$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS132669.roa File: AS132669.roa (raw, json) Hash identifier: huXnWjUizqeWw9Jt/rcwdRNrdmB6FPC/p0kOfKcGi2c= Subject key identifier: B3:FC:DB:52:58:D3:E1:36:E3:89:DD:0A:00:75:EE:76:8F:81:92:53 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4C39A3A733F0203AF7679863EE2FFEB3F5C373E0 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS132669.roa Signing time: Wed 29 Jan 2025 04:00:00 +0000 ROA not before: Wed 29 Jan 2025 03:55:00 +0000 ROA not after: Wed 28 Jan 2026 04:00:00 +0000 asID: 132669 IP address blocks: 103.248.248.0/24 maxlen: 24 2400:b8a0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:39:a3:a7:33:f0:20:3a:f7:67:98:63:ee:2f:fe:b3:f5:c3:73:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Jan 29 03:55:00 2025 GMT Not After : Jan 28 04:00:00 2026 GMT Subject: CN=B3FCDB5258D3E136E389DD0A0075EE768F819253 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fe:30:bb:b4:b8:64:3d:76:35:d4:9b:b3:10:6b: 45:a9:b1:69:2b:ac:f0:cd:c5:50:c0:79:4b:32:02: 25:a1:ba:e0:e0:40:11:77:cb:6e:af:cb:92:3f:4a: 5e:49:1e:b1:c3:6a:d1:5a:54:b1:1f:b0:f4:30:ce: b8:8a:60:f0:b5:d8:f0:ca:56:fd:1d:9d:25:ab:1f: 10:e8:f1:5b:65:eb:1f:9b:f1:bf:6d:4f:1e:62:c3: 4b:d6:9f:48:6e:ec:88:82:c5:d8:30:58:b7:72:22: 73:1d:53:36:53:39:d7:1b:d0:f4:f6:da:a2:0a:19: e5:18:c7:cc:1a:5a:91:65:ea:14:42:46:50:0b:2b: a0:29:9d:28:eb:ac:1c:72:f9:ad:67:ef:63:48:ac: f6:bd:b7:ba:a4:f1:39:52:34:d5:2f:a3:75:ac:d9: 30:58:e6:dc:20:c3:1e:cc:6a:04:76:45:a5:e8:76: e4:fa:69:98:31:7d:cf:3e:29:aa:58:10:ac:7b:41: 5f:11:be:16:b8:5e:f4:24:ce:2b:30:fa:c2:30:a4: 3f:79:48:99:3a:1d:06:30:8a:f0:02:81:db:5b:d8: 53:40:7a:54:ef:88:1c:9f:d4:96:68:4f:97:d0:da: 59:f9:22:8f:de:e3:e1:32:a4:75:d1:25:b8:6c:1c: b7:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:FC:DB:52:58:D3:E1:36:E3:89:DD:0A:00:75:EE:76:8F:81:92:53 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS132669.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.248.248.0/24 IPv6: 2400:b8a0::/32 Signature Algorithm: sha256WithRSAEncryption 88:b4:cc:85:37:ed:73:b3:24:ac:73:ff:0e:5e:ae:5c:94:d9: 5a:89:02:65:e8:77:99:04:9a:68:3f:bc:30:42:64:c7:8d:cf: 8d:ed:43:aa:02:1a:ad:c1:bf:14:bf:52:c2:3c:7c:be:71:5a: 53:84:61:ae:87:a7:fb:70:f6:3e:8b:52:32:92:72:31:e3:85: ca:1d:0c:76:46:0c:e7:ec:e1:b7:7f:74:a8:4f:03:d7:98:dd: 55:3f:a3:f3:fe:71:31:a6:f7:6d:6f:53:5d:42:f5:29:06:c9: 5f:97:3b:6b:a8:fd:31:ce:c7:1b:e9:83:00:7e:4a:f5:d2:92: 60:2d:e3:b3:1d:f9:76:43:97:1c:aa:e5:cd:09:b3:be:1d:92: 39:a4:4a:96:dd:a2:cd:9f:4a:df:0d:33:5c:3f:ae:af:c4:1a: 8a:6b:67:03:77:4f:df:41:a0:6f:9e:b6:bd:65:0f:08:ae:b6: 90:1c:46:f5:34:f9:ff:42:5e:dc:57:aa:f9:18:e2:9b:87:63: 48:45:1f:02:27:0a:35:f8:f8:fd:41:bb:9e:96:98:de:05:8e: c4:3a:ed:2d:64:56:84:54:24:97:8f:42:b3:e5:94:6f:d5:56: 3b:13:0d:7a:ad:27:ce:a4:87:3b:c2:3b:54:fa:15:fd:4d:98: 5c:ca:b2:2b -----BEGIN CERTIFICATE----- MIIE7DCCA9SgAwIBAgIUTDmjpzPwIDr3Z5hj7i/+s/XDc+AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDEyOTAzNTUwMFoX DTI2MDEyODA0MDAwMFowMzExMC8GA1UEAxMoQjNGQ0RCNTI1OEQzRTEzNkUzODlE RDBBMDA3NUVFNzY4RjgxOTI1MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAP4wu7S4ZD12NdSbsxBrRamxaSus8M3FUMB5SzICJaG64OBAEXfLbq/Lkj9K XkkescNq0VpUsR+w9DDOuIpg8LXY8MpW/R2dJasfEOjxW2XrH5vxv21PHmLDS9af SG7siILF2DBYt3Iicx1TNlM51xvQ9PbaogoZ5RjHzBpakWXqFEJGUAsroCmdKOus HHL5rWfvY0is9r23uqTxOVI01S+jdazZMFjm3CDDHsxqBHZFpeh25PppmDF9zz4p qlgQrHtBXxG+Frhe9CTOKzD6wjCkP3lImTodBjCK8AKB21vYU0B6VO+IHJ/UlmhP l9DaWfkij97j4TKkddEluGwctwMCAwEAAaOCAd8wggHbMB0GA1UdDgQWBBSz/NtS WNPhNuOJ3QoAde52j4GSUzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzMjY2OS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0w DAQCAAEwBgMEAGf4+DANBAIAAjAHAwUAJAC4oDANBgkqhkiG9w0BAQsFAAOCAQEA iLTMhTftc7MkrHP/Dl6uXJTZWokCZeh3mQSaaD+8MEJkx43Pje1DqgIarcG/FL9S wjx8vnFaU4Rhroen+3D2PotSMpJyMeOFyh0MdkYM5+zht390qE8D15jdVT+j8/5x Mab3bW9TXUL1KQbJX5c7a6j9Mc7HG+mDAH5K9dKSYC3jsx35dkOXHKrlzQmzvh2S OaRKlt2izZ9K3w0zXD+ur8QaimtnA3dP30Ggb562vWUPCK62kBxG9TT5/0Je3Feq +Rjim4djSEUfAicKNfj4/UG7npaY3gWOxDrtLWRWhFQkl49Cs+WUb9VWOxMNeq0n zqSHO8I7VPoV/U2YXMqyKw== -----END CERTIFICATE-----Generated at Sat Apr 5 06:20:32 2025 by rpki-client