$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138089.roa File: AS138089.roa (raw, json) Hash identifier: HcY6ZFR8u9pAipg0FIJKDrUkSdB+I/vLws8oEuIZVjI= Subject key identifier: 38:1B:BA:89:59:6F:57:11:BC:3E:97:B3:58:2D:C4:72:8D:DE:D1:FF Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 13C1759CB67F49FCC83B5736CDB6F4C25FEF9BE0 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138089.roa Signing time: Mon 21 Oct 2024 08:26:03 +0000 ROA not before: Mon 21 Oct 2024 08:21:03 +0000 ROA not after: Mon 20 Oct 2025 08:26:03 +0000 asID: 138089 IP address blocks: 103.158.13.0/24 maxlen: 24 113.192.48.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:c1:75:9c:b6:7f:49:fc:c8:3b:57:36:cd:b6:f4:c2:5f:ef:9b:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Oct 21 08:21:03 2024 GMT Not After : Oct 20 08:26:03 2025 GMT Subject: CN=381BBA89596F5711BC3E97B3582DC4728DDED1FF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:da:86:76:0a:d9:df:2f:f3:46:63:4a:a5:d6: 1e:66:a3:e4:08:7c:75:55:5d:d9:fa:76:be:1e:2c: eb:67:6c:ad:21:88:5e:dd:b2:52:9b:a8:89:53:2d: 22:86:87:90:cc:e8:8b:2f:78:d6:b4:d6:6f:7d:cb: b9:21:a6:df:c1:41:fd:df:65:11:8a:17:ac:d9:1a: f0:3d:fe:8a:cf:7f:a3:ed:aa:dd:ff:66:24:4a:4f: 82:73:a2:fe:03:5f:33:77:05:b5:37:52:02:a4:87: 4b:3e:5c:56:89:49:4e:1d:a7:34:c3:ca:7e:e7:dc: e8:35:8d:5b:b3:f5:1d:22:90:81:2e:b7:6e:10:6a: da:53:c8:29:f6:ce:20:f6:db:9f:ce:fb:38:8d:2f: 89:cc:1b:69:67:af:8a:d4:83:53:c7:60:a4:ca:3f: 3d:bf:d3:fc:3c:8c:9d:7c:2e:b9:61:7f:2d:f4:57: 30:57:95:50:5f:b3:85:5a:b8:61:09:e5:a7:bc:39: 40:c1:40:f7:c3:da:2b:cd:42:5b:e6:f1:3e:ef:42: 13:ad:a0:fc:e6:b9:f6:4e:5b:2e:ee:d5:dd:dc:83: 9c:f6:a1:8d:43:e4:a0:f6:c1:35:04:ec:99:ac:c2: ea:9a:a6:a1:5e:37:91:9a:53:d2:50:76:4e:2f:a4: e6:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:1B:BA:89:59:6F:57:11:BC:3E:97:B3:58:2D:C4:72:8D:DE:D1:FF X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138089.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.158.13.0/24 113.192.48.0/24 Signature Algorithm: sha256WithRSAEncryption 39:e3:e8:73:27:4a:4e:dc:e1:8e:1a:85:12:73:3a:c0:3c:ce: f9:f3:e1:69:de:f7:06:79:84:a3:b6:8f:1c:de:5e:53:7a:7a: 6f:d6:ec:63:85:f8:7b:c7:14:53:76:d9:18:dd:fa:68:55:9d: e1:5b:91:31:3c:8f:76:ca:d3:74:f3:9f:50:9c:60:4f:d1:30: ad:3b:ba:a9:29:2f:db:ce:4f:de:71:4e:97:45:99:2f:59:17: fc:98:86:27:13:b8:bf:62:10:3d:12:52:97:bc:2e:8c:df:55: c8:14:71:2d:ec:52:0f:40:ec:23:45:2e:0d:39:36:53:22:3a: 57:af:48:51:e3:ba:8f:ee:a1:5d:aa:17:68:79:54:dd:5f:f1: 56:9f:e3:9e:6d:c3:79:4b:e9:e1:a0:9c:72:17:fb:ca:86:bd: 47:94:9d:ec:84:1e:7d:e7:e0:31:39:1b:dd:77:09:3e:12:50: 30:a2:ac:27:6c:fa:26:fc:ac:a2:2c:64:37:29:25:91:9e:7c: 51:dd:69:fc:a4:15:f3:d7:89:80:60:bc:3f:ed:09:17:98:7b: ee:29:0c:ea:c3:cf:96:71:88:25:4f:ec:2c:1c:65:37:6b:12: c9:df:c1:82:9b:e7:47:92:dd:34:7a:52:32:bb:45:a0:69:c9: ca:c0:93:4d -----BEGIN CERTIFICATE----- MIIE4zCCA8ugAwIBAgIUE8F1nLZ/SfzIO1c2zbb0wl/vm+AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTAyMTA4MjEwM1oX DTI1MTAyMDA4MjYwM1owMzExMC8GA1UEAxMoMzgxQkJBODk1OTZGNTcxMUJDM0U5 N0IzNTgyREM0NzI4RERFRDFGRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO3ahnYK2d8v80ZjSqXWHmaj5Ah8dVVd2fp2vh4s62dsrSGIXt2yUpuoiVMt IoaHkMzoiy941rTWb33LuSGm38FB/d9lEYoXrNka8D3+is9/o+2q3f9mJEpPgnOi /gNfM3cFtTdSAqSHSz5cVolJTh2nNMPKfufc6DWNW7P1HSKQgS63bhBq2lPIKfbO IPbbn877OI0vicwbaWevitSDU8dgpMo/Pb/T/DyMnXwuuWF/LfRXMFeVUF+zhVq4 YQnlp7w5QMFA98PaK81CW+bxPu9CE62g/Oa59k5bLu7V3dyDnPahjUPkoPbBNQTs mazC6pqmoV43kZpT0lB2Ti+k5gMCAwEAAaOCAdYwggHSMB0GA1UdDgQWBBQ4G7qJ WW9XEbw+l7NYLcRyjd7R/zAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzODA4OS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQw EgQCAAEwDAMEAGeeDQMEAHHAMDANBgkqhkiG9w0BAQsFAAOCAQEAOePocydKTtzh jhqFEnM6wDzO+fPhad73BnmEo7aPHN5eU3p6b9bsY4X4e8cUU3bZGN36aFWd4VuR MTyPdsrTdPOfUJxgT9EwrTu6qSkv285P3nFOl0WZL1kX/JiGJxO4v2IQPRJSl7wu jN9VyBRxLexSD0DsI0UuDTk2UyI6V69IUeO6j+6hXaoXaHlU3V/xVp/jnm3DeUvp 4aCcchf7yoa9R5Sd7IQefefgMTkb3XcJPhJQMKKsJ2z6JvysoixkNyklkZ58Ud1p /KQV89eJgGC8P+0JF5h77ikM6sPPlnGIJU/sLBxlN2sSyd/BgpvnR5LdNHpSMrtF oGnJysCTTQ== -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:46 2024 by rpki-client on console-ams.rpki-client.org