$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138064.roa File: AS138064.roa (raw, json) Hash identifier: DZY89nVCHy18eoCjdjLY5O3z5oLOSB1xA2yhQdtNtr4= Subject key identifier: 4A:C9:8C:C6:F1:0D:20:4B:3C:F7:48:8F:63:5D:44:AA:C9:46:5E:0A Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2936EEDC55993D12BD4CFE73B3CB10BC72DDB8E6 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138064.roa Signing time: Tue 09 Jan 2024 04:00:05 +0000 ROA not before: Tue 09 Jan 2024 03:55:05 +0000 ROA not after: Tue 07 Jan 2025 04:00:05 +0000 asID: 138064 IP address blocks: 103.122.64.0/22 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Apr 2024 21:55:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:36:ee:dc:55:99:3d:12:bd:4c:fe:73:b3:cb:10:bc:72:dd:b8:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:05 2024 GMT Not After : Jan 7 04:00:05 2025 GMT Subject: CN=4AC98CC6F10D204B3CF7488F635D44AAC9465E0A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:48:ac:78:f9:a0:eb:35:b3:70:8d:e1:0f:2e: a9:1e:36:d8:e8:ab:5a:af:78:b2:3c:f4:3c:83:33: 1a:ef:ff:8a:71:93:57:01:05:46:d9:52:2b:66:57: 0b:0c:39:10:0f:bd:a0:0f:da:59:ff:c8:03:43:a0: ec:db:9e:04:4f:7f:5e:ce:68:af:f3:85:e6:0f:af: 71:97:7f:9e:3d:b7:65:ee:81:dd:97:96:e1:f8:e1: b8:b5:91:18:11:c0:6c:fb:46:ca:09:ab:58:19:fb: 1d:7a:89:2d:e2:a7:87:a9:97:ad:56:8a:bc:5a:da: 05:fe:46:11:d6:f3:b2:0c:69:f6:a0:9e:c1:10:24: 32:61:af:34:bf:aa:0b:e5:f5:c8:2c:0f:82:3e:da: b1:c6:2e:58:bc:35:08:7d:c2:20:fc:19:27:ce:bb: 72:48:f7:42:54:17:49:5c:c0:36:28:f6:04:e4:05: 6f:78:9d:47:a4:0e:4e:5c:d0:19:2a:a7:29:75:35: 78:62:44:c5:c5:95:fe:93:87:0a:4a:96:c1:f8:56: d5:0c:b2:d0:7a:a9:96:8d:b4:bc:ef:0e:92:88:de: 8d:d1:66:17:ab:2e:6c:e2:46:99:e8:bd:b4:2b:b3: eb:d2:4f:41:4d:c2:5c:3b:32:36:bc:12:bb:ca:91: 5d:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:C9:8C:C6:F1:0D:20:4B:3C:F7:48:8F:63:5D:44:AA:C9:46:5E:0A X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138064.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.122.64.0/22 Signature Algorithm: sha256WithRSAEncryption 64:e9:f3:89:15:47:3a:d9:7c:d2:ab:02:24:fb:3e:c3:8f:b4: f8:47:35:6a:12:00:45:c5:03:e1:e7:cf:82:1d:25:6b:48:21: ff:3e:6a:ab:a7:d2:31:e4:21:c5:8b:ad:35:55:5c:e2:8d:4d: 2e:d9:24:9b:3d:79:fe:ba:20:70:b8:50:b4:b1:6f:43:87:f5: 8b:e7:75:5d:4a:e6:6a:0a:d2:9b:52:3b:bc:a4:5f:58:01:71: 35:24:12:a2:f9:79:2d:d8:c6:ce:81:70:3b:60:bd:53:b5:2d: 27:b5:3b:c6:55:d1:75:4b:b2:f8:29:48:91:e6:bf:65:ca:1c: cf:aa:e5:15:26:70:e7:18:f1:ba:41:6a:91:b0:3c:2c:49:97: ef:30:ae:28:3b:22:b7:a2:4d:e6:98:3c:0f:97:37:48:fd:b0: b0:e3:c0:f4:ea:24:23:74:5f:a5:3c:83:e8:eb:6e:d6:bd:e5: bf:a8:1d:b8:86:a3:97:c3:2b:17:f0:d4:e7:a9:2b:ea:96:55: 6c:62:d8:c8:1f:d8:c7:e2:cd:cb:70:bf:84:2a:33:28:cc:7d: cd:de:08:2e:bf:66:b9:b5:c6:67:44:63:39:a3:3b:7a:3f:34: b3:7e:d6:c1:e1:21:89:30:0f:ba:b4:57:bf:5c:ee:85:9e:e8: bf:82:b4:5c -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUKTbu3FWZPRK9TP5zs8sQvHLduOYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUwNVoX DTI1MDEwNzA0MDAwNVowMzExMC8GA1UEAxMoNEFDOThDQzZGMTBEMjA0QjNDRjc0 ODhGNjM1RDQ0QUFDOTQ2NUUwQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALFIrHj5oOs1s3CN4Q8uqR422OirWq94sjz0PIMzGu//inGTVwEFRtlSK2ZX Cww5EA+9oA/aWf/IA0Og7NueBE9/Xs5or/OF5g+vcZd/nj23Ze6B3ZeW4fjhuLWR GBHAbPtGygmrWBn7HXqJLeKnh6mXrVaKvFraBf5GEdbzsgxp9qCewRAkMmGvNL+q C+X1yCwPgj7ascYuWLw1CH3CIPwZJ867ckj3QlQXSVzANij2BOQFb3idR6QOTlzQ GSqnKXU1eGJExcWV/pOHCkqWwfhW1Qyy0Hqplo20vO8OkojejdFmF6subOJGmei9 tCuz69JPQU3CXDsyNrwSu8qRXe8CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRKyYzG 8Q0gSzz3SI9jXUSqyUZeCjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzODA2NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAmd6QDANBgkqhkiG9w0BAQsFAAOCAQEAZOnziRVHOtl80qsCJPs+ w4+0+Ec1ahIARcUD4efPgh0la0gh/z5qq6fSMeQhxYutNVVc4o1NLtkkmz15/rog cLhQtLFvQ4f1i+d1XUrmagrSm1I7vKRfWAFxNSQSovl5LdjGzoFwO2C9U7UtJ7U7 xlXRdUuy+ClIkea/Zcocz6rlFSZw5xjxukFqkbA8LEmX7zCuKDsit6JN5pg8D5c3 SP2wsOPA9OokI3RfpTyD6Otu1r3lv6gduIajl8MrF/DU56kr6pZVbGLYyB/Yx+LN y3C/hCozKMx9zd4ILr9mubXGZ0RjOaM7ej80s37WweEhiTAPurRXv1zuhZ7ov4K0 XA== -----END CERTIFICATE-----Generated at Sat Apr 27 21:40:19 2024 by rpki-client on console-ams.rpki-client.org