$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139981.roa File: AS139981.roa (raw, json) Hash identifier: cIwLZ6R0eH91/t8DHwBydqzpCYZ70s350NqlIlqeE3s= Subject key identifier: E0:9C:D5:8B:1C:8D:A7:99:7B:E9:E0:1D:F6:C1:3C:FD:41:DD:B0:CA Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 70CA88F55FDE3225906362D7923BD613F418FA8E Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139981.roa Signing time: Tue 26 Nov 2024 11:07:38 +0000 ROA not before: Tue 26 Nov 2024 11:02:38 +0000 ROA not after: Tue 25 Nov 2025 11:07:38 +0000 asID: 139981 IP address blocks: 103.71.160.0/22 maxlen: 24 103.80.98.0/23 maxlen: 24 202.74.72.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:ca:88:f5:5f:de:32:25:90:63:62:d7:92:3b:d6:13:f4:18:fa:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Nov 26 11:02:38 2024 GMT Not After : Nov 25 11:07:38 2025 GMT Subject: CN=E09CD58B1C8DA7997BE9E01DF6C13CFD41DDB0CA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:dc:3d:d2:13:59:0c:33:39:b8:13:ae:29:2a: bc:2a:07:80:d8:bd:79:77:43:77:12:73:30:39:b3: 45:b5:39:cd:7d:9e:1d:7d:44:52:87:6b:58:7d:91: 8c:da:eb:8d:9e:db:b4:1b:cf:5d:e3:b5:03:86:1a: a8:9f:cc:92:2f:5b:47:7d:33:a1:21:d5:bd:60:f9: 17:82:ed:92:e1:48:88:9f:d3:4d:09:e7:c4:cc:81: 97:d2:9e:2f:9c:b4:4a:99:d4:35:09:a2:de:89:c4: 3c:42:22:8a:94:df:8c:2a:79:27:ce:c3:2a:35:8d: 68:ff:58:7f:55:48:4a:ae:c2:01:fe:a2:fc:f3:a0: 94:d6:09:02:41:5f:64:22:e6:05:4d:97:55:62:47: 2a:03:17:cf:45:a7:ed:88:7e:6f:e2:af:ae:1d:1a: 30:65:60:54:a7:b2:60:c6:43:b6:58:a4:37:55:1e: 14:40:8b:86:58:39:16:32:19:fd:4e:f2:42:4f:66: fa:be:26:83:53:b8:81:4d:53:63:96:4c:36:25:94: 31:02:ec:49:ab:d1:50:30:4f:2c:0e:70:87:66:a1: 76:c8:da:9d:65:61:c3:62:b7:3f:50:ac:a5:16:c6: 97:e1:62:70:79:ef:92:c3:f8:6a:49:e9:d8:7d:56: 6f:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:9C:D5:8B:1C:8D:A7:99:7B:E9:E0:1D:F6:C1:3C:FD:41:DD:B0:CA X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139981.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.71.160.0/22 103.80.98.0/23 202.74.72.0/23 Signature Algorithm: sha256WithRSAEncryption 12:09:f4:05:93:ea:f6:2c:7d:1e:42:2b:eb:b8:18:0d:df:32: 0e:d6:a5:e3:a4:e2:d8:34:3d:20:2d:e1:64:08:21:19:c4:87: a6:3a:67:a7:32:d3:b6:6d:a7:3d:95:f7:eb:8a:20:a9:d3:ad: 4a:44:2b:98:7f:ac:b1:76:52:1f:a3:73:ae:d5:10:fd:86:fa: c4:7e:de:84:33:9f:5d:8d:a7:5b:63:54:f6:dc:c2:fe:e5:57: 99:dc:63:e6:70:01:1f:7c:3a:b1:4b:3b:61:1d:b3:f9:e6:fc: 7b:3b:5f:dc:16:e5:df:97:04:ac:43:43:b9:f1:d0:d9:89:60: 98:55:f3:df:cd:b9:6f:65:aa:a1:97:75:d4:fb:ab:a7:b2:31: d5:76:7e:3a:dd:ab:c7:86:29:3a:03:77:a5:44:99:94:ab:e5: 1a:04:2c:a1:eb:28:9f:84:50:d5:d0:5b:b5:5e:72:05:24:f0: b9:02:5c:3f:92:1d:bc:ce:89:d5:50:9e:af:82:ad:84:88:8f: f0:ac:d4:9b:3d:27:50:9b:83:a4:d2:44:54:e5:7c:35:b7:5a: 3a:62:7b:bb:0a:83:88:e6:27:c1:e5:f3:73:b0:c5:99:15:ab: 26:08:7a:6c:82:5a:da:9d:c9:23:1f:36:ba:4e:ad:84:7e:be: ac:27:6b:78 -----BEGIN CERTIFICATE----- MIIE6TCCA9GgAwIBAgIUcMqI9V/eMiWQY2LXkjvWE/QY+o4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTEyNjExMDIzOFoX DTI1MTEyNTExMDczOFowMzExMC8GA1UEAxMoRTA5Q0Q1OEIxQzhEQTc5OTdCRTlF MDFERjZDMTNDRkQ0MUREQjBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM7cPdITWQwzObgTrikqvCoHgNi9eXdDdxJzMDmzRbU5zX2eHX1EUodrWH2R jNrrjZ7btBvPXeO1A4YaqJ/Mki9bR30zoSHVvWD5F4LtkuFIiJ/TTQnnxMyBl9Ke L5y0SpnUNQmi3onEPEIiipTfjCp5J87DKjWNaP9Yf1VISq7CAf6i/POglNYJAkFf ZCLmBU2XVWJHKgMXz0Wn7Yh+b+Kvrh0aMGVgVKeyYMZDtlikN1UeFECLhlg5FjIZ /U7yQk9m+r4mg1O4gU1TY5ZMNiWUMQLsSavRUDBPLA5wh2ahdsjanWVhw2K3P1Cs pRbGl+FicHnvksP4aknp2H1Wb2sCAwEAAaOCAdwwggHYMB0GA1UdDgQWBBTgnNWL HI2nmXvp4B32wTz9Qd2wyjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzOTk4MS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBow GAQCAAEwEgMEAmdHoAMEAWdQYgMEAcpKSDANBgkqhkiG9w0BAQsFAAOCAQEAEgn0 BZPq9ix9HkIr67gYDd8yDtal46Ti2DQ9IC3hZAghGcSHpjpnpzLTtm2nPZX364og qdOtSkQrmH+ssXZSH6NzrtUQ/Yb6xH7ehDOfXY2nW2NU9tzC/uVXmdxj5nABH3w6 sUs7YR2z+eb8eztf3Bbl35cErENDufHQ2YlgmFXz3825b2WqoZd11Purp7Ix1XZ+ Ot2rx4YpOgN3pUSZlKvlGgQsoeson4RQ1dBbtV5yBSTwuQJcP5IdvM6J1VCer4Kt hIiP8KzUmz0nUJuDpNJEVOV8NbdaOmJ7uwqDiOYnweXzc7DFmRWrJgh6bIJa2p3J Ix82uk6thH6+rCdreA== -----END CERTIFICATE-----Generated at Sat Apr 5 06:24:32 2025 by rpki-client