$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS136842.roa File: AS136842.roa (raw, json) Hash identifier: SuLHa/wfFkmHf6LNqhZC9RLA86XbXD+7XmRR0lWSBcg= Subject key identifier: 33:43:82:0B:DF:20:32:B9:F2:49:AB:CF:69:70:97:5B:1D:F0:3D:D5 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 614CE9672ADE430CB17213CA931AF12ADDD5205D Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS136842.roa Signing time: Tue 09 Jan 2024 04:00:15 +0000 ROA not before: Tue 09 Jan 2024 03:55:15 +0000 ROA not after: Tue 07 Jan 2025 04:00:15 +0000 asID: 136842 IP address blocks: 103.100.246.0/24 maxlen: 24 103.100.247.0/24 maxlen: 24 2405:bc0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:4c:e9:67:2a:de:43:0c:b1:72:13:ca:93:1a:f1:2a:dd:d5:20:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:15 2024 GMT Not After : Jan 7 04:00:15 2025 GMT Subject: CN=3343820BDF2032B9F249ABCF6970975B1DF03DD5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:15:1d:81:5f:f9:b4:4b:56:7c:32:c0:87:79: e4:b2:05:ab:89:ae:02:e5:a7:27:32:86:ee:d2:d3: f3:2f:94:f6:27:e2:5a:67:f1:6f:06:cb:a2:db:cc: 58:2f:75:62:fa:49:3a:eb:eb:f3:1e:60:72:5e:17: 09:a0:f3:bc:70:f6:76:0d:f7:56:40:b2:58:be:8c: c0:87:74:e3:d3:dd:a4:51:2b:d5:99:62:79:6f:20: de:bb:ac:63:33:0d:37:33:ad:1d:55:9e:21:53:e2: 14:10:e0:3b:26:59:f7:1f:b6:d7:04:4f:bb:61:6b: d2:73:83:e1:b0:65:d3:ce:40:58:7a:5a:84:61:b9: 34:f4:32:ae:dd:9f:4b:9c:b7:ef:81:b3:af:b7:21: 17:d5:00:8f:cf:4f:1c:ac:bc:97:c4:75:a7:f4:3c: 0f:d5:65:d1:13:3d:6e:a6:1d:e2:16:af:9d:36:a3: 9e:4e:78:71:d3:3b:26:44:a9:c4:7e:69:5e:26:00: 1d:08:3e:92:b3:76:50:aa:22:50:61:75:c8:dd:03: 5e:17:cc:45:13:0a:db:21:a1:7e:d4:6b:55:18:ed: 6f:85:81:a4:83:9d:6e:a8:29:31:e3:e3:96:51:10: 79:ee:40:fc:30:82:01:f9:9c:46:c0:db:ff:4f:42: 97:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:43:82:0B:DF:20:32:B9:F2:49:AB:CF:69:70:97:5B:1D:F0:3D:D5 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS136842.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.100.246.0/23 IPv6: 2405:bc0::/32 Signature Algorithm: sha256WithRSAEncryption 2b:0a:58:bc:8e:ca:fb:13:6d:e1:8e:a8:c8:26:67:8f:b8:7a: c4:3e:5b:a9:6c:19:70:e3:2e:89:71:51:c1:50:a2:64:8c:ac: 70:3f:ef:9d:ea:ef:00:11:6a:ba:f0:54:4f:fe:88:79:5b:c3: c8:fc:96:4e:2d:5c:5a:dd:c9:a7:65:e2:d9:b4:ad:8f:f5:98: bd:26:2d:3e:82:48:b3:e2:69:6d:33:53:09:6d:f4:2c:40:d9: 98:b7:c5:fd:7e:96:cb:b5:86:0a:5b:4c:56:18:84:19:55:76: a0:9e:70:1f:02:bb:1e:f2:20:83:10:c3:61:b6:e9:e1:68:ec: a1:c2:f6:34:53:b2:6b:1b:00:58:d5:30:3a:76:00:f7:e6:43: 92:f7:46:9c:46:cf:e4:16:14:2a:f8:dc:93:a2:34:4e:23:70: 7e:20:8e:ac:4f:6c:06:1d:b4:ec:8c:78:e5:f3:51:55:f5:59: ee:65:51:fb:0f:4a:6c:63:79:52:a1:f0:30:d7:c4:e3:1f:f1: 89:8e:51:17:b8:40:ae:ac:70:00:35:f4:dc:b9:a3:e8:ef:de: a8:4f:16:75:af:2c:71:a1:d0:78:f5:4b:ab:87:88:ce:2b:da: 2b:5d:5c:c7:5e:3e:61:1f:bf:87:7c:02:af:48:cc:d4:01:48: 48:62:fe:0f -----BEGIN CERTIFICATE----- MIIE7DCCA9SgAwIBAgIUYUzpZyreQwyxchPKkxrxKt3VIF0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUxNVoX DTI1MDEwNzA0MDAxNVowMzExMC8GA1UEAxMoMzM0MzgyMEJERjIwMzJCOUYyNDlB QkNGNjk3MDk3NUIxREYwM0RENTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANsVHYFf+bRLVnwywId55LIFq4muAuWnJzKG7tLT8y+U9ifiWmfxbwbLotvM WC91YvpJOuvr8x5gcl4XCaDzvHD2dg33VkCyWL6MwId049PdpFEr1ZlieW8g3rus YzMNNzOtHVWeIVPiFBDgOyZZ9x+21wRPu2Fr0nOD4bBl085AWHpahGG5NPQyrt2f S5y374Gzr7chF9UAj89PHKy8l8R1p/Q8D9Vl0RM9bqYd4havnTajnk54cdM7JkSp xH5pXiYAHQg+krN2UKoiUGF1yN0DXhfMRRMK2yGhftRrVRjtb4WBpIOdbqgpMePj llEQee5A/DCCAfmcRsDb/09Cl40CAwEAAaOCAd8wggHbMB0GA1UdDgQWBBQzQ4IL 3yAyufJJq89pcJdbHfA91TAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzNjg0Mi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0w DAQCAAEwBgMEAWdk9jANBAIAAjAHAwUAJAULwDANBgkqhkiG9w0BAQsFAAOCAQEA KwpYvI7K+xNt4Y6oyCZnj7h6xD5bqWwZcOMuiXFRwVCiZIyscD/vnervABFquvBU T/6IeVvDyPyWTi1cWt3Jp2Xi2bStj/WYvSYtPoJIs+JpbTNTCW30LEDZmLfF/X6W y7WGCltMVhiEGVV2oJ5wHwK7HvIggxDDYbbp4WjsocL2NFOyaxsAWNUwOnYA9+ZD kvdGnEbP5BYUKvjck6I0TiNwfiCOrE9sBh207Ix45fNRVfVZ7mVR+w9KbGN5UqHw MNfE4x/xiY5RF7hArqxwADX03Lmj6O/eqE8Wda8scaHQePVLq4eIzivaK11cx14+ YR+/h3wCr0jM1AFISGL+Dw== -----END CERTIFICATE-----Generated at Mon Nov 25 13:01:53 2024 by rpki-client on console-fra.rpki-client.org