$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139397.roa File: AS139397.roa (raw, json) Hash identifier: xu6FiDSzKJAWBwGqzidDEuEu9SATI0weKn8lC0qisAk= Subject key identifier: 85:35:DD:6E:06:7B:44:93:65:AB:FA:CF:F7:9D:2A:D6:F2:C4:71:AF Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 588AD1153A56176B3823FAD009687E35A3C60B78 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139397.roa Signing time: Tue 10 Dec 2024 05:00:03 +0000 ROA not before: Tue 10 Dec 2024 04:55:03 +0000 ROA not after: Tue 09 Dec 2025 05:00:03 +0000 asID: 139397 IP address blocks: 123.253.252.0/22 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:8a:d1:15:3a:56:17:6b:38:23:fa:d0:09:68:7e:35:a3:c6:0b:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Dec 10 04:55:03 2024 GMT Not After : Dec 9 05:00:03 2025 GMT Subject: CN=8535DD6E067B449365ABFACFF79D2AD6F2C471AF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:1e:3d:62:ff:04:bb:86:73:e3:32:df:9d:48: 25:33:13:ed:33:ed:5b:ce:de:7e:e3:db:32:d0:b0: 6c:fd:1a:3e:e9:dc:14:06:8b:00:26:0c:16:02:9a: 96:99:0c:50:46:aa:27:9f:fe:e2:a8:c2:45:30:e1: 16:1b:38:8c:9a:24:dc:1e:8f:1b:09:02:95:ec:7f: 40:7d:bc:61:48:ad:8a:db:85:be:22:72:f1:22:ec: 6a:4e:3a:5f:5c:8d:e8:80:e0:1e:2a:89:63:06:7a: 99:47:c9:ac:7f:33:83:01:62:46:1e:21:a8:c7:68: ef:df:b8:01:2f:44:ad:78:53:1f:96:5d:b5:a4:99: a7:42:54:5f:c2:0c:7d:a8:e6:c9:39:53:a5:3b:2c: 8e:b6:ec:70:26:48:2d:eb:dd:74:9c:dc:e7:ba:6f: 7c:13:e9:8f:0b:e1:6f:42:1b:59:fa:2d:36:a5:f2: 0d:07:0b:5d:cb:4a:39:4b:a0:ec:f2:83:43:be:f5: 60:9e:87:9f:52:81:f5:fb:c8:76:92:8d:12:2f:04: 97:f4:79:d8:31:9f:46:c2:27:88:b8:0a:ba:71:d6: bf:0e:a9:e7:b4:a5:3d:99:3c:a7:40:73:9e:25:f0: cb:e8:0e:a7:87:a5:1e:3c:59:57:1e:b9:dd:9d:82: 99:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:35:DD:6E:06:7B:44:93:65:AB:FA:CF:F7:9D:2A:D6:F2:C4:71:AF X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139397.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 123.253.252.0/22 Signature Algorithm: sha256WithRSAEncryption 07:36:8a:a4:ce:e0:72:98:c9:21:f1:c7:59:8a:9c:e1:e6:3a: 19:48:c6:37:96:1f:56:c6:b3:5e:6e:67:05:b5:43:0e:ef:4f: 6b:d5:88:e5:b4:4b:3e:9a:b1:5d:e0:1b:00:91:32:a9:eb:90: 22:d7:bc:3d:1d:83:c6:d9:98:e1:10:52:05:85:42:b2:4a:fb: 90:36:aa:d3:74:07:44:18:5a:8f:b0:a5:25:8e:99:bb:db:5d: 26:d7:1a:c7:0d:b7:71:3f:44:33:d0:d6:11:aa:9d:35:dc:08: 75:dc:9f:cc:a9:5e:42:e4:92:7c:b6:07:4d:b2:ec:f6:e5:45: 98:d8:31:77:d0:a6:f3:22:44:7c:39:c0:7c:cb:cd:9c:86:30: 32:d3:19:96:c5:70:73:60:43:a3:78:4f:be:c8:d4:76:5c:70: d4:45:90:1f:01:f4:10:7a:02:de:a8:ba:f8:6c:e5:02:76:79: 10:b5:b9:a3:9c:b8:27:a1:d8:9b:bc:fb:d2:f0:d2:df:60:ba: eb:ca:5a:66:fd:7f:bb:87:3a:55:f7:ee:24:f8:a9:94:2b:fa: 0f:42:24:a0:d8:c4:d0:6e:36:d6:41:e5:b4:2e:ee:00:49:aa: fc:87:33:44:b4:71:cb:99:8d:56:33:42:41:39:d1:c1:a9:d0: b6:7b:17:b0 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUWIrRFTpWF2s4I/rQCWh+NaPGC3gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIxMDA0NTUwM1oX DTI1MTIwOTA1MDAwM1owMzExMC8GA1UEAxMoODUzNURENkUwNjdCNDQ5MzY1QUJG QUNGRjc5RDJBRDZGMkM0NzFBRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALYePWL/BLuGc+My351IJTMT7TPtW87efuPbMtCwbP0aPuncFAaLACYMFgKa lpkMUEaqJ5/+4qjCRTDhFhs4jJok3B6PGwkClex/QH28YUitituFviJy8SLsak46 X1yN6IDgHiqJYwZ6mUfJrH8zgwFiRh4hqMdo79+4AS9ErXhTH5ZdtaSZp0JUX8IM fajmyTlTpTssjrbscCZILevddJzc57pvfBPpjwvhb0IbWfotNqXyDQcLXctKOUug 7PKDQ771YJ6Hn1KB9fvIdpKNEi8El/R52DGfRsIniLgKunHWvw6p57SlPZk8p0Bz niXwy+gOp4elHjxZVx653Z2CmQECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSFNd1u BntEk2Wr+s/3nSrW8sRxrzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzOTM5Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAnv9/DANBgkqhkiG9w0BAQsFAAOCAQEABzaKpM7gcpjJIfHHWYqc 4eY6GUjGN5YfVsazXm5nBbVDDu9Pa9WI5bRLPpqxXeAbAJEyqeuQIte8PR2DxtmY 4RBSBYVCskr7kDaq03QHRBhaj7ClJY6Zu9tdJtcaxw23cT9EM9DWEaqdNdwIddyf zKleQuSSfLYHTbLs9uVFmNgxd9Cm8yJEfDnAfMvNnIYwMtMZlsVwc2BDo3hPvsjU dlxw1EWQHwH0EHoC3qi6+GzlAnZ5ELW5o5y4J6HYm7z70vDS32C668paZv1/u4c6 VffuJPiplCv6D0IkoNjE0G421kHltC7uAEmq/IczRLRxy5mNVjNCQTnRwanQtnsX sA== -----END CERTIFICATE-----Generated at Sat Apr 5 06:23:57 2025 by rpki-client