$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139449.roa File: AS139449.roa (raw, json) Hash identifier: 9/81Bcn4lcBh6+XL3ETr7oz+qQFsLtkGTv9LUqPtBB0= Subject key identifier: 98:7F:7C:6C:84:C5:BA:31:C7:E5:5D:83:35:17:97:BF:36:69:FF:E8 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 42450151273C3714811AF62A5027B29A7DD03AA4 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139449.roa Signing time: Tue 09 Jan 2024 04:00:15 +0000 ROA not before: Tue 09 Jan 2024 03:55:15 +0000 ROA not after: Tue 07 Jan 2025 04:00:15 +0000 asID: 139449 IP address blocks: 103.177.20.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 18:02:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:45:01:51:27:3c:37:14:81:1a:f6:2a:50:27:b2:9a:7d:d0:3a:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:15 2024 GMT Not After : Jan 7 04:00:15 2025 GMT Subject: CN=987F7C6C84C5BA31C7E55D83351797BF3669FFE8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:36:82:03:52:fc:01:d0:e4:da:26:65:0d:fc: 5a:01:77:94:a5:68:bc:8b:b4:42:a2:f4:52:80:1f: 7c:89:0a:3e:03:9b:32:43:4f:95:b1:1e:b0:6d:ac: 81:fd:b4:d0:b1:66:f3:78:84:61:8f:a6:d0:42:a0: 73:7f:24:d5:69:e7:89:6e:b3:4c:c4:27:b9:3e:2b: 4c:b5:77:f3:f9:93:a5:7d:16:52:b5:7e:9e:87:45: 13:9e:4d:83:e3:78:f7:37:df:ed:99:75:86:69:dc: f4:8e:80:31:4a:5f:63:bb:df:d8:72:5f:69:06:f0: c2:c1:76:83:93:6b:91:de:80:5e:ce:42:21:78:d3: 58:5b:6b:19:a4:c1:8f:45:35:30:48:e0:4e:76:f6: 6c:d3:d0:58:66:3a:ad:f0:ff:6d:c5:76:26:0b:80: 54:a4:19:6a:e0:53:f6:e8:67:3b:14:c7:4d:10:28: c6:18:a6:40:b0:d6:37:87:d6:a6:b4:aa:1d:b6:19: 06:d6:13:d4:b0:21:e6:2d:12:eb:9e:dc:22:63:b7: 30:82:f5:5d:ff:a0:53:e1:e2:d0:55:e4:5b:4d:f6: 9b:a5:bd:c5:19:31:ed:a2:89:32:2b:e5:b0:6b:2b: e5:f8:21:65:2b:74:61:a3:61:9f:b9:04:fd:50:4c: 6c:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:7F:7C:6C:84:C5:BA:31:C7:E5:5D:83:35:17:97:BF:36:69:FF:E8 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139449.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.177.20.0/23 Signature Algorithm: sha256WithRSAEncryption 07:2e:fb:44:97:65:e8:9e:ab:86:f9:51:30:99:b5:94:60:c9: e0:1d:89:17:3e:b4:f9:0b:c5:8d:cf:7f:8a:b6:7d:6b:c9:10: 71:db:34:bb:fe:d7:0c:4b:5d:45:2e:f0:89:c7:14:83:2a:06: b0:bc:65:92:d9:ef:a1:31:db:bf:b2:1a:83:39:c1:f9:b8:e8: 9a:24:02:ef:05:64:0c:9c:32:19:1d:3b:e2:b3:69:57:39:cc: 80:1d:12:86:6c:d9:ff:0b:44:d0:89:b2:4a:6c:ad:7d:6e:fb: 0b:95:42:97:ea:ac:fe:64:0f:72:33:e3:be:bd:a4:58:4f:79: 10:40:fb:55:15:b9:6c:4b:68:7f:87:19:51:a9:fb:89:14:91: f6:4a:8d:3e:f8:9d:ff:26:98:72:97:40:1f:15:f8:6e:95:34: c3:3c:ce:3e:3f:6a:7f:53:67:b1:db:c7:45:e1:34:f2:84:a2: c7:5e:6f:bf:62:cd:2b:3a:28:31:d6:95:b3:9d:c9:af:95:a1: 29:a6:ee:d8:7a:21:7f:41:b6:74:d7:96:d5:66:dc:73:a0:77: ea:40:93:4c:05:c8:f5:57:01:9e:ed:2c:27:8a:aa:8c:d2:be: 38:e0:ea:66:fe:c1:0c:49:a1:96:7a:b2:b0:1d:13:1f:ba:03: 6b:a8:4f:b7 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUQkUBUSc8NxSBGvYqUCeymn3QOqQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUxNVoX DTI1MDEwNzA0MDAxNVowMzExMC8GA1UEAxMoOTg3RjdDNkM4NEM1QkEzMUM3RTU1 RDgzMzUxNzk3QkYzNjY5RkZFODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALg2ggNS/AHQ5NomZQ38WgF3lKVovIu0QqL0UoAffIkKPgObMkNPlbEesG2s gf200LFm83iEYY+m0EKgc38k1WnniW6zTMQnuT4rTLV38/mTpX0WUrV+nodFE55N g+N49zff7Zl1hmnc9I6AMUpfY7vf2HJfaQbwwsF2g5Nrkd6AXs5CIXjTWFtrGaTB j0U1MEjgTnb2bNPQWGY6rfD/bcV2JguAVKQZauBT9uhnOxTHTRAoxhimQLDWN4fW prSqHbYZBtYT1LAh5i0S657cImO3MIL1Xf+gU+Hi0FXkW032m6W9xRkx7aKJMivl sGsr5fghZSt0YaNhn7kE/VBMbNkCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSYf3xs hMW6McflXYM1F5e/Nmn/6DAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzOTQ0OS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWexFDANBgkqhkiG9w0BAQsFAAOCAQEABy77RJdl6J6rhvlRMJm1 lGDJ4B2JFz60+QvFjc9/irZ9a8kQcds0u/7XDEtdRS7wiccUgyoGsLxlktnvoTHb v7IagznB+bjomiQC7wVkDJwyGR074rNpVznMgB0ShmzZ/wtE0ImySmytfW77C5VC l+qs/mQPcjPjvr2kWE95EED7VRW5bEtof4cZUan7iRSR9kqNPvid/yaYcpdAHxX4 bpU0wzzOPj9qf1NnsdvHReE08oSix15vv2LNKzooMdaVs53Jr5WhKabu2Hohf0G2 dNeW1Wbcc6B36kCTTAXI9VcBnu0sJ4qqjNK+OODqZv7BDEmhlnqysB0TH7oDa6hP tw== -----END CERTIFICATE-----Generated at Wed May 8 17:45:22 2024 by rpki-client on console-ams.rpki-client.org