$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140009.roa File: AS140009.roa (raw, json) Hash identifier: 0O8rzBfzEpi7M9PGLFNNNww/SPjDmlHrbAWgddyfgxw= Subject key identifier: 65:01:45:7A:3B:85:0E:56:E2:4B:DE:1D:A0:54:D2:61:92:F0:08:AA Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 337624F8EA26B7CFDFD23E7FC412A49BC82C5658 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140009.roa Signing time: Fri 01 Sep 2023 07:00:00 +0000 ROA not before: Fri 01 Sep 2023 06:55:00 +0000 ROA not after: Fri 30 Aug 2024 07:00:00 +0000 asID: 140009 IP address blocks: 103.149.18.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 03:34:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:76:24:f8:ea:26:b7:cf:df:d2:3e:7f:c4:12:a4:9b:c8:2c:56:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 1 06:55:00 2023 GMT Not After : Aug 30 07:00:00 2024 GMT Subject: CN=6501457A3B850E56E24BDE1DA054D26192F008AA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:c6:5c:2f:0e:89:63:33:ce:db:74:74:ad:71: ed:2c:4b:5a:81:ba:4e:28:24:76:ea:89:72:b2:48: ee:78:55:1b:e4:b5:c2:47:18:9c:c5:df:8b:43:d6: 6f:a9:3a:37:7a:10:62:24:98:25:d1:fe:f5:84:50: 2f:24:0d:bd:8a:b3:70:b2:62:c5:7b:ce:3f:46:fd: 7c:10:4f:4b:eb:ac:d3:07:3e:fe:9e:54:b1:0c:01: 3c:f7:13:e6:22:0f:41:84:14:b2:b6:7b:7b:fb:d2: 5c:4a:b9:3e:bc:c5:f4:1d:2c:0a:45:75:78:a5:75: 85:fd:2f:5c:d0:d5:87:71:83:58:3a:35:5f:3d:68: 7f:d8:3d:f7:41:20:26:60:e1:fe:8b:73:bd:e5:06: d6:c1:53:11:fd:07:7e:25:49:24:8d:ad:89:d6:68: c4:41:b9:c4:87:a3:5c:07:89:2c:36:7f:59:51:1b: d8:38:cd:fd:f8:2a:ab:56:55:75:d3:41:c2:68:6f: 87:98:7b:c4:a5:b5:d8:e9:d6:6e:34:43:4c:08:3f: 29:ea:32:94:f1:87:80:bd:e9:d6:d9:f7:8d:16:46: 63:3b:d9:d9:32:ff:54:d5:ae:ee:ea:91:6d:13:41: 84:c3:3e:97:d7:b5:43:71:40:f5:1a:7a:b2:06:b0: d5:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:01:45:7A:3B:85:0E:56:E2:4B:DE:1D:A0:54:D2:61:92:F0:08:AA X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140009.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.149.18.0/23 Signature Algorithm: sha256WithRSAEncryption 58:48:0f:d4:65:a8:53:49:a3:fa:7b:c5:47:4e:8c:23:36:8b: 94:06:71:40:3c:96:b1:6b:8c:f4:9c:27:7d:10:50:bb:d2:48: bc:28:90:80:97:7b:04:10:24:a7:21:5b:cb:31:bf:2e:cd:5b: d7:4a:4c:2a:72:e4:a9:6b:cc:cb:43:74:b3:7b:ad:e2:91:aa: bb:d9:7c:03:0f:2d:65:9f:01:f4:14:48:b3:c5:0c:d7:42:c1: 12:1c:27:b9:06:76:d1:e3:dc:1f:29:60:41:69:75:47:ca:f5: d3:63:75:b1:4b:79:e8:4b:6c:50:13:56:9f:e2:fd:7d:81:2c: f4:3f:b3:8f:c1:c7:25:55:96:9c:e0:e9:de:19:40:92:80:54: 7e:df:45:10:6a:f4:42:cc:3f:6f:f0:94:a5:1b:a3:0f:68:d1: 2f:60:5b:4b:14:61:e9:ba:bd:f8:0e:b1:11:51:fb:19:57:5d: 2f:bd:7a:19:a2:4d:5b:9f:81:e4:70:7f:b3:55:10:1b:c6:79: 0b:4a:a4:65:8f:ad:5f:72:0f:b7:76:db:03:d7:98:46:ee:64: 1f:7f:9e:72:9e:cf:19:6a:84:bb:3a:e6:59:11:25:24:d5:63: 3a:57:6f:c6:9b:af:1c:16:b7:ec:fb:f5:c6:88:36:64:e9:b9: 68:9f:13:d1 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUM3Yk+Oomt8/f0j5/xBKkm8gsVlgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDkwMTA2NTUwMFoX DTI0MDgzMDA3MDAwMFowMzExMC8GA1UEAxMoNjUwMTQ1N0EzQjg1MEU1NkUyNEJE RTFEQTA1NEQyNjE5MkYwMDhBQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK/GXC8OiWMzztt0dK1x7SxLWoG6TigkduqJcrJI7nhVG+S1wkcYnMXfi0PW b6k6N3oQYiSYJdH+9YRQLyQNvYqzcLJixXvOP0b9fBBPS+us0wc+/p5UsQwBPPcT 5iIPQYQUsrZ7e/vSXEq5PrzF9B0sCkV1eKV1hf0vXNDVh3GDWDo1Xz1of9g990Eg JmDh/otzveUG1sFTEf0HfiVJJI2tidZoxEG5xIejXAeJLDZ/WVEb2DjN/fgqq1ZV ddNBwmhvh5h7xKW12OnWbjRDTAg/KeoylPGHgL3p1tn3jRZGYzvZ2TL/VNWu7uqR bRNBhMM+l9e1Q3FA9Rp6sgaw1fUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRlAUV6 O4UOVuJL3h2gVNJhkvAIqjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MDAwOS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWeVEjANBgkqhkiG9w0BAQsFAAOCAQEAWEgP1GWoU0mj+nvFR06M IzaLlAZxQDyWsWuM9JwnfRBQu9JIvCiQgJd7BBAkpyFbyzG/Ls1b10pMKnLkqWvM y0N0s3ut4pGqu9l8Aw8tZZ8B9BRIs8UM10LBEhwnuQZ20ePcHylgQWl1R8r102N1 sUt56EtsUBNWn+L9fYEs9D+zj8HHJVWWnODp3hlAkoBUft9FEGr0Qsw/b/CUpRuj D2jRL2BbSxRh6bq9+A6xEVH7GVddL716GaJNW5+B5HB/s1UQG8Z5C0qkZY+tX3IP t3bbA9eYRu5kH3+ecp7PGWqEuzrmWRElJNVjOldvxpuvHBa37Pv1xog2ZOm5aJ8T 0Q== -----END CERTIFICATE-----Generated at Wed May 8 21:02:21 2024 by rpki-client on console-fra.rpki-client.org