$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139946.roa File: AS139946.roa (raw, json) Hash identifier: q9Kq/+FfNkotPbmTkYLj3VQftNxNeUOtaYCsFedglC0= Subject key identifier: 0A:B2:33:0D:50:C2:43:4E:5C:49:B2:2A:2A:9B:4B:D1:C3:46:3B:8C Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 40FBD0DD1521C383EE2B431246C9F87A36F09A3E Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139946.roa Signing time: Tue 10 Dec 2024 05:00:25 +0000 ROA not before: Tue 10 Dec 2024 04:55:25 +0000 ROA not after: Tue 09 Dec 2025 05:00:25 +0000 asID: 139946 IP address blocks: 103.147.46.0/23 maxlen: 24 2405:a8c0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:fb:d0:dd:15:21:c3:83:ee:2b:43:12:46:c9:f8:7a:36:f0:9a:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Dec 10 04:55:25 2024 GMT Not After : Dec 9 05:00:25 2025 GMT Subject: CN=0AB2330D50C2434E5C49B22A2A9B4BD1C3463B8C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:d4:f2:12:47:28:1f:c2:4d:60:b8:f1:cb:1d: f7:80:45:05:80:c7:71:17:d8:e5:35:e1:73:0b:81: a2:1a:15:a3:53:cd:b8:56:78:ff:65:90:f9:96:b1: ad:ca:84:58:0b:ab:c9:c2:ce:d5:87:04:2b:a7:50: 7f:c4:61:de:3e:5b:b8:21:c5:30:f7:fb:65:dc:c4: f1:d9:12:86:c1:47:b6:f7:d7:5b:93:6f:1e:82:0a: 9d:c7:3a:e5:83:2a:32:41:4f:92:18:83:9b:9f:ca: 86:fc:05:ec:36:e0:ad:0c:fe:e7:63:a5:4f:72:7e: 12:81:38:20:84:6f:f9:3b:7b:ef:6a:2f:7d:e3:1d: b1:78:29:7f:db:62:d0:c1:aa:2f:66:e3:db:dd:2a: b5:2a:6f:5c:1c:21:a0:c1:69:c1:61:35:ca:5e:1f: 32:ae:f5:e2:42:6c:21:60:63:a9:36:12:51:48:ec: 97:57:57:12:fb:65:65:10:a5:e5:77:42:05:3b:08: ad:24:c0:29:ae:1c:d6:72:65:7f:68:61:57:c2:5b: eb:1c:cf:62:a5:94:d6:18:1d:04:47:67:fd:00:99: 78:b6:51:92:8b:1c:0b:dc:47:24:65:e9:89:28:6f: 86:8a:c8:5d:54:2e:e4:20:53:76:93:f6:4d:7b:bd: 1c:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:B2:33:0D:50:C2:43:4E:5C:49:B2:2A:2A:9B:4B:D1:C3:46:3B:8C X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139946.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.147.46.0/23 IPv6: 2405:a8c0::/32 Signature Algorithm: sha256WithRSAEncryption 05:9c:dd:1d:89:d8:f2:be:23:3d:33:27:e2:07:63:52:45:00: 82:5a:c3:06:50:d5:6b:63:96:49:45:eb:79:bf:70:b6:33:92: a6:cf:92:90:1e:49:eb:7b:72:f3:5b:b1:25:88:64:22:fd:15: 50:91:1d:db:69:a1:80:33:88:0a:70:05:f6:51:98:ba:4f:d0: 86:1d:37:a0:5d:89:da:45:52:49:2b:0e:76:7a:23:48:51:61: df:d8:5e:70:85:50:cd:c6:9b:0d:8a:57:b2:5e:52:d2:06:86: 40:f7:5d:21:a6:a8:e1:5a:65:44:99:34:23:48:f0:40:b6:59: 49:e3:8a:72:4d:6e:60:c5:a3:6f:64:64:c3:d4:a7:ae:6d:bf: 86:aa:72:28:0e:e4:f8:90:37:56:ad:e9:e1:65:e5:f3:da:c5: 38:9c:84:60:82:34:f7:47:0e:7e:fe:9d:a8:cf:25:c1:c9:e1: 34:7e:3b:3e:c6:48:8a:98:22:ab:39:e0:77:9a:8d:fa:93:55: 53:1c:f8:d0:d9:50:64:ca:e3:8e:2c:91:c5:e2:53:eb:6c:24: b8:70:0b:a2:7d:e0:ae:4a:8e:b8:6f:07:4b:81:13:46:94:86: c3:50:69:4e:d7:df:76:11:8c:9c:97:44:2c:14:c0:2f:7b:2f: 56:6a:72:dd -----BEGIN CERTIFICATE----- MIIE7DCCA9SgAwIBAgIUQPvQ3RUhw4PuK0MSRsn4ejbwmj4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIxMDA0NTUyNVoX DTI1MTIwOTA1MDAyNVowMzExMC8GA1UEAxMoMEFCMjMzMEQ1MEMyNDM0RTVDNDlC MjJBMkE5QjRCRDFDMzQ2M0I4QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKzU8hJHKB/CTWC48csd94BFBYDHcRfY5TXhcwuBohoVo1PNuFZ4/2WQ+Zax rcqEWAurycLO1YcEK6dQf8Rh3j5buCHFMPf7ZdzE8dkShsFHtvfXW5NvHoIKncc6 5YMqMkFPkhiDm5/KhvwF7DbgrQz+52OlT3J+EoE4IIRv+Tt772ovfeMdsXgpf9ti 0MGqL2bj290qtSpvXBwhoMFpwWE1yl4fMq714kJsIWBjqTYSUUjsl1dXEvtlZRCl 5XdCBTsIrSTAKa4c1nJlf2hhV8Jb6xzPYqWU1hgdBEdn/QCZeLZRkoscC9xHJGXp iShvhorIXVQu5CBTdpP2TXu9HP0CAwEAAaOCAd8wggHbMB0GA1UdDgQWBBQKsjMN UMJDTlxJsioqm0vRw0Y7jDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzOTk0Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0w DAQCAAEwBgMEAWeTLjANBAIAAjAHAwUAJAWowDANBgkqhkiG9w0BAQsFAAOCAQEA BZzdHYnY8r4jPTMn4gdjUkUAglrDBlDVa2OWSUXreb9wtjOSps+SkB5J63ty81ux JYhkIv0VUJEd22mhgDOICnAF9lGYuk/Qhh03oF2J2kVSSSsOdnojSFFh39hecIVQ zcabDYpXsl5S0gaGQPddIaao4VplRJk0I0jwQLZZSeOKck1uYMWjb2Rkw9Snrm2/ hqpyKA7k+JA3Vq3p4WXl89rFOJyEYII090cOfv6dqM8lwcnhNH47PsZIipgiqzng d5qN+pNVUxz40NlQZMrjjiyRxeJT62wkuHALon3grkqOuG8HS4ETRpSGw1BpTtff dhGMnJdELBTAL3svVmpy3Q== -----END CERTIFICATE-----Generated at Sat Apr 5 06:20:04 2025 by rpki-client