$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138864.roa File: AS138864.roa (raw, json) Hash identifier: czi9LqSMZQqTTxsHWzk4vbfWfn5rkDZRzY4Ec6ov43o= Subject key identifier: 38:E8:A4:82:A9:8C:0B:C5:A9:5B:4C:A3:33:47:88:7D:29:89:6B:8D Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 6EEAB7B5326F178843E7DE078348B05CC4CAED26 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138864.roa Signing time: Tue 10 Dec 2024 05:00:05 +0000 ROA not before: Tue 10 Dec 2024 04:55:05 +0000 ROA not after: Tue 09 Dec 2025 05:00:05 +0000 asID: 138864 IP address blocks: 103.139.174.0/24 maxlen: 24 2407:74c0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:ea:b7:b5:32:6f:17:88:43:e7:de:07:83:48:b0:5c:c4:ca:ed:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Dec 10 04:55:05 2024 GMT Not After : Dec 9 05:00:05 2025 GMT Subject: CN=38E8A482A98C0BC5A95B4CA33347887D29896B8D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:01:6b:5f:f2:1b:8f:58:30:ef:46:5a:26:22: c5:b7:88:d5:49:70:2a:47:c9:bd:e2:21:5b:3e:c8: 20:3f:88:f2:5a:cd:58:11:d9:1b:d1:d9:41:c3:14: e3:aa:ba:82:75:7d:63:dc:a1:5f:33:83:ea:46:b6: 0a:83:0e:02:8a:ef:a1:26:f6:63:1d:30:ca:77:9c: 6b:32:d9:0c:2a:67:7d:99:a7:67:a1:a2:fe:9d:35: da:24:45:25:15:02:dc:4d:9f:32:cc:b9:c4:8d:cc: f9:e1:86:60:ca:08:7e:71:f7:a8:1c:c8:2d:0d:f1: 08:78:a9:4e:9c:72:99:df:64:c4:10:46:f9:45:16: 31:25:e9:53:27:e9:71:af:71:a7:b1:95:db:0a:11: 54:60:9a:b3:cf:a7:86:dd:df:7c:a1:5a:01:44:2c: 59:a2:ec:f8:5a:25:06:21:ae:58:b0:60:11:de:71: 69:a3:43:73:1a:2c:85:d4:35:45:fc:78:ff:85:2f: f6:51:d0:e0:40:8d:c1:e3:51:38:7b:a5:a8:ef:65: c5:a8:82:5e:b2:82:62:0f:8c:98:1f:83:79:02:63: 97:7b:da:cc:f5:fd:27:02:a7:73:7e:ce:0d:93:8d: de:a1:09:cf:7a:a8:5e:c9:e7:4f:2a:45:b2:1d:19: 25:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:E8:A4:82:A9:8C:0B:C5:A9:5B:4C:A3:33:47:88:7D:29:89:6B:8D X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138864.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.139.174.0/24 IPv6: 2407:74c0::/32 Signature Algorithm: sha256WithRSAEncryption 90:be:6c:4c:cf:54:32:77:0a:26:bc:4d:40:40:6c:be:cb:70: a7:0c:be:0b:5e:2f:1a:3f:dd:58:2b:43:7b:1b:f2:66:fc:ae: 75:11:86:9b:f7:0d:29:5d:01:a4:d4:c4:47:fe:77:12:32:46: 74:0d:4d:53:2d:47:19:a8:46:b4:89:3e:36:cf:99:04:3a:49: 1a:32:36:22:42:73:f3:e2:34:33:02:98:92:4e:d9:ae:d0:bb: c2:77:bb:1a:42:76:93:b7:32:24:47:62:5d:57:3c:b7:8b:57: 9c:7f:8a:79:8f:d5:fb:42:41:cb:bf:61:29:07:3f:4e:50:f7: 2d:46:0c:69:a9:2e:45:b5:04:57:25:d8:95:6c:69:25:cc:8c: 0f:3d:15:1f:e9:f9:23:38:e9:4c:f5:29:68:e8:34:3e:f9:b7: 3d:ac:41:b7:9c:c9:30:f0:ee:d6:cc:18:8f:f3:09:58:39:28: 3d:bc:22:91:1e:8f:21:72:34:57:42:8c:6c:72:33:43:51:3b: ec:47:ee:91:67:62:23:08:f9:2f:80:17:4d:f8:7f:c4:a0:aa: da:42:c1:4a:98:5e:0c:28:14:cb:e1:e4:b0:23:51:c6:ad:49: ed:05:d1:df:77:f5:cc:62:92:c2:d2:1a:88:58:76:85:45:6a: 3b:66:27:e1 -----BEGIN CERTIFICATE----- MIIE7DCCA9SgAwIBAgIUbuq3tTJvF4hD594Hg0iwXMTK7SYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIxMDA0NTUwNVoX DTI1MTIwOTA1MDAwNVowMzExMC8GA1UEAxMoMzhFOEE0ODJBOThDMEJDNUE5NUI0 Q0EzMzM0Nzg4N0QyOTg5NkI4RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOgBa1/yG49YMO9GWiYixbeI1UlwKkfJveIhWz7IID+I8lrNWBHZG9HZQcMU 46q6gnV9Y9yhXzOD6ka2CoMOAorvoSb2Yx0wynecazLZDCpnfZmnZ6Gi/p012iRF JRUC3E2fMsy5xI3M+eGGYMoIfnH3qBzILQ3xCHipTpxymd9kxBBG+UUWMSXpUyfp ca9xp7GV2woRVGCas8+nht3ffKFaAUQsWaLs+FolBiGuWLBgEd5xaaNDcxoshdQ1 Rfx4/4Uv9lHQ4ECNweNROHulqO9lxaiCXrKCYg+MmB+DeQJjl3vazPX9JwKnc37O DZON3qEJz3qoXsnnTypFsh0ZJRMCAwEAAaOCAd8wggHbMB0GA1UdDgQWBBQ46KSC qYwLxalbTKMzR4h9KYlrjTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzODg2NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0w DAQCAAEwBgMEAGeLrjANBAIAAjAHAwUAJAd0wDANBgkqhkiG9w0BAQsFAAOCAQEA kL5sTM9UMncKJrxNQEBsvstwpwy+C14vGj/dWCtDexvyZvyudRGGm/cNKV0BpNTE R/53EjJGdA1NUy1HGahGtIk+Ns+ZBDpJGjI2IkJz8+I0MwKYkk7ZrtC7wne7GkJ2 k7cyJEdiXVc8t4tXnH+KeY/V+0JBy79hKQc/TlD3LUYMaakuRbUEVyXYlWxpJcyM Dz0VH+n5IzjpTPUpaOg0Pvm3PaxBt5zJMPDu1swYj/MJWDkoPbwikR6PIXI0V0KM bHIzQ1E77EfukWdiIwj5L4AXTfh/xKCq2kLBSpheDCgUy+HksCNRxq1J7QXR33f1 zGKSwtIaiFh2hUVqO2Yn4Q== -----END CERTIFICATE-----Generated at Sat Apr 5 06:20:39 2025 by rpki-client