$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS132670.roa File: AS132670.roa (raw, json) Hash identifier: JM1y7ho9H35jTuOebZcDT67trfDJWanWbDCXxXIlQhU= Subject key identifier: 65:CA:36:7A:A3:05:B8:30:DA:F4:3D:C0:96:73:84:ED:FE:F5:F1:D9 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3E19AC870B8C00CF579E7A370C862BBDEA3C09CD Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS132670.roa Signing time: Tue 09 Jan 2024 04:00:12 +0000 ROA not before: Tue 09 Jan 2024 03:55:12 +0000 ROA not after: Tue 07 Jan 2025 04:00:12 +0000 asID: 132670 IP address blocks: 103.27.36.0/24 maxlen: 24 2001:df3:2c80::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:19:ac:87:0b:8c:00:cf:57:9e:7a:37:0c:86:2b:bd:ea:3c:09:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:12 2024 GMT Not After : Jan 7 04:00:12 2025 GMT Subject: CN=65CA367AA305B830DAF43DC0967384EDFEF5F1D9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:38:fb:69:0e:a3:2d:d4:b9:d1:71:d6:f3:4c: c8:96:66:2a:45:fa:7e:2c:87:e5:54:42:f2:c2:e0: 62:9f:6f:e4:bd:e7:f7:21:43:c4:9b:22:f0:29:40: e5:04:7e:a4:0d:05:c4:f5:6c:7f:bd:68:dd:9b:4b: d8:0a:77:70:be:68:3c:b9:8d:b9:76:e3:c4:1d:63: bf:bb:c3:57:d9:be:62:89:2f:cf:c0:b1:c4:5b:09: 7a:b2:5a:db:7a:0c:8d:da:a7:5c:e2:35:35:e0:76: 96:45:8e:7c:a9:11:0d:6b:23:e7:c2:46:ec:60:73: 59:0c:0f:dc:d8:26:3c:35:36:dc:30:71:5e:4e:05: 4b:30:aa:22:e1:af:8c:64:d2:a6:a0:ba:cd:4b:d2: 95:5f:31:03:d3:9a:0e:71:5b:a6:96:34:bf:af:f1: 24:81:d1:0e:28:56:c0:98:f0:0a:1f:99:e1:b6:86: 43:f0:81:2e:fc:54:ac:35:05:ff:d9:b6:8f:96:c8: d3:29:b6:d2:0b:97:a2:86:71:93:66:ad:c1:ff:e9: 19:27:f5:60:3d:df:88:20:4a:1b:5a:87:ca:ef:6f: 9c:f1:5d:09:15:70:7c:6c:b9:91:4a:df:47:b5:4e: 9f:d5:a3:5e:6b:58:fa:06:43:60:0f:b9:07:85:ff: 57:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:CA:36:7A:A3:05:B8:30:DA:F4:3D:C0:96:73:84:ED:FE:F5:F1:D9 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS132670.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.27.36.0/24 IPv6: 2001:df3:2c80::/48 Signature Algorithm: sha256WithRSAEncryption 5b:88:bd:8a:c0:52:79:3c:22:6d:3a:0f:fd:5d:be:e3:da:7d: 78:ad:a6:5c:fe:94:56:32:86:5a:01:df:e8:42:c0:03:bf:c0: 93:07:00:69:1e:23:cb:ce:dc:33:6e:ae:6d:ca:3b:ef:72:04: 9a:28:e8:b2:d4:b9:f8:95:76:39:c0:eb:73:5b:1b:66:ff:cc: 1c:13:85:81:b9:5e:88:fc:77:72:98:e0:67:b6:6b:f8:8d:15: 65:05:fe:73:14:b3:25:bb:38:84:9b:58:c4:3d:a2:79:ad:20: 5e:8a:ff:f8:b7:b7:97:91:1a:80:36:6d:8c:aa:e8:2a:cc:93: 35:e2:40:8c:00:17:62:95:5e:20:e3:50:f2:05:a4:a2:f3:d5: 7c:c1:e5:e2:33:11:79:f8:19:08:cc:03:65:79:3f:60:35:62: a0:1b:90:35:03:f9:c4:57:ba:9c:f9:71:b2:7f:ff:17:e3:8b: b2:0b:e1:26:2e:8b:87:e3:26:29:c0:45:b7:3e:f7:1e:82:fc: 8a:fb:cd:1c:1e:33:ec:8f:7b:11:85:ad:aa:25:94:64:ec:3b: 66:e5:ec:6d:b6:12:3d:17:3f:5d:d0:b8:a4:69:2d:b4:7b:bd: 72:de:8b:e7:d2:31:5c:80:f2:cc:03:73:92:60:9f:30:9f:2e: 6a:5f:fb:a2 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUPhmshwuMAM9Xnno3DIYrveo8Cc0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUxMloX DTI1MDEwNzA0MDAxMlowMzExMC8GA1UEAxMoNjVDQTM2N0FBMzA1QjgzMERBRjQz REMwOTY3Mzg0RURGRUY1RjFEOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANY4+2kOoy3UudFx1vNMyJZmKkX6fiyH5VRC8sLgYp9v5L3n9yFDxJsi8ClA 5QR+pA0FxPVsf71o3ZtL2Ap3cL5oPLmNuXbjxB1jv7vDV9m+Yokvz8CxxFsJerJa 23oMjdqnXOI1NeB2lkWOfKkRDWsj58JG7GBzWQwP3NgmPDU23DBxXk4FSzCqIuGv jGTSpqC6zUvSlV8xA9OaDnFbppY0v6/xJIHRDihWwJjwCh+Z4baGQ/CBLvxUrDUF /9m2j5bI0ym20guXooZxk2atwf/pGSf1YD3fiCBKG1qHyu9vnPFdCRVwfGy5kUrf R7VOn9WjXmtY+gZDYA+5B4X/V7sCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBRlyjZ6 owW4MNr0PcCWc4Tt/vXx2TAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzMjY3MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAGcbJDAPBAIAAjAJAwcAIAEN8yyAMA0GCSqGSIb3DQEBCwUAA4IB AQBbiL2KwFJ5PCJtOg/9Xb7j2n14raZc/pRWMoZaAd/oQsADv8CTBwBpHiPLztwz bq5tyjvvcgSaKOiy1Ln4lXY5wOtzWxtm/8wcE4WBuV6I/HdymOBntmv4jRVlBf5z FLMluziEm1jEPaJ5rSBeiv/4t7eXkRqANm2MqugqzJM14kCMABdilV4g41DyBaSi 89V8weXiMxF5+BkIzANleT9gNWKgG5A1A/nEV7qc+XGyf/8X44uyC+EmLouH4yYp wEW3PvcegvyK+80cHjPsj3sRha2qJZRk7Dtm5extthI9Fz9d0LikaS20e71y3ovn 0jFcgPLMA3OSYJ8wny5qX/ui -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:23 2024 by rpki-client on console-fra.rpki-client.org