$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138890.roa File: AS138890.roa (raw, json) Hash identifier: +csWnSk8uZYAw+YxJirMYVL6EeKjpax6AbYRaDOQIfU= Subject key identifier: CD:70:9F:FE:B6:E9:6E:E5:71:B1:CB:62:1E:01:E9:0F:5A:9F:B1:D2 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 295CB572C9F622B9E2278FCB58F6437A5E12850A Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138890.roa Signing time: Tue 10 Dec 2024 05:00:11 +0000 ROA not before: Tue 10 Dec 2024 04:55:11 +0000 ROA not after: Tue 09 Dec 2025 05:00:11 +0000 asID: 138890 IP address blocks: 103.141.148.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:5c:b5:72:c9:f6:22:b9:e2:27:8f:cb:58:f6:43:7a:5e:12:85:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Dec 10 04:55:11 2024 GMT Not After : Dec 9 05:00:11 2025 GMT Subject: CN=CD709FFEB6E96EE571B1CB621E01E90F5A9FB1D2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:8c:b6:08:ec:aa:78:c5:e2:0b:08:b8:a8:98: 87:e5:31:fc:89:20:c0:a6:6e:f5:52:f4:83:b9:c9: e2:b9:93:d2:20:99:58:b3:27:ab:e6:62:ff:24:ff: 93:0f:51:09:6d:08:47:78:27:0e:a8:8f:4b:07:b8: 58:45:ca:1e:4e:00:0e:15:30:3f:50:dc:22:d7:fe: c0:03:7e:2d:f6:9f:d1:2f:98:f3:14:ea:f0:3c:a9: 93:83:4b:64:7d:8c:6f:31:2f:dd:9e:2d:ca:31:53: 2e:db:22:6d:1e:fe:64:c8:cf:f8:79:aa:7c:54:d2: f5:c3:c7:f4:b6:66:e4:05:9d:e7:e7:fc:1f:b7:e2: 69:76:f3:7c:28:97:b2:73:42:15:ea:e9:15:76:af: f7:4a:0d:25:dc:23:ed:18:e0:34:16:e5:62:97:2e: 00:a6:b7:0b:43:1f:2a:4a:41:89:a7:58:e6:94:3a: 06:89:34:97:5b:19:3b:70:f7:f8:41:af:4c:e9:19: 56:4d:cb:34:52:80:bf:35:01:db:de:87:ee:e5:50: f4:75:98:56:87:6f:bb:75:c7:c5:6d:4c:d3:81:0b: 32:d7:01:f2:9c:a9:d7:c9:59:17:64:58:e3:a4:9f: b2:f3:b3:ef:81:06:da:bf:32:01:4b:2a:fd:31:f7: a9:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:70:9F:FE:B6:E9:6E:E5:71:B1:CB:62:1E:01:E9:0F:5A:9F:B1:D2 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138890.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.141.148.0/23 Signature Algorithm: sha256WithRSAEncryption 2f:69:e0:a2:38:c6:39:39:d5:63:46:af:db:23:3a:67:f3:eb: f8:58:fc:64:e2:ae:d8:13:0c:55:f7:c7:e6:d0:aa:fa:be:2f: df:80:bb:e4:73:4f:09:5f:9d:e4:d9:5c:4d:b7:22:dc:57:1b: 1e:e5:17:69:14:63:80:8d:43:87:98:83:3f:0d:33:65:5a:eb: 74:2c:df:ac:3e:ba:e9:ea:dd:3d:dc:27:c1:21:ac:f5:52:d9: 8a:2b:45:4c:22:7c:48:cc:c1:fb:a7:dd:b2:b7:46:18:2d:c5: 59:54:5d:dc:1b:51:5c:c0:bd:fd:18:b4:42:a9:10:dd:3d:9a: d7:a1:92:f3:46:e3:d0:9a:de:e6:05:17:52:bd:7b:bb:8f:ca: d9:ce:7e:22:ea:5b:3c:43:37:5f:33:3c:23:bf:14:53:2c:74: 20:87:f1:7b:a6:e1:80:d3:29:4b:c3:72:33:32:a0:f7:93:5c: 22:13:18:f3:07:55:96:1b:bf:c2:22:07:38:4e:3d:57:16:e2: 83:15:cc:af:94:a1:ce:44:2e:9c:1c:08:cb:ef:d6:b4:60:bd: 20:e0:22:4a:96:47:44:84:44:a6:9c:b0:f8:87:38:7a:50:5a: 31:3c:22:09:ee:75:3f:91:0c:8c:9e:dc:f4:46:9d:db:2e:61: 87:02:2d:68 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUKVy1csn2IrniJ4/LWPZDel4ShQowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIxMDA0NTUxMVoX DTI1MTIwOTA1MDAxMVowMzExMC8GA1UEAxMoQ0Q3MDlGRkVCNkU5NkVFNTcxQjFD QjYyMUUwMUU5MEY1QTlGQjFEMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALiMtgjsqnjF4gsIuKiYh+Ux/IkgwKZu9VL0g7nJ4rmT0iCZWLMnq+Zi/yT/ kw9RCW0IR3gnDqiPSwe4WEXKHk4ADhUwP1DcItf+wAN+Lfaf0S+Y8xTq8Dypk4NL ZH2MbzEv3Z4tyjFTLtsibR7+ZMjP+HmqfFTS9cPH9LZm5AWd5+f8H7fiaXbzfCiX snNCFerpFXav90oNJdwj7RjgNBblYpcuAKa3C0MfKkpBiadY5pQ6Bok0l1sZO3D3 +EGvTOkZVk3LNFKAvzUB296H7uVQ9HWYVodvu3XHxW1M04ELMtcB8pyp18lZF2RY 46SfsvOz74EG2r8yAUsq/TH3qQcCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTNcJ/+ tulu5XGxy2IeAekPWp+x0jAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzODg5MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWeNlDANBgkqhkiG9w0BAQsFAAOCAQEAL2ngojjGOTnVY0av2yM6 Z/Pr+Fj8ZOKu2BMMVffH5tCq+r4v34C75HNPCV+d5NlcTbci3FcbHuUXaRRjgI1D h5iDPw0zZVrrdCzfrD666erdPdwnwSGs9VLZiitFTCJ8SMzB+6fdsrdGGC3FWVRd 3BtRXMC9/Ri0QqkQ3T2a16GS80bj0Jre5gUXUr17u4/K2c5+IupbPEM3XzM8I78U Uyx0IIfxe6bhgNMpS8NyMzKg95NcIhMY8wdVlhu/wiIHOE49VxbigxXMr5ShzkQu nBwIy+/WtGC9IOAiSpZHRIREppyw+Ic4elBaMTwiCe51P5EMjJ7c9Ead2y5hhwIt aA== -----END CERTIFICATE-----Generated at Sat Apr 5 06:20:37 2025 by rpki-client