$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140009.roa File: AS140009.roa (raw, json) Hash identifier: I8wZN7Ii7pz8p6BIOjfE99ku2t7JZ2XZ6luAaDRoQRg= Subject key identifier: AF:AE:00:DC:F3:6B:1C:85:5E:6F:84:E0:8A:C4:3F:D4:6D:C9:08:93 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 76376BBAE2FDF1405B307DC1723AB583596FA492 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140009.roa Signing time: Fri 02 Aug 2024 07:00:00 +0000 ROA not before: Fri 02 Aug 2024 06:55:00 +0000 ROA not after: Fri 01 Aug 2025 07:00:00 +0000 asID: 140009 IP address blocks: 103.149.18.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:37:6b:ba:e2:fd:f1:40:5b:30:7d:c1:72:3a:b5:83:59:6f:a4:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Aug 2 06:55:00 2024 GMT Not After : Aug 1 07:00:00 2025 GMT Subject: CN=AFAE00DCF36B1C855E6F84E08AC43FD46DC90893 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:db:3b:ed:05:89:a8:c8:7c:6f:ca:9f:be:b5: 04:dc:3f:09:09:19:12:3d:44:e8:c9:9c:d0:4f:d0: b9:d2:0b:42:af:0d:09:4d:32:f7:86:af:7a:fa:ba: 35:12:7f:5b:05:a7:c9:12:83:1f:6d:73:7f:c2:ba: 37:d5:59:4a:11:60:69:1a:c0:4b:b9:37:54:39:3a: a3:06:96:c4:a3:a7:d7:bc:d4:cc:b8:d2:ca:fe:dc: 76:e7:b9:0f:37:5f:93:26:21:42:73:ce:0f:52:94: a2:59:2a:83:df:95:39:7a:2d:2c:8c:26:30:53:b3: e0:42:8b:b5:35:c6:94:ed:64:ef:fb:80:fb:1c:1c: 0d:e3:31:26:71:30:c0:a5:cb:28:0e:f4:6c:4c:39: 87:92:87:65:36:f6:d6:54:7f:65:ae:90:81:db:e5: fe:5c:41:cc:91:f1:e2:6d:39:53:64:ea:7f:80:d3: c5:a8:7b:0e:47:58:05:d3:e5:d8:ba:94:d1:1b:1e: f5:d9:76:9e:d0:11:9f:cb:45:f4:b9:6c:9e:51:67: 57:df:17:fc:0a:de:e8:55:fe:b0:70:cc:dd:58:4d: f4:29:71:a4:43:88:d3:9e:30:95:a1:69:14:d6:c3: 86:e2:f8:d2:17:70:e9:46:25:ef:08:56:a1:65:3a: b8:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:AE:00:DC:F3:6B:1C:85:5E:6F:84:E0:8A:C4:3F:D4:6D:C9:08:93 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140009.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.149.18.0/23 Signature Algorithm: sha256WithRSAEncryption 89:68:fe:f4:97:12:9e:5a:bb:37:39:46:86:3b:37:99:b4:04: 74:0f:1c:7f:31:8c:32:c7:ca:3e:5b:68:82:d0:63:03:6f:3f: 5c:f9:53:5d:91:38:f1:56:c6:24:1e:90:b1:2a:f6:7e:d9:f2: eb:59:d3:1c:53:1f:57:63:29:43:00:04:bc:70:5c:87:4f:0c: 5c:cb:c4:55:d1:99:af:ba:37:9f:c1:78:b0:80:fa:95:a5:3d: eb:c2:9d:76:10:9a:af:a3:54:28:64:b6:ff:1b:e8:39:e9:83: f6:b5:a5:29:ad:b3:c6:2e:e0:57:1b:a1:ec:a7:ec:01:82:02: 1e:37:4b:05:f5:68:f2:e8:ac:bd:92:00:2d:64:31:e8:25:ba: 9f:87:71:f8:7d:f9:4b:82:c1:44:31:e1:89:4e:08:b1:f4:e6: e4:49:01:11:ef:90:57:14:71:1d:66:54:6d:98:77:c0:02:66: fd:02:98:81:72:6c:2b:ee:4a:62:f6:ad:b1:76:26:b3:de:af: 17:33:2c:47:7f:c3:10:e3:45:fd:41:46:6d:fa:ad:ff:8c:21: 76:fe:6b:85:22:59:80:1b:0e:b5:2d:7d:a0:c0:38:47:ca:74: d1:9d:b7:0f:d1:ed:f0:3b:0b:9a:70:09:b4:40:97:71:32:c5: 1d:49:be:77 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUdjdruuL98UBbMH3Bcjq1g1lvpJIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDgwMjA2NTUwMFoX DTI1MDgwMTA3MDAwMFowMzExMC8GA1UEAxMoQUZBRTAwRENGMzZCMUM4NTVFNkY4 NEUwOEFDNDNGRDQ2REM5MDg5MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL/bO+0FiajIfG/Kn761BNw/CQkZEj1E6Mmc0E/QudILQq8NCU0y94avevq6 NRJ/WwWnyRKDH21zf8K6N9VZShFgaRrAS7k3VDk6owaWxKOn17zUzLjSyv7cdue5 DzdfkyYhQnPOD1KUolkqg9+VOXotLIwmMFOz4EKLtTXGlO1k7/uA+xwcDeMxJnEw wKXLKA70bEw5h5KHZTb21lR/Za6Qgdvl/lxBzJHx4m05U2Tqf4DTxah7DkdYBdPl 2LqU0Rse9dl2ntARn8tF9LlsnlFnV98X/Are6FX+sHDM3VhN9ClxpEOI054wlaFp FNbDhuL40hdw6UYl7whWoWU6uPcCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSvrgDc 82schV5vhOCKxD/UbckIkzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MDAwOS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWeVEjANBgkqhkiG9w0BAQsFAAOCAQEAiWj+9JcSnlq7NzlGhjs3 mbQEdA8cfzGMMsfKPltogtBjA28/XPlTXZE48VbGJB6QsSr2ftny61nTHFMfV2Mp QwAEvHBch08MXMvEVdGZr7o3n8F4sID6laU968KddhCar6NUKGS2/xvoOemD9rWl Ka2zxi7gVxuh7KfsAYICHjdLBfVo8uisvZIALWQx6CW6n4dx+H35S4LBRDHhiU4I sfTm5EkBEe+QVxRxHWZUbZh3wAJm/QKYgXJsK+5KYvatsXYms96vFzMsR3/DEONF /UFGbfqt/4whdv5rhSJZgBsOtS19oMA4R8p00Z23D9Ht8DsLmnAJtECXcTLFHUm+ dw== -----END CERTIFICATE-----Generated at Mon Nov 25 13:01:54 2024 by rpki-client on console-fra.rpki-client.org