$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS132634.roa File: AS132634.roa (raw, json) Hash identifier: vDq5c+TQcVZXZHcAPXlYkMOh0udrCpKjR73wmeY7QuU= Subject key identifier: 0A:58:A9:45:28:09:B7:B7:95:5A:9F:D1:EF:71:80:A1:80:09:D2:17 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1E141B7D013E5B7B3C8BE513C599120F21CCBD4B Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS132634.roa Signing time: Tue 09 Jan 2024 04:00:20 +0000 ROA not before: Tue 09 Jan 2024 03:55:20 +0000 ROA not after: Tue 07 Jan 2025 04:00:20 +0000 asID: 132634 IP address blocks: 103.170.104.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 17:47:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:14:1b:7d:01:3e:5b:7b:3c:8b:e5:13:c5:99:12:0f:21:cc:bd:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:20 2024 GMT Not After : Jan 7 04:00:20 2025 GMT Subject: CN=0A58A9452809B7B7955A9FD1EF7180A18009D217 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:e8:80:99:3f:93:e7:fd:19:c4:57:ba:24:a8: 02:d4:cf:27:31:ba:f8:2e:13:55:15:d7:5f:6f:f7: 72:24:ee:8b:89:c0:08:64:59:8d:c6:c8:dc:43:4a: ea:3c:42:19:d7:bd:e9:1b:a0:75:55:d9:ec:8b:fa: 32:c7:3c:d2:0c:30:e2:30:2e:0e:46:72:93:4a:e5: 19:97:e7:9a:86:ab:1b:4f:f6:3d:5a:82:0f:ee:c4: 26:95:a6:d3:ae:76:95:70:b1:03:1c:ba:02:50:a3: 43:47:2a:a2:f0:ff:b6:cf:f0:92:e1:d5:e7:e4:6b: f0:8e:17:37:9e:52:b4:69:9e:5c:2e:d8:c1:03:0b: a5:dc:92:42:8c:de:29:a8:eb:9f:81:e1:54:f2:04: 43:cc:49:44:2c:5f:f7:5c:cd:de:57:dd:20:c3:63: 46:73:84:95:64:30:64:2f:05:3a:c7:a7:bd:46:73: 1e:f2:0a:24:60:f6:18:35:ec:ab:39:0e:3c:a9:0e: 0d:12:30:e8:cd:4c:8e:42:24:f9:1c:f5:8a:85:9c: c0:bb:52:dd:3e:57:95:f5:95:80:a1:6b:1a:c2:62: 85:f6:3f:0c:12:77:53:39:d4:1d:d0:70:8e:35:a3: 6c:f5:2c:f9:1d:75:a4:61:21:e1:e0:ff:2b:5c:ef: f4:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:58:A9:45:28:09:B7:B7:95:5A:9F:D1:EF:71:80:A1:80:09:D2:17 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS132634.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.170.104.0/23 Signature Algorithm: sha256WithRSAEncryption 00:19:65:7a:bd:93:1a:e4:73:c8:26:34:7e:f8:ca:a7:d7:50: 39:49:fd:da:69:af:c4:2f:1a:fc:00:c2:74:59:a3:c9:74:89: 1b:13:f1:ba:eb:18:2c:6c:c3:5b:ac:7d:12:9b:36:0e:fa:2c: 20:f9:e8:23:23:11:ec:07:4b:41:ff:e1:6f:93:92:5d:70:36: 2d:e9:07:15:33:35:65:46:3f:c2:53:b1:1f:12:b9:f9:4e:46: ee:db:7d:66:15:6f:fa:ea:72:db:38:99:6f:61:70:dd:8b:84: 34:a3:d8:64:85:e3:fb:e4:c1:96:34:69:c4:15:1e:57:70:c8: b5:d8:c3:cc:53:c8:d2:d4:ea:92:7a:78:2a:a0:6a:d7:0b:36: a9:bc:c0:45:fd:5e:0c:e5:bf:f8:88:c9:ac:98:4d:57:47:da: 7b:60:d7:95:9b:82:28:ff:ee:30:c0:71:8a:6f:dd:a5:a9:ce: f1:1b:8c:89:6d:66:b8:4e:d2:52:be:1c:50:4a:f3:1c:be:57: 0d:ee:26:f2:44:de:02:a6:2b:49:fe:03:3a:68:e7:fa:d4:cb: 02:ad:ff:5a:21:4c:4d:5e:aa:89:2b:83:04:d8:e4:16:90:24: 70:bd:db:09:df:81:d7:bd:9c:f0:7b:42:8d:70:8a:fe:cc:34: 36:09:e5:db -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUHhQbfQE+W3s8i+UTxZkSDyHMvUswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUyMFoX DTI1MDEwNzA0MDAyMFowMzExMC8GA1UEAxMoMEE1OEE5NDUyODA5QjdCNzk1NUE5 RkQxRUY3MTgwQTE4MDA5RDIxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK3ogJk/k+f9GcRXuiSoAtTPJzG6+C4TVRXXX2/3ciTui4nACGRZjcbI3ENK 6jxCGde96RugdVXZ7Iv6Msc80gww4jAuDkZyk0rlGZfnmoarG0/2PVqCD+7EJpWm 0652lXCxAxy6AlCjQ0cqovD/ts/wkuHV5+Rr8I4XN55StGmeXC7YwQMLpdySQoze Kajrn4HhVPIEQ8xJRCxf91zN3lfdIMNjRnOElWQwZC8FOsenvUZzHvIKJGD2GDXs qzkOPKkODRIw6M1MjkIk+Rz1ioWcwLtS3T5XlfWVgKFrGsJihfY/DBJ3UznUHdBw jjWjbPUs+R11pGEh4eD/K1zv9OUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQKWKlF KAm3t5Van9HvcYChgAnSFzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzMjYzNC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWeqaDANBgkqhkiG9w0BAQsFAAOCAQEAABller2TGuRzyCY0fvjK p9dQOUn92mmvxC8a/ADCdFmjyXSJGxPxuusYLGzDW6x9Eps2DvosIPnoIyMR7AdL Qf/hb5OSXXA2LekHFTM1ZUY/wlOxHxK5+U5G7tt9ZhVv+upy2ziZb2Fw3YuENKPY ZIXj++TBljRpxBUeV3DItdjDzFPI0tTqknp4KqBq1ws2qbzARf1eDOW/+IjJrJhN V0fae2DXlZuCKP/uMMBxim/dpanO8RuMiW1muE7SUr4cUErzHL5XDe4m8kTeAqYr Sf4DOmjn+tTLAq3/WiFMTV6qiSuDBNjkFpAkcL3bCd+B172c8HtCjXCK/sw0Ngnl 2w== -----END CERTIFICATE-----Generated at Wed May 8 15:17:41 2024 by rpki-client on console-fra.rpki-client.org