$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138804.roa File: AS138804.roa (raw, json) Hash identifier: jnhZlW5xmFM4gLkQzPFwlfX+P0jG8hV6zRI/2wn2+lA= Subject key identifier: 2C:E7:29:64:31:8A:45:3B:68:7F:A6:48:15:FE:9E:16:00:DC:70:C0 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 7405811762C130618E40968B45FC1DE7054EF64C Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138804.roa Signing time: Sun 09 Feb 2025 08:40:55 +0000 ROA not before: Sun 09 Feb 2025 08:35:55 +0000 ROA not after: Sun 08 Feb 2026 08:40:55 +0000 asID: 138804 IP address blocks: 163.61.87.0/24 maxlen: 24 2001:df4:5fc0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:05:81:17:62:c1:30:61:8e:40:96:8b:45:fc:1d:e7:05:4e:f6:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Feb 9 08:35:55 2025 GMT Not After : Feb 8 08:40:55 2026 GMT Subject: CN=2CE72964318A453B687FA64815FE9E1600DC70C0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:9f:60:a2:28:c1:e4:4d:31:78:ed:3d:b1:df: f9:89:17:f8:f6:fd:14:b2:cc:06:a5:fc:a4:60:e6: f7:16:26:29:db:e7:5c:a5:d9:75:5d:1d:1e:1b:c7: 26:98:3d:ca:49:dd:01:8b:a8:f9:c0:3c:d6:78:b9: 44:c6:95:95:88:d0:bc:67:38:95:bd:3d:b2:ca:39: 38:88:91:3b:56:ef:09:dd:03:e7:e9:59:e6:f8:19: 78:7f:cf:83:5a:c4:b9:62:28:24:87:91:a5:3d:93: a7:c0:1f:e6:89:24:09:29:96:90:04:e5:a4:85:ab: 47:25:3f:06:8c:b2:7b:8b:61:b9:28:7c:27:83:0d: 7d:ce:63:87:86:42:28:d5:01:f4:75:d5:13:90:5e: e1:c0:b2:b8:b9:6b:db:05:18:ef:9b:5f:47:dd:ef: 7b:f6:57:77:9f:69:43:65:84:d7:70:fa:00:7b:a7: 76:d3:61:f2:92:62:44:33:5e:b7:3c:75:fd:dc:6d: 0d:3e:2d:de:47:00:da:ab:ca:59:88:a0:f3:85:e8: fe:26:80:1c:8b:89:5e:b6:30:81:85:34:66:a0:08: 93:41:eb:ee:f8:3f:4f:a4:d2:9b:46:94:50:43:1c: 14:9d:97:06:c4:66:42:5c:c2:1c:42:45:e3:07:8e: 9f:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:E7:29:64:31:8A:45:3B:68:7F:A6:48:15:FE:9E:16:00:DC:70:C0 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138804.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.61.87.0/24 IPv6: 2001:df4:5fc0::/48 Signature Algorithm: sha256WithRSAEncryption 9b:39:1b:5f:bc:d4:eb:57:5a:2f:0f:fc:5a:4f:bb:6a:f4:94: d5:37:13:7c:b4:2a:27:fd:ef:2c:06:4f:8b:1e:db:59:59:90: eb:4a:5b:52:93:40:98:09:34:9a:e0:07:d4:e8:ef:c5:d5:86: 67:4a:5c:cf:9f:15:38:e0:50:a6:af:18:b7:3c:e3:4f:d6:a8: cf:3f:dc:30:a7:db:7f:75:c3:70:12:c7:30:1f:8d:05:a4:ce: dc:4a:7e:a2:3d:5a:b8:81:82:ba:9c:ab:a0:9f:3f:58:b4:b8: aa:71:4b:22:c9:64:18:3c:cb:39:95:78:10:01:36:89:e7:58: 35:ae:03:fb:24:2a:0d:9e:df:08:a5:51:08:17:60:35:52:cc: ca:e4:e0:f7:03:60:7b:3b:f7:64:0d:27:24:de:ff:36:be:f5: a2:de:e4:fe:25:de:26:47:6f:23:85:91:b2:c5:3d:99:08:b5: 2f:df:56:1e:e2:b2:3a:dc:52:b4:6d:a4:48:84:1a:02:86:f0: 5e:58:42:23:31:a2:9f:ba:7d:17:65:25:53:16:a5:98:07:1d: 7d:86:c6:4e:69:87:04:76:e7:26:7d:6d:16:61:9a:22:76:cb: 26:ab:08:76:c8:af:ab:de:e2:96:88:b5:43:f7:5f:09:1b:4e: bc:69:8e:01 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUdAWBF2LBMGGOQJaLRfwd5wVO9kwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDIwOTA4MzU1NVoX DTI2MDIwODA4NDA1NVowMzExMC8GA1UEAxMoMkNFNzI5NjQzMThBNDUzQjY4N0ZB NjQ4MTVGRTlFMTYwMERDNzBDMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANyfYKIoweRNMXjtPbHf+YkX+Pb9FLLMBqX8pGDm9xYmKdvnXKXZdV0dHhvH Jpg9ykndAYuo+cA81ni5RMaVlYjQvGc4lb09sso5OIiRO1bvCd0D5+lZ5vgZeH/P g1rEuWIoJIeRpT2Tp8Af5okkCSmWkATlpIWrRyU/Boyye4thuSh8J4MNfc5jh4ZC KNUB9HXVE5Be4cCyuLlr2wUY75tfR93ve/ZXd59pQ2WE13D6AHundtNh8pJiRDNe tzx1/dxtDT4t3kcA2qvKWYig84Xo/iaAHIuJXrYwgYU0ZqAIk0Hr7vg/T6TSm0aU UEMcFJ2XBsRmQlzCHEJF4weOn8MCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBQs5ylk MYpFO2h/pkgV/p4WANxwwDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzODgwNC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAKM9VzAPBAIAAjAJAwcAIAEN9F/AMA0GCSqGSIb3DQEBCwUAA4IB AQCbORtfvNTrV1ovD/xaT7tq9JTVNxN8tCon/e8sBk+LHttZWZDrSltSk0CYCTSa 4AfU6O/F1YZnSlzPnxU44FCmrxi3PONP1qjPP9wwp9t/dcNwEscwH40FpM7cSn6i PVq4gYK6nKugnz9YtLiqcUsiyWQYPMs5lXgQATaJ51g1rgP7JCoNnt8IpVEIF2A1 UszK5OD3A2B7O/dkDSck3v82vvWi3uT+Jd4mR28jhZGyxT2ZCLUv31Ye4rI63FK0 baRIhBoChvBeWEIjMaKfun0XZSVTFqWYBx19hsZOaYcEducmfW0WYZoidssmqwh2 yK+r3uKWiLVD918JG068aY4B -----END CERTIFICATE-----Generated at Sat Apr 5 06:26:45 2025 by rpki-client