$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139370.roa File: AS139370.roa (raw, json) Hash identifier: w9z5KkNT9a/v6qJaDHJdJIxxyRPfpMdM/j0WS2sH5as= Subject key identifier: 67:33:9D:E3:EE:F9:C5:4C:5D:06:D8:A7:69:91:75:6E:5F:74:0C:D1 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 6DDD7D14687B6E927FB486EA66DE7515C9EA655B Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139370.roa Signing time: Thu 01 Feb 2024 04:14:59 +0000 ROA not before: Thu 01 Feb 2024 04:09:59 +0000 ROA not after: Thu 30 Jan 2025 04:14:59 +0000 asID: 139370 IP address blocks: 103.142.94.0/23 maxlen: 24 103.157.144.0/23 maxlen: 24 2405:3040::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 03:34:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:dd:7d:14:68:7b:6e:92:7f:b4:86:ea:66:de:75:15:c9:ea:65:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Feb 1 04:09:59 2024 GMT Not After : Jan 30 04:14:59 2025 GMT Subject: CN=67339DE3EEF9C54C5D06D8A76991756E5F740CD1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:6a:b1:db:0c:e6:33:28:56:80:ca:02:40:f1: 5f:e4:06:c4:e7:46:e5:a7:8c:72:d6:c6:96:d4:b0: 02:85:74:2e:81:67:23:93:3e:51:56:8a:ae:9b:59: be:b7:42:74:0f:79:3a:b1:4d:20:5d:0e:c8:f7:7c: ee:b9:a3:0c:34:24:3d:27:98:03:12:8b:78:01:ab: 6f:4b:c1:d3:13:ee:62:25:8a:bf:13:3d:03:a8:dc: 2a:2c:42:b7:6a:98:e9:8b:ab:2f:98:31:8a:b6:4e: 02:e2:4c:49:56:9d:ad:17:d4:72:b8:62:39:f7:e9: 90:f6:66:a2:7e:60:29:5e:ea:a9:60:c2:10:45:33: 42:3b:ca:65:84:fa:73:64:d9:9b:b2:87:7c:1b:84: 60:fd:7f:36:2c:7c:38:4a:07:4b:c7:c0:33:cc:a0: 66:b4:92:f0:6e:61:b9:91:31:71:d7:ed:61:3a:f7: 1d:95:f1:e4:45:80:c9:14:66:b6:d2:bb:ae:ab:18: 99:4f:e2:46:4d:03:39:7e:b5:59:09:34:1f:e1:ea: e5:91:f3:ff:a6:74:2b:ed:2e:ad:74:12:ce:ca:3f: 7b:a1:da:18:fa:ce:dd:88:66:82:39:c6:04:6c:34: 92:7e:c7:b5:8b:43:f4:cd:dd:38:56:39:c1:ec:cc: 0d:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:33:9D:E3:EE:F9:C5:4C:5D:06:D8:A7:69:91:75:6E:5F:74:0C:D1 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139370.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.142.94.0/23 103.157.144.0/23 IPv6: 2405:3040::/32 Signature Algorithm: sha256WithRSAEncryption 76:f1:f1:ea:ad:fe:8f:ee:ee:b0:5e:d3:a3:e4:c2:27:82:17: ea:6a:06:56:19:dc:a1:a8:75:44:3d:46:82:c6:17:87:af:6e: b1:53:17:e1:80:02:57:c9:c2:19:23:b0:a3:cf:17:79:ef:25: 67:df:a3:24:0e:bc:60:3a:39:ba:f3:b7:86:99:65:38:3b:60: e3:00:79:f9:64:b4:d9:f6:cf:02:fa:38:5f:0f:38:3c:e2:0b: 95:ac:af:cb:7e:53:e8:b0:b8:2f:a0:fe:68:17:23:45:87:4c: 9b:b1:0b:44:b1:d0:f5:32:95:90:c1:62:a0:3e:98:fe:c6:f2: 91:0b:5d:98:59:82:c4:72:4c:e2:ad:55:bc:4f:f8:e9:af:5c: 62:f7:e0:87:27:2c:89:81:99:fe:40:21:8d:19:f1:a2:88:bb: 4e:10:5c:81:07:a5:4b:8d:af:2a:3e:2a:ba:f0:7d:9c:17:77: 5b:e2:95:7c:3d:b5:ea:3a:ff:5d:5a:41:b3:8f:24:4c:8d:d3: 70:b6:44:98:02:da:88:22:da:84:49:2a:1e:10:b9:73:05:dc: bc:bf:44:4f:5b:fa:f9:e0:8f:34:dc:5f:42:39:11:e3:9b:c8: 69:50:f1:83:b0:84:aa:20:1a:4e:40:dd:e9:97:02:96:29:7b: ca:41:65:26 -----BEGIN CERTIFICATE----- MIIE8jCCA9qgAwIBAgIUbd19FGh7bpJ/tIbqZt51FcnqZVswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDIwMTA0MDk1OVoX DTI1MDEzMDA0MTQ1OVowMzExMC8GA1UEAxMoNjczMzlERTNFRUY5QzU0QzVEMDZE OEE3Njk5MTc1NkU1Rjc0MENEMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANVqsdsM5jMoVoDKAkDxX+QGxOdG5aeMctbGltSwAoV0LoFnI5M+UVaKrptZ vrdCdA95OrFNIF0OyPd87rmjDDQkPSeYAxKLeAGrb0vB0xPuYiWKvxM9A6jcKixC t2qY6YurL5gxirZOAuJMSVadrRfUcrhiOffpkPZmon5gKV7qqWDCEEUzQjvKZYT6 c2TZm7KHfBuEYP1/Nix8OEoHS8fAM8ygZrSS8G5huZExcdftYTr3HZXx5EWAyRRm ttK7rqsYmU/iRk0DOX61WQk0H+Hq5ZHz/6Z0K+0urXQSzso/e6HaGPrO3YhmgjnG BGw0kn7HtYtD9M3dOFY5wezMDSUCAwEAAaOCAeUwggHhMB0GA1UdDgQWBBRnM53j 7vnFTF0G2KdpkXVuX3QM0TAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzOTM3MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMw EgQCAAEwDAMEAWeOXgMEAWedkDANBAIAAjAHAwUAJAUwQDANBgkqhkiG9w0BAQsF AAOCAQEAdvHx6q3+j+7usF7To+TCJ4IX6moGVhncoah1RD1GgsYXh69usVMX4YAC V8nCGSOwo88Xee8lZ9+jJA68YDo5uvO3hpllODtg4wB5+WS02fbPAvo4Xw84POIL layvy35T6LC4L6D+aBcjRYdMm7ELRLHQ9TKVkMFioD6Y/sbykQtdmFmCxHJM4q1V vE/46a9cYvfghycsiYGZ/kAhjRnxooi7ThBcgQelS42vKj4quvB9nBd3W+KVfD21 6jr/XVpBs48kTI3TcLZEmALaiCLahEkqHhC5cwXcvL9ET1v6+eCPNNxfQjkR45vI aVDxg7CEqiAaTkDd6ZcClil7ykFlJg== -----END CERTIFICATE-----Generated at Wed May 8 21:02:21 2024 by rpki-client on console-fra.rpki-client.org