$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS139994.roa File: AS139994.roa (raw, json) Hash identifier: 565yvE8tOtireKs5E3IgbhiXNxWCY+eCTz731Jl9XJw= Subject key identifier: 7F:3A:1A:A5:08:FC:6A:DE:41:A7:B5:CA:65:CE:64:BB:A6:59:F3:85 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 0AAD2A49AB253C4ECABFCAE59C49B29465809E1B Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS139994.roa Signing time: Thu 06 Feb 2025 10:44:54 +0000 ROA not before: Thu 06 Feb 2025 10:39:54 +0000 ROA not after: Thu 05 Feb 2026 10:44:54 +0000 asID: 139994 IP address blocks: 140.213.196.0/24 maxlen: 24 140.213.197.0/24 maxlen: 24 140.213.198.0/24 maxlen: 24 140.213.199.0/24 maxlen: 24 140.213.200.0/24 maxlen: 24 140.213.201.0/24 maxlen: 24 140.213.202.0/24 maxlen: 24 140.213.203.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 21:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:ad:2a:49:ab:25:3c:4e:ca:bf:ca:e5:9c:49:b2:94:65:80:9e:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Feb 6 10:39:54 2025 GMT Not After : Feb 5 10:44:54 2026 GMT Subject: CN=7F3A1AA508FC6ADE41A7B5CA65CE64BBA659F385 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:06:04:19:33:89:0d:33:3b:72:6d:72:5d:be: dc:31:b5:b2:78:14:29:a5:94:b6:f8:f1:8e:2e:a0: 9d:9c:92:fe:4e:31:ab:9a:f7:43:73:97:b0:77:76: a3:7a:03:67:ff:aa:f8:e9:59:70:c6:4b:c7:4d:23: bb:b4:6a:fa:31:77:f4:42:49:4a:a6:2c:aa:16:c0: 00:16:bf:86:eb:0e:41:47:d0:3b:f6:cb:f5:a0:84: 8a:22:8c:65:b1:38:05:fd:b7:14:76:0a:e1:a4:a2: d2:3c:88:6c:a3:d8:f1:86:4e:bc:7a:e2:0d:b5:bf: 82:28:99:b7:5d:4b:bf:95:db:d2:52:11:4f:ce:15: ef:b1:55:bc:29:16:69:fc:fe:2f:25:17:98:4a:3d: 22:a2:68:ab:74:a3:35:ca:08:d4:9b:78:9d:d6:77: 7a:8c:a8:8c:3e:40:1d:c4:40:2f:54:43:3f:f8:52: b2:df:88:91:05:ac:16:ba:12:6d:a5:ad:b3:26:0b: 5e:12:05:ea:de:da:9f:15:5e:7f:e6:48:e4:e5:2e: 32:68:aa:8a:22:33:c6:a5:46:8b:21:04:80:d8:0c: f4:37:12:19:84:48:6d:c7:aa:e4:80:20:a2:93:db: a5:f9:10:bb:67:73:77:06:08:f2:5f:e1:fd:f7:c2: e5:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:3A:1A:A5:08:FC:6A:DE:41:A7:B5:CA:65:CE:64:BB:A6:59:F3:85 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS139994.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 140.213.196.0-140.213.203.255 Signature Algorithm: sha256WithRSAEncryption 7b:54:7c:78:14:29:1e:60:6c:f6:06:5e:83:64:6b:fe:68:5a: a2:21:39:c0:14:80:b8:ec:eb:34:8a:32:5f:6d:fa:16:ee:f6: 87:cb:8a:7b:0a:4b:13:f8:8e:8d:8c:ce:91:d7:c6:29:e0:5f: 89:c0:28:d1:28:20:58:eb:ec:01:56:4a:f0:ab:34:35:a2:19: 95:d0:34:0f:e1:c0:e5:7c:38:18:c4:e1:6f:b9:ef:23:a8:6c: cf:77:fe:90:98:41:23:5d:88:2e:33:9b:c7:b0:4f:9c:99:50: 45:22:7c:0b:06:1a:ac:15:25:d5:55:63:b1:b8:8e:49:85:9f: e5:e9:2c:da:2d:24:df:93:f3:59:61:c8:90:25:03:05:97:24: fe:76:6d:39:ac:e6:49:bc:9a:15:a3:eb:07:b2:68:b7:89:85: 21:df:27:c5:8c:07:f5:b4:f6:42:db:20:6c:6c:06:25:23:70: a9:be:c1:44:c9:b4:e3:48:8b:69:b9:57:b3:77:12:e9:a7:5b: 84:8d:f6:bc:84:1c:00:9a:14:70:ea:42:84:05:dc:39:64:dc: ce:7c:64:0e:b5:36:1c:9d:67:d6:69:69:63:77:8d:99:83:fb: 81:49:54:20:07:6e:89:c3:11:60:c0:db:9e:96:77:df:ae:a4: 7a:2c:f4:24 -----BEGIN CERTIFICATE----- MIIE5TCCA82gAwIBAgIUCq0qSaslPE7Kv8rlnEmylGWAnhswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1NFoX DTI2MDIwNTEwNDQ1NFowMzExMC8GA1UEAxMoN0YzQTFBQTUwOEZDNkFERTQxQTdC NUNBNjVDRTY0QkJBNjU5RjM4NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANAGBBkziQ0zO3Jtcl2+3DG1sngUKaWUtvjxji6gnZyS/k4xq5r3Q3OXsHd2 o3oDZ/+q+OlZcMZLx00ju7Rq+jF39EJJSqYsqhbAABa/husOQUfQO/bL9aCEiiKM ZbE4Bf23FHYK4aSi0jyIbKPY8YZOvHriDbW/giiZt11Lv5Xb0lIRT84V77FVvCkW afz+LyUXmEo9IqJoq3SjNcoI1Jt4ndZ3eoyojD5AHcRAL1RDP/hSst+IkQWsFroS baWtsyYLXhIF6t7anxVef+ZI5OUuMmiqiiIzxqVGiyEEgNgM9DcSGYRIbceq5IAg opPbpfkQu2dzdwYI8l/h/ffC5Y0CAwEAAaOCAdgwggHUMB0GA1UdDgQWBBR/Ohql CPxq3kGntcplzmS7plnzhTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzEzOTk5NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYw FAQCAAEwDjAMAwQCjNXEAwQCjNXIMA0GCSqGSIb3DQEBCwUAA4IBAQB7VHx4FCke YGz2Bl6DZGv+aFqiITnAFIC47Os0ijJfbfoW7vaHy4p7CksT+I6NjM6R18Yp4F+J wCjRKCBY6+wBVkrwqzQ1ohmV0DQP4cDlfDgYxOFvue8jqGzPd/6QmEEjXYguM5vH sE+cmVBFInwLBhqsFSXVVWOxuI5JhZ/l6SzaLSTfk/NZYciQJQMFlyT+dm05rOZJ vJoVo+sHsmi3iYUh3yfFjAf1tPZC2yBsbAYlI3CpvsFEybTjSItpuVezdxLpp1uE jfa8hBwAmhRw6kKEBdw5ZNzOfGQOtTYcnWfWaWljd42Zg/uBSVQgB26JwxFgwNue lnffrqR6LPQk -----END CERTIFICATE-----Generated at Mon Apr 7 03:34:09 2025 by rpki-client