$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138894.roa File: AS138894.roa (raw, json) Hash identifier: Pk9oGhYlJSEgURagJNzKD+FOUAFIFJIe56NxBQhCbb8= Subject key identifier: 57:22:DC:00:F4:E3:95:30:6C:52:14:41:50:B3:DA:81:C1:C3:BD:D1 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 33D5E55CF01A4C0FA418852F495A297683CF2565 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138894.roa Signing time: Tue 10 Dec 2024 05:00:01 +0000 ROA not before: Tue 10 Dec 2024 04:55:01 +0000 ROA not after: Tue 09 Dec 2025 05:00:01 +0000 asID: 138894 IP address blocks: 103.141.40.0/23 maxlen: 24 2001:df0:ec80::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:d5:e5:5c:f0:1a:4c:0f:a4:18:85:2f:49:5a:29:76:83:cf:25:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Dec 10 04:55:01 2024 GMT Not After : Dec 9 05:00:01 2025 GMT Subject: CN=5722DC00F4E395306C52144150B3DA81C1C3BDD1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:e2:e2:c1:bb:b0:57:19:7e:20:46:e5:5c:32: ed:74:a6:ab:f9:d7:d7:83:ca:05:23:34:04:d0:d5: 69:db:fe:bd:82:45:76:0a:7c:78:a1:76:2f:b5:8a: 16:e4:57:0e:6d:a4:fc:99:b9:b1:af:85:76:e9:a5: 92:21:51:99:14:40:47:91:c0:8f:98:14:0e:7c:d3: 59:f6:13:97:09:20:48:e2:08:46:c3:d6:22:74:8f: 03:41:91:67:e8:fa:56:cc:40:4d:eb:66:64:a7:b2: ea:c8:d1:6c:ce:a1:d1:7b:a9:0b:84:39:ad:3b:71: af:fe:75:52:5c:64:70:5e:b6:0f:4c:51:7d:9c:3f: e9:3c:bc:8f:e2:f0:91:71:5d:6f:2b:59:6c:ff:d3: d6:36:71:19:1a:44:64:51:d2:cc:9c:ff:d3:52:06: 9c:4c:a3:e4:a0:ba:3c:3e:4b:ee:d2:87:33:65:03: e2:9e:8f:7c:b4:a8:90:e7:59:e7:a9:c4:aa:bd:ff: af:89:ed:10:aa:dc:ba:40:51:c7:7a:ee:0e:99:a3: f5:fc:a0:1b:72:a0:af:e8:e1:50:6c:87:3a:68:54: b6:f0:ed:92:59:0e:ae:50:8e:56:6e:2a:da:23:1c: 3a:e4:f0:d4:55:a3:63:a0:67:c3:bf:0e:bc:52:c8: 9f:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:22:DC:00:F4:E3:95:30:6C:52:14:41:50:B3:DA:81:C1:C3:BD:D1 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138894.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.141.40.0/23 IPv6: 2001:df0:ec80::/48 Signature Algorithm: sha256WithRSAEncryption 12:31:74:39:a3:80:7c:a2:73:88:66:bc:5b:5f:4e:4e:21:e9: a1:9b:a3:59:d0:96:25:0e:d3:27:1e:8f:44:e0:04:7d:d8:0f: d5:07:ba:b8:2f:41:12:30:d1:9b:bf:ed:db:0d:b8:5f:df:42: bd:ac:1e:39:0d:ab:0c:45:1b:b6:12:0b:0c:cb:99:d0:6d:56: de:42:f7:b5:92:57:0b:5b:09:0e:cb:a5:ad:98:5e:6f:f3:1a: 4d:62:91:b4:dd:3b:5f:0d:2e:f0:db:ec:5e:1d:13:62:25:33: 43:bb:12:af:a6:5b:08:69:93:a8:e2:da:fe:e1:6a:b9:5a:72: 9a:5d:38:c0:c3:03:a5:fb:03:49:a8:4c:d8:65:86:19:b8:04: d8:37:8e:15:7b:ea:96:df:0e:ed:ee:d7:48:7b:3e:70:e3:43: 04:21:80:0b:4d:24:ab:ed:7e:21:19:bd:5e:e3:b3:88:2b:bd: 00:8c:ae:cb:30:00:ba:97:0b:67:9f:9c:ca:c9:e8:61:f7:59: 62:4e:9d:7d:22:93:37:6d:2a:95:d1:8c:31:7a:04:11:d0:ef: a2:0f:fa:78:34:3c:e9:91:95:61:36:a9:7d:10:62:ee:e6:62: 55:58:df:d5:33:3f:83:97:d9:6b:0b:db:0d:b9:83:0a:f0:ef: 1e:64:5d:9a -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUM9XlXPAaTA+kGIUvSVopdoPPJWUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIxMDA0NTUwMVoX DTI1MTIwOTA1MDAwMVowMzExMC8GA1UEAxMoNTcyMkRDMDBGNEUzOTUzMDZDNTIx NDQxNTBCM0RBODFDMUMzQkREMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALTi4sG7sFcZfiBG5Vwy7XSmq/nX14PKBSM0BNDVadv+vYJFdgp8eKF2L7WK FuRXDm2k/Jm5sa+FdumlkiFRmRRAR5HAj5gUDnzTWfYTlwkgSOIIRsPWInSPA0GR Z+j6VsxATetmZKey6sjRbM6h0XupC4Q5rTtxr/51UlxkcF62D0xRfZw/6Ty8j+Lw kXFdbytZbP/T1jZxGRpEZFHSzJz/01IGnEyj5KC6PD5L7tKHM2UD4p6PfLSokOdZ 56nEqr3/r4ntEKrcukBRx3ruDpmj9fygG3Kgr+jhUGyHOmhUtvDtklkOrlCOVm4q 2iMcOuTw1FWjY6Bnw78OvFLIn58CAwEAAaOCAeEwggHdMB0GA1UdDgQWBBRXItwA 9OOVMGxSFEFQs9qBwcO90TAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzODg5NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAWeNKDAPBAIAAjAJAwcAIAEN8OyAMA0GCSqGSIb3DQEBCwUAA4IB AQASMXQ5o4B8onOIZrxbX05OIemhm6NZ0JYlDtMnHo9E4AR92A/VB7q4L0ESMNGb v+3bDbhf30K9rB45DasMRRu2EgsMy5nQbVbeQve1klcLWwkOy6WtmF5v8xpNYpG0 3TtfDS7w2+xeHRNiJTNDuxKvplsIaZOo4tr+4Wq5WnKaXTjAwwOl+wNJqEzYZYYZ uATYN44Ve+qW3w7t7tdIez5w40MEIYALTSSr7X4hGb1e47OIK70AjK7LMAC6lwtn n5zKyehh91liTp19IpM3bSqV0YwxegQR0O+iD/p4NDzpkZVhNql9EGLu5mJVWN/V Mz+Dl9lrC9sNuYMK8O8eZF2a -----END CERTIFICATE-----Generated at Sat Apr 5 06:20:33 2025 by rpki-client