$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138866.roa File: AS138866.roa (raw, json) Hash identifier: n2IDz3GBXBxnYhCv2JZokckoul14xzlYg4jZsrrb8gs= Subject key identifier: C8:2B:27:82:01:97:B6:CB:DA:EE:44:A2:4D:A7:25:51:5E:1E:53:6C Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5069FBCCF44DED402AADF6966A69B397769DE825 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138866.roa Signing time: Tue 09 Jan 2024 04:00:13 +0000 ROA not before: Tue 09 Jan 2024 03:55:13 +0000 ROA not after: Tue 07 Jan 2025 04:00:13 +0000 asID: 138866 IP address blocks: 103.140.130.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 03:25:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:69:fb:cc:f4:4d:ed:40:2a:ad:f6:96:6a:69:b3:97:76:9d:e8:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:13 2024 GMT Not After : Jan 7 04:00:13 2025 GMT Subject: CN=C82B27820197B6CBDAEE44A24DA725515E1E536C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:28:86:7b:15:6c:04:5b:ca:c1:87:bd:31:c8: 82:63:0a:db:a3:82:28:02:49:9f:1c:59:d3:f0:37: e7:c6:bf:ae:f1:ad:80:d4:c2:81:a9:81:e7:f3:bb: 73:0c:7d:b6:fd:bc:5d:34:55:92:97:26:f7:bf:3b: 8e:29:81:23:d4:ba:02:6f:e1:94:29:ae:05:64:e1: 52:cd:7f:ea:33:c6:a4:76:5e:7f:8a:f7:0b:7c:ee: c0:94:d6:bd:1b:cd:80:3d:6e:7e:55:5c:3c:1a:da: 45:c6:77:6e:90:59:f7:70:13:19:c2:6c:0d:e2:c9: fc:cc:13:bb:8c:03:9d:30:80:e0:39:8a:9e:40:21: 0b:63:9d:cc:a0:6d:dc:ae:38:42:47:d6:3b:dd:ac: 52:4f:24:d5:e9:76:6a:b2:25:f7:27:7e:1a:b7:33: f6:1e:37:23:d8:8e:ce:42:7a:a8:d6:6a:17:c8:85: 5e:77:95:bf:18:31:07:20:ca:35:c2:cb:5d:ac:2e: a7:d5:97:5b:ff:e8:dd:d2:ba:d8:c5:4b:ac:39:ec: 5a:62:16:e2:39:a7:7b:41:15:9d:6f:26:3c:0a:5f: 04:87:7a:62:6d:07:50:c6:f6:bb:cc:45:e1:1e:13: f8:02:ad:68:de:a1:cf:bc:62:95:ce:d2:01:e8:29: 05:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:2B:27:82:01:97:B6:CB:DA:EE:44:A2:4D:A7:25:51:5E:1E:53:6C X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138866.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.140.130.0/23 Signature Algorithm: sha256WithRSAEncryption 4c:a7:f6:1a:2c:c1:93:b1:83:51:e2:6f:e9:21:0e:95:98:c4: 86:68:41:b9:67:1b:b3:c0:39:01:78:6b:b5:2f:75:67:23:46: 99:9a:9f:fe:9a:d0:af:8a:0e:f3:18:9e:86:b3:6c:0c:26:8b: c9:0a:b6:56:29:d6:a4:13:44:28:c9:9c:2d:cb:cc:ca:bd:2a: 2d:30:07:a6:a6:6f:ff:88:37:6d:cb:46:c6:c1:ff:a2:b5:13: 28:a7:d2:83:03:28:37:cb:df:f8:c2:18:21:8d:f6:68:9f:e2: 8d:fb:4c:7d:b8:a8:d9:57:59:67:d9:ab:d7:d8:c7:3a:99:16: b3:38:09:c5:50:02:df:b6:65:7c:12:32:90:c0:d2:16:3a:9d: 75:60:60:6a:30:b1:79:bf:27:09:e4:5e:a1:4a:6d:2a:52:94: 9e:32:a2:5f:8f:f5:22:6f:3c:19:e3:2d:5d:4e:6d:28:3c:a5: 46:3f:7f:ca:7c:52:53:29:ab:48:52:8f:d2:38:f5:4c:23:30: c5:d3:08:ab:fa:56:e6:c5:e6:0e:ff:84:51:0d:70:58:f3:6c: 1f:d2:18:39:53:6e:dd:56:21:e4:8f:37:01:c9:4f:b3:d9:ab: 5a:9d:e0:d4:40:eb:58:1f:c6:0f:b3:ab:e2:8d:a2:01:84:1c: 29:b0:54:f1 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUUGn7zPRN7UAqrfaWammzl3ad6CUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUxM1oX DTI1MDEwNzA0MDAxM1owMzExMC8GA1UEAxMoQzgyQjI3ODIwMTk3QjZDQkRBRUU0 NEEyNERBNzI1NTE1RTFFNTM2QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMUohnsVbARbysGHvTHIgmMK26OCKAJJnxxZ0/A358a/rvGtgNTCgamB5/O7 cwx9tv28XTRVkpcm9787jimBI9S6Am/hlCmuBWThUs1/6jPGpHZef4r3C3zuwJTW vRvNgD1uflVcPBraRcZ3bpBZ93ATGcJsDeLJ/MwTu4wDnTCA4DmKnkAhC2OdzKBt 3K44QkfWO92sUk8k1el2arIl9yd+Grcz9h43I9iOzkJ6qNZqF8iFXneVvxgxByDK NcLLXawup9WXW//o3dK62MVLrDnsWmIW4jmne0EVnW8mPApfBId6Ym0HUMb2u8xF 4R4T+AKtaN6hz7xilc7SAegpBdUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTIKyeC AZe2y9ruRKJNpyVRXh5TbDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzODg2Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWeMgjANBgkqhkiG9w0BAQsFAAOCAQEATKf2GizBk7GDUeJv6SEO lZjEhmhBuWcbs8A5AXhrtS91ZyNGmZqf/prQr4oO8xiehrNsDCaLyQq2VinWpBNE KMmcLcvMyr0qLTAHpqZv/4g3bctGxsH/orUTKKfSgwMoN8vf+MIYIY32aJ/ijftM fbio2VdZZ9mr19jHOpkWszgJxVAC37ZlfBIykMDSFjqddWBgajCxeb8nCeReoUpt KlKUnjKiX4/1Im88GeMtXU5tKDylRj9/ynxSUymrSFKP0jj1TCMwxdMIq/pW5sXm Dv+EUQ1wWPNsH9IYOVNu3VYh5I83AclPs9mrWp3g1EDrWB/GD7Or4o2iAYQcKbBU 8Q== -----END CERTIFICATE-----Generated at Fri May 3 03:08:30 2024 by rpki-client on console-ams.rpki-client.org