$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138871.roa File: AS138871.roa (raw, json) Hash identifier: XlAZrv17rkCY8mmIzPxML4hDZ1uuzyHsYwHMvdYtX5w= Subject key identifier: 0B:6A:69:C9:17:A5:6E:06:0F:60:11:3F:92:48:8A:B8:E6:44:66:E0 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 60C02E8F8D82555A6B8E8593E9132908317FF3FF Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138871.roa Signing time: Tue 09 Jan 2024 04:00:08 +0000 ROA not before: Tue 09 Jan 2024 03:55:08 +0000 ROA not after: Tue 07 Jan 2025 04:00:08 +0000 asID: 138871 IP address blocks: 103.135.224.0/22 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 03:34:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:c0:2e:8f:8d:82:55:5a:6b:8e:85:93:e9:13:29:08:31:7f:f3:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:08 2024 GMT Not After : Jan 7 04:00:08 2025 GMT Subject: CN=0B6A69C917A56E060F60113F92488AB8E64466E0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:90:b2:5c:e6:11:12:81:05:f1:cb:d4:cd:df: 17:74:a0:ff:15:06:c5:d2:2c:75:0b:c9:10:e9:82: 2f:41:ad:e9:89:8b:02:a6:b2:67:c4:a6:dd:e8:f4: c1:1f:13:4b:05:0e:bc:ed:3c:1a:89:30:63:2b:5e: 6c:c1:ae:b3:25:9e:98:53:29:d4:8e:83:47:1f:79: 83:b0:99:b0:7f:33:fa:27:65:44:ee:8b:c2:9d:a7: 9a:f8:89:9a:af:43:d4:87:0e:b5:76:18:c7:57:bd: 26:5b:47:01:e2:b1:bc:ad:98:3a:4e:89:b2:45:a3: cd:b0:1f:32:4d:00:f2:f2:69:ba:78:1f:fa:ca:74: 37:d2:ce:0d:fb:29:eb:80:6b:7c:3d:09:52:f4:67: 85:3d:74:f2:31:10:96:63:3f:ba:d4:a1:41:4e:65: e5:36:9d:ca:7c:e4:0c:cf:5c:fd:0b:f3:42:37:62: 6e:01:79:61:b6:78:3c:cc:1e:6b:c4:ad:d4:d7:ef: 32:88:d2:d8:78:cc:e7:b4:b5:83:95:f1:9c:70:9e: 0e:7f:46:0c:00:20:0d:4b:b9:fe:86:96:cc:2e:8a: 8c:3d:f4:f6:8c:e0:3c:2b:a9:dd:60:c3:e7:a7:a4: ab:7e:eb:2e:86:fc:06:70:83:04:f7:87:da:18:38: 6b:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:6A:69:C9:17:A5:6E:06:0F:60:11:3F:92:48:8A:B8:E6:44:66:E0 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138871.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.135.224.0/22 Signature Algorithm: sha256WithRSAEncryption 7f:c9:8c:dc:58:de:d5:e0:b3:5d:7e:03:17:b7:dd:1b:a0:17: b5:06:be:18:bf:c7:91:08:73:40:c0:46:38:f0:c0:77:2a:c8: 93:02:a1:80:81:55:2c:6c:dc:ae:65:7b:b5:c9:26:82:a8:f5: dd:36:50:15:e8:a7:a1:be:ed:9d:1e:a5:91:f1:ed:9d:3f:79: 65:9f:54:99:1d:7f:51:f5:8d:4a:47:46:97:37:00:36:3d:7d: 6d:7a:e7:c8:e5:46:68:0e:93:dc:35:f9:26:31:bf:15:f9:2e: 64:c0:20:2d:0b:0c:90:b2:97:13:5e:85:a6:d7:7c:95:f7:14: 50:bf:4b:58:51:e0:ca:89:67:3d:e9:88:ff:06:d4:32:28:e0: 0c:64:b8:d3:11:c4:27:db:b8:60:63:2e:91:e4:55:f3:8e:43: d0:94:36:41:49:dd:1b:90:d1:54:d1:44:ff:7d:f2:f8:47:75: 25:6c:e6:f7:41:bb:7a:57:1b:df:f0:5e:d9:eb:fc:eb:f8:0b: 0e:d1:89:fa:b9:fa:2a:17:80:f1:8e:c3:38:79:03:e9:dc:ed: 2b:dc:68:f7:ee:a9:3e:5f:34:10:59:49:8b:aa:7e:f4:70:97: e5:cf:e0:70:8a:9a:bf:10:6e:87:ba:0d:3c:73:6a:a9:8d:ee: 9d:45:ce:be -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUYMAuj42CVVprjoWT6RMpCDF/8/8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUwOFoX DTI1MDEwNzA0MDAwOFowMzExMC8GA1UEAxMoMEI2QTY5QzkxN0E1NkUwNjBGNjAx MTNGOTI0ODhBQjhFNjQ0NjZFMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMWQslzmERKBBfHL1M3fF3Sg/xUGxdIsdQvJEOmCL0Gt6YmLAqayZ8Sm3ej0 wR8TSwUOvO08GokwYytebMGusyWemFMp1I6DRx95g7CZsH8z+idlRO6Lwp2nmviJ mq9D1IcOtXYYx1e9JltHAeKxvK2YOk6JskWjzbAfMk0A8vJpungf+sp0N9LODfsp 64BrfD0JUvRnhT108jEQlmM/utShQU5l5TadynzkDM9c/QvzQjdibgF5YbZ4PMwe a8St1NfvMojS2HjM57S1g5XxnHCeDn9GDAAgDUu5/oaWzC6KjD309ozgPCup3WDD 56ekq37rLob8BnCDBPeH2hg4a00CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQLamnJ F6VuBg9gET+SSIq45kRm4DAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzODg3MS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAmeH4DANBgkqhkiG9w0BAQsFAAOCAQEAf8mM3Fje1eCzXX4DF7fd G6AXtQa+GL/HkQhzQMBGOPDAdyrIkwKhgIFVLGzcrmV7tckmgqj13TZQFeinob7t nR6lkfHtnT95ZZ9UmR1/UfWNSkdGlzcANj19bXrnyOVGaA6T3DX5JjG/FfkuZMAg LQsMkLKXE16Fptd8lfcUUL9LWFHgyolnPemI/wbUMijgDGS40xHEJ9u4YGMukeRV 845D0JQ2QUndG5DRVNFE/33y+Ed1JWzm90G7elcb3/Be2ev86/gLDtGJ+rn6KheA 8Y7DOHkD6dztK9xo9+6pPl80EFlJi6p+9HCX5c/gcIqavxBuh7oNPHNqqY3unUXO vg== -----END CERTIFICATE-----Generated at Wed May 8 22:46:42 2024 by rpki-client on console-ams.rpki-client.org