:d2:3f:99:47:84:4e:86:3a:c2:e4:c2:4f: ae:04:a1:6c:9b:99:73:06:92:05:f2:0d:3b:aa:88:26:91:57: 41:75:7c:55:07:b5:65:ed:10:f0:13:a6:24:f7:50:54:aa:f0: be:ed:a0:8e:c7:14:8a:b0:a1:bc:02:45:8a:a9:c9:c2:86:bb: f3:a4:d6:42:39:b6:c0:5f:0d:8d:c4:db:0b:c1:bd:9c:76:cb: 87:36:30:4e -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgIUY2g4RTBrhtNAUbke5xVK2rNJrkMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw OTU2ODdEQTAeFw0yNDA1MjAwOTE4MDJaFw0yNTA1MTkwOTIzMDJaMDMxMTAvBgNV BAMTKEUwQjRENkYxRDIzMDcwQjJDQ0JEMkVBNTRGRjlCNzJDMDIzMEQzOTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDstXY0YQMB1VmlrX0MnDSTsI2v BL8UgxAqgYeHndqUBKVQU2qOCMVHsk2Y06b8u296igaRf8RomU6l7TwwRoSSwbBk /gwdbheE+jJ33an3FehG/lihH5gLq0cPdHbNnCI02mzHr/DspJ0rtgxiqToPuoOp fgApMuoGT+X+XXoxlfBJu1ej7b79tODc8CrfG/uEXIub0qHPNaYilUEBSxfqSIvs l26iP1AWlFsfZXY2BN/YpprW5J/7PeJ1Xt1jPXPrGN+fFISCjfg70zv0lpELH25J cNK23y7jZD099EsLSH6HqPO/6tuqRHdXTARJ7rJ1NqvWlA9jS6VoTqx6nVmrAgMB AAGjggI2MIICMjAdBgNVHQ4EFgQU4LTW8dIwcLLMvS6lT/m3LAIw05MwHwYDVR0j BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2 ODdEQS5jZXIwcAYIKwYBBQUHAQsEZDBiMGAGCCsGAQUFBzALhlRyc3luYzovL3Jl cG8tcnBraS5pZG5pYy5uZXQvcmVwby80YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04 ZDdlN2ZjMmMyMjcvMC9BUzEzOTk5NC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjBWBggrBgEFBQcBBwEB/wRHMEUwDAQCAAEwBgMEAmcD3DA1BAIAAjAvMBID BwAkAJgAYBEDBwEkAJgAYBQDBwEkAJgAYCYDBwIkAJgAYEADBwIkAJgAYFAwDQYJ KoZIhvcNAQELBQADggEBAGMVV2YDsrgPRHFzeMOPN05/LGMqnrVAD42f8idsmDSQ Qpgw95F1w3C9CMN2jHonADK0pHsRxcuI3vgbT6h1/+LiTYFv4lxC+4PNnX+YexDG rxPSVCAWPED7lTl+FsGK+ceY+PZZCS0YY6mM5qgMU509PMI4IOVJbA6PGq5yIoKB Odq7udtEHSdkRUTQOQGL1ZCNMU8RTpuAWjB68gsL9JQiRoH8/VrUmtI/mUeEToY6 wuTCT64EoWybmXMGkgXyDTuqiCaRV0F1fFUHtWXtEPATpiT3UFSq8L7toI7HFIqw obwCRYqpycKGu/Ok1kI5tsBfDY3E2wvBvZx2y4c2ME4= -----END CERTIFICATE-----Generated at Fri Nov 22 01:32:00 2024 by rpki-client on console-ams.rpki-client.org