$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139370.roa File: AS139370.roa (raw, json) Hash identifier: vqgRE/ZSwQ7geiAWiACyBc5tipvCnUJmZWT0PbTKSCc= Subject key identifier: 51:10:08:2A:37:8D:59:01:E7:F3:18:EB:CC:D2:0C:28:36:C2:86:52 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 7D019DBA757D0269F737F7C9297BA7F694432F79 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139370.roa Signing time: Thu 02 Jan 2025 05:00:00 +0000 ROA not before: Thu 02 Jan 2025 04:55:00 +0000 ROA not after: Thu 01 Jan 2026 05:00:00 +0000 asID: 139370 IP address blocks: 103.142.94.0/23 maxlen: 24 103.157.144.0/23 maxlen: 24 2405:3040::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:01:9d:ba:75:7d:02:69:f7:37:f7:c9:29:7b:a7:f6:94:43:2f:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Jan 2 04:55:00 2025 GMT Not After : Jan 1 05:00:00 2026 GMT Subject: CN=5110082A378D5901E7F318EBCCD20C2836C28652 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:c8:60:a6:ff:70:d7:eb:54:86:ba:8a:11:d5: d0:c3:9c:11:89:87:f3:6f:93:e6:ad:8e:6d:80:11: d3:25:0c:04:f7:8e:31:ff:2a:8b:e8:2d:b3:9c:67: 2b:72:10:cb:09:58:a3:92:e3:1a:a6:4e:00:3e:37: 65:73:b4:53:1a:95:c1:ed:68:bf:ef:07:79:f0:f0: d0:32:f9:6d:5a:28:ab:c0:15:81:aa:74:3c:37:5a: cf:04:dd:af:b1:53:20:10:1a:4a:5b:bb:5a:6b:b6: d5:06:54:ff:4a:cf:07:c5:a9:85:b6:99:f8:8b:f0: 77:50:73:b5:fe:bc:1f:c5:09:cc:e0:a8:84:bf:75: 8a:04:84:74:48:67:c5:5c:d3:39:73:60:fa:6f:e1: fb:ae:70:5b:fb:d8:fb:85:1d:5d:67:c1:93:73:71: 72:c4:3f:bc:a5:f1:d6:96:d2:29:1f:7a:a2:98:66: fc:fa:e3:fe:ec:6c:39:1e:79:65:76:c8:7e:79:81: a2:3f:6d:86:6f:38:34:7c:e4:1e:70:10:b0:9f:60: 26:96:f5:8c:33:70:8b:79:a6:72:b0:8c:4c:ad:1c: 92:ea:76:00:24:55:7a:f0:56:f3:c5:44:82:96:dc: d0:16:53:32:bc:ee:86:62:1d:e2:35:86:40:e0:be: 5f:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:10:08:2A:37:8D:59:01:E7:F3:18:EB:CC:D2:0C:28:36:C2:86:52 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139370.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.142.94.0/23 103.157.144.0/23 IPv6: 2405:3040::/32 Signature Algorithm: sha256WithRSAEncryption 20:01:f7:e1:ac:b2:5d:c3:3f:55:2c:91:cd:22:36:0a:df:bf: 8c:f1:eb:08:ab:d5:44:0c:c8:ac:47:af:d0:6a:20:c6:2c:1a: b7:57:c8:e3:ce:5f:d4:21:10:97:2c:42:d8:26:28:30:67:6d: fc:a8:ce:08:a0:49:b4:41:a5:9c:c5:a4:46:b4:f1:6f:4f:0e: 6f:62:eb:aa:10:69:7e:5a:bb:ec:5b:f8:ab:b5:d9:c9:4b:82: 6e:d6:ac:9d:6b:33:2b:bd:c0:f9:b6:ca:11:50:8c:e3:26:30: 76:81:02:25:0d:a8:99:dc:40:4e:37:82:ba:92:78:56:a3:7e: 87:a8:83:f6:13:0e:fc:a6:23:9d:ee:05:66:a7:8d:a1:a0:7c: 5c:29:6c:bf:4b:81:0a:4d:d5:1f:5e:d7:f1:74:28:2d:e8:90: c8:5d:ea:f8:93:f8:74:89:29:8c:5b:4c:83:6f:5e:9c:6a:db: 07:03:76:1d:fb:c1:df:ea:85:c9:d3:f7:0b:95:fc:9e:61:3e: c8:cd:19:de:e7:36:17:8e:60:d1:fc:09:6c:3e:ee:46:54:95: a9:70:b9:4e:2a:56:92:fe:2f:62:58:6b:14:eb:8d:f1:0f:79: f6:30:7b:21:6b:f0:1c:04:75:eb:ef:e6:62:31:c2:dd:6e:44: c4:68:96:50 -----BEGIN CERTIFICATE----- MIIE8jCCA9qgAwIBAgIUfQGdunV9Amn3N/fJKXun9pRDL3kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDEwMjA0NTUwMFoX DTI2MDEwMTA1MDAwMFowMzExMC8GA1UEAxMoNTExMDA4MkEzNzhENTkwMUU3RjMx OEVCQ0NEMjBDMjgzNkMyODY1MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANLIYKb/cNfrVIa6ihHV0MOcEYmH82+T5q2ObYAR0yUMBPeOMf8qi+gts5xn K3IQywlYo5LjGqZOAD43ZXO0UxqVwe1ov+8HefDw0DL5bVooq8AVgap0PDdazwTd r7FTIBAaSlu7Wmu21QZU/0rPB8WphbaZ+Ivwd1Bztf68H8UJzOCohL91igSEdEhn xVzTOXNg+m/h+65wW/vY+4UdXWfBk3NxcsQ/vKXx1pbSKR96ophm/Prj/uxsOR55 ZXbIfnmBoj9thm84NHzkHnAQsJ9gJpb1jDNwi3mmcrCMTK0ckup2ACRVevBW88VE gpbc0BZTMrzuhmId4jWGQOC+X90CAwEAAaOCAeUwggHhMB0GA1UdDgQWBBRREAgq N41ZAefzGOvM0gwoNsKGUjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzOTM3MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMw EgQCAAEwDAMEAWeOXgMEAWedkDANBAIAAjAHAwUAJAUwQDANBgkqhkiG9w0BAQsF AAOCAQEAIAH34ayyXcM/VSyRzSI2Ct+/jPHrCKvVRAzIrEev0Gogxiwat1fI485f 1CEQlyxC2CYoMGdt/KjOCKBJtEGlnMWkRrTxb08Ob2LrqhBpflq77Fv4q7XZyUuC btasnWszK73A+bbKEVCM4yYwdoECJQ2omdxATjeCupJ4VqN+h6iD9hMO/KYjne4F ZqeNoaB8XClsv0uBCk3VH17X8XQoLeiQyF3q+JP4dIkpjFtMg29enGrbBwN2HfvB 3+qFydP3C5X8nmE+yM0Z3uc2F45g0fwJbD7uRlSVqXC5TipWkv4vYlhrFOuN8Q95 9jB7IWvwHAR16+/mYjHC3W5ExGiWUA== -----END CERTIFICATE-----Generated at Sat Apr 5 06:22:36 2025 by rpki-client