$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139388.roa File: AS139388.roa (raw, json) Hash identifier: JGGP6LTxIeKPOGrOIWJZmrDUU0mplWXgKvjYRSi1it0= Subject key identifier: 35:E1:1E:5F:08:7B:54:15:84:97:3A:E6:C1:D7:04:7C:E9:95:B6:C7 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 416DB12AD565780BFD1127D9082E1BB2EE42265B Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139388.roa Signing time: Mon 18 Nov 2024 03:00:00 +0000 ROA not before: Mon 18 Nov 2024 02:55:00 +0000 ROA not after: Mon 17 Nov 2025 03:00:00 +0000 asID: 139388 IP address blocks: 160.20.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:6d:b1:2a:d5:65:78:0b:fd:11:27:d9:08:2e:1b:b2:ee:42:26:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 18 02:55:00 2024 GMT Not After : Nov 17 03:00:00 2025 GMT Subject: CN=35E11E5F087B541584973AE6C1D7047CE995B6C7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:0b:60:e8:7f:4d:67:72:dc:f3:5e:67:42:49: 0f:36:09:75:92:d5:26:91:70:92:2c:7f:37:b5:93: 85:74:6c:8b:c3:11:fc:fe:a5:1e:c8:45:bf:10:7a: 2f:ee:68:7e:90:21:a3:b6:fc:1b:d0:76:5e:61:47: a4:5d:29:0c:39:36:f7:a6:fd:0b:a3:db:5e:e8:e7: e2:3f:dc:f8:ed:76:f5:a4:b3:44:25:e0:a1:ae:8d: d3:83:75:48:81:16:46:3b:fb:28:ee:de:75:9c:8a: 9a:7c:03:c5:ed:2b:03:44:0e:2c:8d:2f:79:5a:b1: 36:1d:22:1f:69:64:94:28:1b:f4:5a:2b:40:5f:5d: a8:f5:d3:df:16:40:e9:36:12:39:30:84:23:03:a0: 22:f6:7e:bc:fe:ce:8c:d6:2a:4d:1e:29:d7:bb:25: 92:ca:55:f1:7a:ca:37:50:3e:3e:dd:49:9a:57:e9: 53:77:c5:fb:e0:e6:43:24:e4:25:ad:65:0a:77:c0: a9:3a:23:b0:07:7e:2f:75:ec:19:c6:85:4b:58:9e: a7:1e:43:ba:f3:80:7d:d9:7a:e1:7c:a7:c4:a1:ee: 7c:58:0a:1d:d4:5e:77:98:22:dd:2b:3f:5c:12:e1: 94:cc:eb:4d:31:c1:13:d7:fd:9d:17:b0:50:d7:be: 55:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:E1:1E:5F:08:7B:54:15:84:97:3A:E6:C1:D7:04:7C:E9:95:B6:C7 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139388.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.20.223.0/24 Signature Algorithm: sha256WithRSAEncryption 4b:5c:97:d0:9d:ab:21:0c:d9:3e:5b:fc:71:68:a6:3b:06:a9: 6e:a9:95:4f:33:fe:de:42:89:f7:2e:b7:e8:dc:d8:2d:84:15: 53:f9:cb:5f:f8:14:88:2a:86:d2:99:8b:50:cb:13:f6:7f:cf: 5b:d1:00:a4:47:84:84:94:c5:3a:81:db:53:c5:98:a6:ed:33: 92:07:49:b0:fa:83:a3:04:1f:37:8e:bc:df:63:7e:d0:f3:75: 91:34:82:ea:0e:1c:99:67:19:2e:11:e3:11:06:cb:f5:29:e8: 4e:c8:7f:89:58:f0:a6:67:6e:c8:a1:28:3f:89:10:26:22:e8: d4:44:67:a4:61:7b:8d:ea:bd:97:62:15:97:0d:0a:ee:0a:d6: 9c:bb:50:cc:b9:8f:90:4f:1c:65:4f:2b:00:14:bb:99:cb:72: 3a:71:c3:39:d4:26:d0:aa:77:61:ef:ca:9d:61:9a:9d:cf:06: 05:16:c5:a8:12:78:5b:ed:ca:ee:21:61:6c:5e:df:2d:99:7a: 32:ab:ad:75:3c:0e:5b:b2:f2:fc:4c:f1:22:43:d5:fd:be:5f: 27:47:b1:02:0b:02:e6:fc:88:77:d0:bd:59:3d:dd:5f:64:96: 9d:fc:67:b9:d7:a6:e6:ff:1e:19:82:90:5c:3c:95:06:11:89: 8a:d7:fe:b5 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUQW2xKtVleAv9ESfZCC4bsu5CJlswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTExODAyNTUwMFoX DTI1MTExNzAzMDAwMFowMzExMC8GA1UEAxMoMzVFMTFFNUYwODdCNTQxNTg0OTcz QUU2QzFENzA0N0NFOTk1QjZDNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM4LYOh/TWdy3PNeZ0JJDzYJdZLVJpFwkix/N7WThXRsi8MR/P6lHshFvxB6 L+5ofpAho7b8G9B2XmFHpF0pDDk296b9C6PbXujn4j/c+O129aSzRCXgoa6N04N1 SIEWRjv7KO7edZyKmnwDxe0rA0QOLI0veVqxNh0iH2lklCgb9ForQF9dqPXT3xZA 6TYSOTCEIwOgIvZ+vP7OjNYqTR4p17slkspV8XrKN1A+Pt1JmlfpU3fF++DmQyTk Ja1lCnfAqTojsAd+L3XsGcaFS1iepx5DuvOAfdl64XynxKHufFgKHdRed5gi3Ss/ XBLhlMzrTTHBE9f9nRewUNe+VeECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQ14R5f CHtUFYSXOubB1wR86ZW2xzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzOTM4OC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKAU3zANBgkqhkiG9w0BAQsFAAOCAQEAS1yX0J2rIQzZPlv8cWim OwapbqmVTzP+3kKJ9y636NzYLYQVU/nLX/gUiCqG0pmLUMsT9n/PW9EApEeEhJTF OoHbU8WYpu0zkgdJsPqDowQfN46832N+0PN1kTSC6g4cmWcZLhHjEQbL9SnoTsh/ iVjwpmduyKEoP4kQJiLo1ERnpGF7jeq9l2IVlw0K7grWnLtQzLmPkE8cZU8rABS7 mctyOnHDOdQm0Kp3Ye/KnWGanc8GBRbFqBJ4W+3K7iFhbF7fLZl6MqutdTwOW7Ly /EzxIkPV/b5fJ0exAgsC5vyId9C9WT3dX2SWnfxnudem5v8eGYKQXDyVBhGJitf+ tQ== -----END CERTIFICATE-----Generated at Mon Nov 25 13:14:27 2024 by rpki-client on console-ams.rpki-client.org