$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS133798.roa File: AS133798.roa (raw, json) Hash identifier: AjoFR+aF40fLm2gSkICoWAaXANe2BwDQCBlRkf2B6Zo= Subject key identifier: 12:F0:50:90:17:14:3F:C0:CF:A3:D5:FB:06:4A:42:82:73:18:F9:4A Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 22533E7DE922471049C11D470AA1286EA3A3AF1E Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS133798.roa Signing time: Thu 06 Feb 2025 10:44:50 +0000 ROA not before: Thu 06 Feb 2025 10:39:50 +0000 ROA not after: Thu 05 Feb 2026 10:44:50 +0000 asID: 133798 IP address blocks: 66.96.240.0/20 maxlen: 24 158.140.188.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 21:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:53:3e:7d:e9:22:47:10:49:c1:1d:47:0a:a1:28:6e:a3:a3:af:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Feb 6 10:39:50 2025 GMT Not After : Feb 5 10:44:50 2026 GMT Subject: CN=12F0509017143FC0CFA3D5FB064A42827318F94A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:20:58:bf:ff:4f:42:c7:ed:c0:4f:26:e9:bc: 9b:b3:63:1f:75:e3:f5:cb:bc:01:26:11:f1:db:c9: 83:91:14:a7:56:c2:a6:ff:c0:fc:5c:48:2f:5a:3f: 48:2a:0d:6f:e2:92:1e:ad:c0:d1:39:30:2e:87:bf: 08:22:5c:dd:9a:d1:8a:f2:5e:b3:d9:13:46:27:b9: ab:1d:e2:10:b8:fc:bb:a8:e1:a3:83:6a:db:1e:fb: b8:6c:cc:3e:df:3f:01:a2:1d:c7:95:16:91:be:a0: b7:84:36:c8:45:9a:3b:36:3a:7e:6e:7a:4b:3a:f3: 80:7b:15:2e:1f:dc:62:85:a3:3d:d8:f9:3c:84:f8: 5f:f9:62:f8:06:6e:ae:d6:90:d0:8d:51:50:15:66: 30:a5:07:2d:c4:01:06:a7:36:e6:85:79:b8:42:18: fb:25:bc:79:3a:be:65:d1:f1:9e:10:5b:9e:e8:ca: 55:ef:c4:8f:39:58:1f:f7:60:0e:a7:ba:00:d1:24: b9:e2:03:1f:53:3b:77:2f:0b:87:2f:17:27:83:5d: 8a:93:bc:d0:c3:6a:ec:da:0d:f6:74:db:6b:3f:28: 72:38:81:7c:36:40:8a:89:e4:34:8f:3f:e8:74:6c: ca:e9:45:ce:26:8f:dc:73:ba:d4:c4:ab:5d:4f:76: 79:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:F0:50:90:17:14:3F:C0:CF:A3:D5:FB:06:4A:42:82:73:18:F9:4A X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS133798.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 66.96.240.0/20 158.140.188.0/23 Signature Algorithm: sha256WithRSAEncryption 0f:0c:43:d9:77:c3:da:12:f8:f9:36:4a:dc:e5:0c:91:b6:94: 77:f0:f3:b6:72:11:67:bf:05:13:45:2d:30:a2:f9:fc:b8:c7: 1f:4d:d8:dd:0d:d3:ae:81:9a:e8:99:8b:aa:e5:37:7a:d2:88: f4:bc:68:ee:d7:92:9e:9f:e6:45:3d:08:4f:27:34:fb:25:38: 97:49:0b:6e:c8:12:1e:c9:96:70:02:fc:1f:04:f7:61:fa:db: 75:1e:fd:04:99:58:0e:25:44:42:58:22:f1:47:f0:48:93:ea: f2:38:dd:02:a7:14:2a:6e:dc:77:be:65:94:33:6e:8a:a1:70: 12:95:65:a5:43:bb:2a:93:5c:74:e3:0e:ff:89:3b:a6:db:1e: 1a:38:5a:c0:a8:91:ef:f0:bd:7b:f1:34:c9:91:5a:e6:4f:35: 93:7c:84:36:c4:61:5c:13:c9:67:88:35:4e:bc:f4:27:a2:0c: 62:a6:a7:ef:65:54:91:d1:eb:48:a6:b9:ab:97:c7:b3:6b:b9: 2d:14:9f:f7:41:20:44:31:18:d1:0e:8c:73:c2:c2:ea:4b:76: 44:40:14:a1:12:f5:b5:61:43:ef:32:9b:dc:a6:5a:18:d5:28: 38:97:ce:7c:5d:83:e9:61:84:2a:b3:22:bc:f1:4d:13:8c:d7: 2a:35:86:e7 -----BEGIN CERTIFICATE----- MIIE4zCCA8ugAwIBAgIUIlM+fekiRxBJwR1HCqEobqOjrx4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1MFoX DTI2MDIwNTEwNDQ1MFowMzExMC8GA1UEAxMoMTJGMDUwOTAxNzE0M0ZDMENGQTNE NUZCMDY0QTQyODI3MzE4Rjk0QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALsgWL//T0LH7cBPJum8m7NjH3Xj9cu8ASYR8dvJg5EUp1bCpv/A/FxIL1o/ SCoNb+KSHq3A0TkwLoe/CCJc3ZrRivJes9kTRie5qx3iELj8u6jho4Nq2x77uGzM Pt8/AaIdx5UWkb6gt4Q2yEWaOzY6fm56SzrzgHsVLh/cYoWjPdj5PIT4X/li+AZu rtaQ0I1RUBVmMKUHLcQBBqc25oV5uEIY+yW8eTq+ZdHxnhBbnujKVe/EjzlYH/dg Dqe6ANEkueIDH1M7dy8Lhy8XJ4NdipO80MNq7NoN9nTbaz8ocjiBfDZAionkNI8/ 6HRsyulFziaP3HO61MSrXU92eZsCAwEAAaOCAdYwggHSMB0GA1UdDgQWBBQS8FCQ FxQ/wM+j1fsGSkKCcxj5SjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzEzMzc5OC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQw EgQCAAEwDAMEBEJg8AMEAZ6MvDANBgkqhkiG9w0BAQsFAAOCAQEADwxD2XfD2hL4 +TZK3OUMkbaUd/DztnIRZ78FE0UtMKL5/LjHH03Y3Q3TroGa6JmLquU3etKI9Lxo 7teSnp/mRT0ITyc0+yU4l0kLbsgSHsmWcAL8HwT3YfrbdR79BJlYDiVEQlgi8Ufw SJPq8jjdAqcUKm7cd75llDNuiqFwEpVlpUO7KpNcdOMO/4k7ptseGjhawKiR7/C9 e/E0yZFa5k81k3yENsRhXBPJZ4g1Trz0J6IMYqan72VUkdHrSKa5q5fHs2u5LRSf 90EgRDEY0Q6Mc8LC6kt2REAUoRL1tWFD7zKb3KZaGNUoOJfOfF2D6WGEKrMivPFN E4zXKjWG5w== -----END CERTIFICATE-----Generated at Mon Apr 7 03:29:41 2025 by rpki-client