$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138807.roa File: AS138807.roa (raw, json) Hash identifier: +KcAha2noh9fsbvamzKEDx+9p1LxsGizioe2+BnZTcI= Subject key identifier: A2:91:90:E7:20:70:36:EA:1E:7D:00:4C:B0:6E:C3:28:F0:F7:E8:E6 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4AFA8F70752796008F36CA930E28F79AE8374E76 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138807.roa Signing time: Wed 18 Dec 2024 08:00:00 +0000 ROA not before: Wed 18 Dec 2024 07:55:00 +0000 ROA not after: Wed 17 Dec 2025 08:00:00 +0000 asID: 138807 IP address blocks: 103.134.213.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:fa:8f:70:75:27:96:00:8f:36:ca:93:0e:28:f7:9a:e8:37:4e:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Dec 18 07:55:00 2024 GMT Not After : Dec 17 08:00:00 2025 GMT Subject: CN=A29190E7207036EA1E7D004CB06EC328F0F7E8E6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:9c:12:77:33:bf:53:67:32:2a:89:45:68:1a: 10:b3:62:a6:f5:65:d4:8c:a0:e3:40:4c:72:43:b7: c8:84:e2:40:98:88:1b:53:ba:1d:a6:3e:07:cd:ff: 49:28:51:ba:0c:55:37:bd:dd:a2:cc:9a:74:fc:25: a1:26:98:13:ba:0b:09:bf:c7:e1:c1:31:b1:1d:76: 00:10:4d:f7:4a:b5:6e:4f:87:ab:d8:56:d6:34:83: df:22:a2:dd:6a:b8:ab:ff:4c:20:5a:07:f6:15:1c: 93:82:4f:ae:10:82:19:4c:49:33:9a:b5:bd:26:c6: 1e:23:45:65:99:ce:f7:91:55:fc:1b:bf:b9:65:54: 08:7f:40:20:d7:91:29:94:fc:b8:46:c4:d7:54:21: bd:84:c6:89:26:cb:f1:b4:3e:b6:50:ee:fe:2d:2c: 6c:5c:cd:d8:59:6c:58:d5:ac:cb:1e:dc:5e:fb:0d: 0a:41:42:f2:ea:79:a2:19:9a:9b:b6:f7:79:aa:98: 90:bc:23:80:4c:0f:89:40:8c:ff:b9:18:1c:83:ce: cb:55:cd:c3:aa:f8:08:b6:82:45:ad:08:05:1a:f6: 5e:38:a4:bc:39:05:a9:68:8a:4d:34:15:9f:3d:2f: 54:d7:e5:f2:65:39:aa:2a:f5:95:2c:5c:32:2c:3d: 07:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:91:90:E7:20:70:36:EA:1E:7D:00:4C:B0:6E:C3:28:F0:F7:E8:E6 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138807.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.134.213.0/24 Signature Algorithm: sha256WithRSAEncryption 33:3b:f1:aa:88:0f:0d:ec:df:23:34:e7:42:12:73:9f:45:bf: 26:52:6e:8d:af:fb:5f:06:c3:9b:e3:ef:4c:e3:66:39:59:8d: d7:6d:7e:2a:18:eb:25:1b:1a:23:cd:23:ce:b4:9d:ab:09:e7: 43:74:69:e1:af:82:cb:8b:60:6e:b5:b8:fa:d5:2e:64:3b:a4: e5:57:36:f4:b4:42:18:e1:a7:d8:74:cc:86:da:76:b6:61:60: d9:d1:e9:80:be:cf:7d:ec:3c:5f:76:2e:00:be:ba:15:19:a3: 09:89:86:09:7a:d7:ef:d0:f7:20:97:9b:27:c5:5f:ea:6e:42: f7:5d:d8:07:64:4f:d4:25:0c:ed:ee:95:03:c4:9b:5f:c2:dc: 84:23:f4:08:64:39:a2:86:4d:7c:c1:c0:82:b9:50:47:fa:94: 05:79:64:97:8a:11:6e:c6:bf:d7:a0:2e:6e:c6:d6:09:63:51: 02:a8:3c:0d:d5:d6:ac:10:97:13:fe:79:8b:8d:14:e8:a7:bf: 65:99:1e:fe:90:80:d3:c0:5d:43:7b:9f:e6:b0:07:ca:a9:50: c1:a0:cb:b1:15:11:5c:da:12:13:66:58:31:e2:82:90:d4:fb: 02:4d:a6:43:87:3a:f8:86:e1:4f:b1:93:cd:37:ca:b0:ec:17: f8:69:61:16 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUSvqPcHUnlgCPNsqTDij3mug3TnYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIxODA3NTUwMFoX DTI1MTIxNzA4MDAwMFowMzExMC8GA1UEAxMoQTI5MTkwRTcyMDcwMzZFQTFFN0Qw MDRDQjA2RUMzMjhGMEY3RThFNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL6cEnczv1NnMiqJRWgaELNipvVl1Iyg40BMckO3yITiQJiIG1O6HaY+B83/ SShRugxVN73dosyadPwloSaYE7oLCb/H4cExsR12ABBN90q1bk+Hq9hW1jSD3yKi 3Wq4q/9MIFoH9hUck4JPrhCCGUxJM5q1vSbGHiNFZZnO95FV/Bu/uWVUCH9AINeR KZT8uEbE11QhvYTGiSbL8bQ+tlDu/i0sbFzN2FlsWNWsyx7cXvsNCkFC8up5ohma m7b3eaqYkLwjgEwPiUCM/7kYHIPOy1XNw6r4CLaCRa0IBRr2XjikvDkFqWiKTTQV nz0vVNfl8mU5qir1lSxcMiw9BxUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSikZDn IHA26h59AEywbsMo8Pfo5jAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzODgwNy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAGeG1TANBgkqhkiG9w0BAQsFAAOCAQEAMzvxqogPDezfIzTnQhJz n0W/JlJuja/7XwbDm+PvTONmOVmN121+KhjrJRsaI80jzrSdqwnnQ3Rp4a+Cy4tg brW4+tUuZDuk5Vc29LRCGOGn2HTMhtp2tmFg2dHpgL7Pfew8X3YuAL66FRmjCYmG CXrX79D3IJebJ8Vf6m5C913YB2RP1CUM7e6VA8SbX8LchCP0CGQ5ooZNfMHAgrlQ R/qUBXlkl4oRbsa/16AubsbWCWNRAqg8DdXWrBCXE/55i40U6Ke/ZZke/pCA08Bd Q3uf5rAHyqlQwaDLsRURXNoSE2ZYMeKCkNT7Ak2mQ4c6+IbhT7GTzTfKsOwX+Glh Fg== -----END CERTIFICATE-----Generated at Sat Apr 5 06:19:56 2025 by rpki-client