$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138837.roa File: AS138837.roa (raw, json) Hash identifier: H6/KZFCHm7o5WeG8dmtvgyfYCk4fp1rjNa5qxNuwAFw= Subject key identifier: E4:E4:64:EA:31:CD:FA:65:A3:AB:CB:67:72:18:B8:B4:D0:1A:C1:E2 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 096068D711B1F2C024F20D89E76389B71765E456 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138837.roa Signing time: Tue 09 Jan 2024 04:00:24 +0000 ROA not before: Tue 09 Jan 2024 03:55:24 +0000 ROA not after: Tue 07 Jan 2025 04:00:24 +0000 asID: 138837 IP address blocks: 103.137.140.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:60:68:d7:11:b1:f2:c0:24:f2:0d:89:e7:63:89:b7:17:65:e4:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:24 2024 GMT Not After : Jan 7 04:00:24 2025 GMT Subject: CN=E4E464EA31CDFA65A3ABCB677218B8B4D01AC1E2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:2b:79:16:28:21:ba:a5:d2:c1:17:9a:c3:d4: e1:43:91:a5:3a:48:7d:76:9a:0a:cb:db:a0:d7:54: f4:5a:9f:1c:19:3c:b7:d3:40:5d:74:96:dd:8b:39: de:9c:33:e4:cb:a9:aa:dc:30:77:ee:b4:b8:4d:dc: 8c:83:bf:a4:9d:6c:b8:0e:b7:6a:f2:25:9c:2d:b5: 36:6f:53:7b:ac:60:1f:0f:56:40:4e:28:dd:c4:d5: 8e:42:07:59:f9:64:79:33:d4:ce:26:da:b1:29:df: b5:aa:5a:51:9c:cf:28:c5:2e:45:b0:2f:8f:21:8a: df:0c:a3:ee:0b:df:bd:fb:b2:26:40:ef:98:79:4a: 71:f7:ea:4a:2b:c7:4b:b3:9d:c5:a3:32:b1:f8:d6: 51:b8:be:46:07:f0:02:a9:0c:d8:57:71:e0:76:fe: 5c:f8:75:72:51:ac:67:e5:ac:bd:44:90:ac:f6:e3: f8:c9:a1:6f:34:21:53:30:8e:93:c8:3a:01:95:db: 28:7a:85:6d:34:9c:6d:3a:a0:5f:81:57:f2:b7:35: bd:df:a8:13:50:2f:c3:eb:2f:5f:26:90:32:d6:4e: 54:24:ee:bb:fa:bc:68:49:d5:5e:39:e8:56:6a:e4: 67:42:5c:9b:fe:41:24:e3:4b:ba:c3:de:79:6f:ae: 7f:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:E4:64:EA:31:CD:FA:65:A3:AB:CB:67:72:18:B8:B4:D0:1A:C1:E2 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138837.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.137.140.0/23 Signature Algorithm: sha256WithRSAEncryption 36:f7:2b:1d:aa:b2:bd:09:64:5d:ee:05:b2:7f:50:96:8a:d9: 1f:19:3f:1b:a9:39:6b:fe:15:6d:35:0f:64:54:13:2e:be:dc: 6a:8f:f8:33:92:6f:76:a7:bf:d5:49:ca:f1:b9:58:b4:f0:55: ef:8d:60:98:ee:ae:fe:06:5b:70:b8:e6:4b:69:f2:98:04:69: 0f:fb:15:21:7d:0f:b0:8d:99:a3:8e:d2:df:07:75:00:52:68: 4f:75:50:03:7a:d7:d5:af:8f:c3:42:98:a0:7c:00:01:fd:0c: 0c:7b:f1:41:da:40:42:c3:84:ef:29:89:78:20:d7:46:5d:98: 54:9e:11:bd:23:40:7e:0f:a9:8b:2b:6c:91:68:77:3f:c3:e7: b9:d1:74:5d:5b:93:b6:a0:5b:93:b9:c1:ac:1e:2f:47:9b:be: 6f:69:63:06:91:45:9e:1b:c1:a3:24:55:95:f0:f1:9b:98:e9: 48:32:93:73:40:e8:9e:3e:f6:62:f3:09:bb:88:97:3f:74:48: 27:16:7c:ea:42:f2:fe:1c:8b:32:b3:ec:27:08:78:f0:91:9e: f1:e9:3b:cd:e7:3f:f0:da:97:59:f4:fd:7b:a7:98:ec:18:9b: 2f:3c:b7:a7:09:53:ac:cb:34:2e:d8:1f:49:a6:de:b6:a4:1b: 7a:eb:66:09 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUCWBo1xGx8sAk8g2J52OJtxdl5FYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUyNFoX DTI1MDEwNzA0MDAyNFowMzExMC8GA1UEAxMoRTRFNDY0RUEzMUNERkE2NUEzQUJD QjY3NzIxOEI4QjREMDFBQzFFMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKkreRYoIbql0sEXmsPU4UORpTpIfXaaCsvboNdU9FqfHBk8t9NAXXSW3Ys5 3pwz5Mupqtwwd+60uE3cjIO/pJ1suA63avIlnC21Nm9Te6xgHw9WQE4o3cTVjkIH WflkeTPUzibasSnftapaUZzPKMUuRbAvjyGK3wyj7gvfvfuyJkDvmHlKcffqSivH S7OdxaMysfjWUbi+RgfwAqkM2Fdx4Hb+XPh1clGsZ+WsvUSQrPbj+MmhbzQhUzCO k8g6AZXbKHqFbTScbTqgX4FX8rc1vd+oE1Avw+svXyaQMtZOVCTuu/q8aEnVXjno VmrkZ0Jcm/5BJONLusPeeW+uf20CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTk5GTq Mc36ZaOry2dyGLi00BrB4jAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzODgzNy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWeJjDANBgkqhkiG9w0BAQsFAAOCAQEANvcrHaqyvQlkXe4Fsn9Q lorZHxk/G6k5a/4VbTUPZFQTLr7cao/4M5Jvdqe/1UnK8blYtPBV741gmO6u/gZb cLjmS2nymARpD/sVIX0PsI2Zo47S3wd1AFJoT3VQA3rX1a+Pw0KYoHwAAf0MDHvx QdpAQsOE7ymJeCDXRl2YVJ4RvSNAfg+piytskWh3P8PnudF0XVuTtqBbk7nBrB4v R5u+b2ljBpFFnhvBoyRVlfDxm5jpSDKTc0Donj72YvMJu4iXP3RIJxZ86kLy/hyL MrPsJwh48JGe8ek7zec/8NqXWfT9e6eY7BibLzy3pwlTrMs0LtgfSabetqQbeutm CQ== -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:46 2024 by rpki-client on console-ams.rpki-client.org