$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138865.roa File: AS138865.roa (raw, json) Hash identifier: Nj8xe41aD7m18Ok6Y8DyZYxMGFtqcibnVoeSghxAMao= Subject key identifier: 6C:79:A6:CE:42:9B:7A:22:D8:B5:C4:CD:79:48:53:0B:0F:AF:AA:5B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 6172200E72FCE44036B819A7626CFC9B276DC3C9 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138865.roa Signing time: Tue 09 Jan 2024 04:00:18 +0000 ROA not before: Tue 09 Jan 2024 03:55:18 +0000 ROA not after: Tue 07 Jan 2025 04:00:18 +0000 asID: 138865 IP address blocks: 103.139.244.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:72:20:0e:72:fc:e4:40:36:b8:19:a7:62:6c:fc:9b:27:6d:c3:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:18 2024 GMT Not After : Jan 7 04:00:18 2025 GMT Subject: CN=6C79A6CE429B7A22D8B5C4CD7948530B0FAFAA5B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:91:fc:cb:77:d5:e2:36:52:94:a6:40:6b:78: 3f:1c:e8:da:ee:00:bb:b2:4f:9b:03:93:0f:c9:55: e4:76:49:16:47:ad:66:9d:dd:ed:fd:3c:d2:43:60: a7:a5:78:23:2d:8d:97:f3:4d:5c:28:88:15:92:39: 66:88:64:dc:b9:ba:46:37:ee:b2:7c:17:f4:f1:64: c4:c3:1a:ab:f7:a6:d5:ea:60:f4:c8:c0:0f:a9:3e: 1d:38:3c:6a:ad:f0:26:3c:49:b8:41:7d:5c:b3:41: 1f:ee:04:f4:41:6d:1b:d6:d3:c4:11:72:35:7b:e8: 85:ca:51:79:4f:4b:ed:54:83:20:1f:ba:41:52:4a: a6:d7:79:9e:41:73:73:bc:d6:db:ae:0d:17:34:c6: 42:c8:7b:3e:3c:27:de:f4:8b:15:d2:0f:26:62:8f: 51:c2:b3:e3:49:53:1b:1a:34:d0:0d:15:d8:e8:93: 1f:25:b5:df:58:2a:8e:f1:a5:60:90:dc:c3:06:1b: 5c:af:a7:8e:5e:1a:fd:5f:00:e5:78:9a:db:10:3b: 4c:aa:91:d6:f4:ee:41:5f:91:d9:fd:82:19:e5:4a: 4a:9a:5c:83:fd:37:5b:05:a5:5e:9a:78:61:75:f4: 16:95:a7:7a:eb:d8:ec:9f:27:97:a9:27:4f:a2:29: f6:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:79:A6:CE:42:9B:7A:22:D8:B5:C4:CD:79:48:53:0B:0F:AF:AA:5B X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138865.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.139.244.0/23 Signature Algorithm: sha256WithRSAEncryption 43:c0:d6:64:2f:ba:cb:60:20:8f:7e:c2:c3:95:78:82:4b:f3: c1:c2:53:c3:87:21:0e:5b:70:28:2b:60:17:48:7d:97:72:20: f9:34:19:ce:89:d9:af:46:ec:a1:c9:63:ff:33:51:57:bd:85: 4a:7b:9a:d4:65:04:c0:f6:ad:6b:04:e9:4f:01:28:15:00:40: 6f:26:67:ac:c8:f5:75:77:de:9e:38:79:c1:f2:91:d1:3c:c8: 5a:28:92:46:d5:2e:48:e8:cb:f9:fb:62:7c:d0:9c:4f:2d:da: 2f:b3:08:c4:63:5a:13:93:72:f8:c4:7c:4a:56:e1:81:89:6f: ba:45:a1:9b:b9:c9:8f:10:f3:91:d1:42:45:2b:d9:66:10:74: 81:50:e1:b2:40:97:3c:96:50:31:1b:42:bd:5a:cc:83:c2:01: 7d:9f:fc:69:ef:e0:9b:5e:e9:38:fe:8b:fc:46:3f:e2:c3:ad: eb:6d:8d:8f:ac:5a:ab:14:58:2d:cc:56:71:d5:32:32:66:bb: 00:f0:95:37:20:91:58:e1:f4:ee:1d:00:e4:67:6d:65:de:37: 8d:b8:87:95:db:55:39:e3:bd:c1:63:ed:5e:09:ce:84:dd:a7: 5d:81:a7:b0:6c:95:1d:b0:4c:0a:49:27:c6:58:f9:3c:f3:4a: a2:48:e6:3b -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUYXIgDnL85EA2uBmnYmz8mydtw8kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUxOFoX DTI1MDEwNzA0MDAxOFowMzExMC8GA1UEAxMoNkM3OUE2Q0U0MjlCN0EyMkQ4QjVD NENENzk0ODUzMEIwRkFGQUE1QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALiR/Mt31eI2UpSmQGt4Pxzo2u4Au7JPmwOTD8lV5HZJFketZp3d7f080kNg p6V4Iy2Nl/NNXCiIFZI5Zohk3Lm6RjfusnwX9PFkxMMaq/em1epg9MjAD6k+HTg8 aq3wJjxJuEF9XLNBH+4E9EFtG9bTxBFyNXvohcpReU9L7VSDIB+6QVJKptd5nkFz c7zW264NFzTGQsh7Pjwn3vSLFdIPJmKPUcKz40lTGxo00A0V2OiTHyW131gqjvGl YJDcwwYbXK+njl4a/V8A5Xia2xA7TKqR1vTuQV+R2f2CGeVKSppcg/03WwWlXpp4 YXX0FpWneuvY7J8nl6knT6Ip9kUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRseabO Qpt6Iti1xM15SFMLD6+qWzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzODg2NS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWeL9DANBgkqhkiG9w0BAQsFAAOCAQEAQ8DWZC+6y2Agj37Cw5V4 gkvzwcJTw4chDltwKCtgF0h9l3Ig+TQZzonZr0bsoclj/zNRV72FSnua1GUEwPat awTpTwEoFQBAbyZnrMj1dXfenjh5wfKR0TzIWiiSRtUuSOjL+ftifNCcTy3aL7MI xGNaE5Ny+MR8SlbhgYlvukWhm7nJjxDzkdFCRSvZZhB0gVDhskCXPJZQMRtCvVrM g8IBfZ/8ae/gm17pOP6L/EY/4sOt622Nj6xaqxRYLcxWcdUyMma7APCVNyCRWOH0 7h0A5GdtZd43jbiHldtVOeO9wWPtXgnOhN2nXYGnsGyVHbBMCkknxlj5PPNKokjm Ow== -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:47 2024 by rpki-client on console-ams.rpki-client.org