$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140010.roa File: AS140010.roa (raw, json) Hash identifier: AVv18n4WSeeYNe4Vw7WzWHLcXmyij22gdy6Sy4i43uU= Subject key identifier: 42:17:4F:EE:E0:98:E2:7B:70:88:9C:1B:56:3A:0F:26:EE:C0:E2:FE Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 43BA0B491E05B1475D2C624CA75FA35938D038E1 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140010.roa Signing time: Wed 03 Jan 2024 08:43:34 +0000 ROA not before: Wed 03 Jan 2024 08:38:34 +0000 ROA not after: Wed 01 Jan 2025 08:43:34 +0000 asID: 140010 IP address blocks: 103.147.241.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 18:02:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:ba:0b:49:1e:05:b1:47:5d:2c:62:4c:a7:5f:a3:59:38:d0:38:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 3 08:38:34 2024 GMT Not After : Jan 1 08:43:34 2025 GMT Subject: CN=42174FEEE098E27B70889C1B563A0F26EEC0E2FE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:c2:29:b6:d9:2c:80:40:2d:34:e8:40:ce:0c: 59:65:6f:ba:23:b1:b1:2e:59:92:df:2b:60:4d:b5: 85:5e:9c:fc:b2:7f:20:25:08:bd:fa:48:e2:8f:d0: a8:fe:67:d2:cb:0a:a8:fd:1b:e8:c6:a0:ea:51:97: 33:ae:96:eb:64:c6:28:48:0e:c2:62:f4:34:7b:e2: 93:dd:82:7e:02:7f:02:65:4e:97:f7:f4:44:75:5e: fd:ed:3c:ad:b9:16:e3:9e:7a:39:30:8f:a5:8e:a9: d0:ed:27:c4:42:5f:a3:06:d5:99:0f:cc:dc:08:82: 99:31:c5:4c:7f:61:bb:9b:06:f8:0e:fe:aa:ce:b3: ee:85:ae:59:23:58:5c:04:89:32:ab:2d:4b:c3:0b: 32:cb:ba:e1:ea:e1:86:c6:5b:ad:12:3d:a2:e8:a0: bb:f1:dd:d5:f6:d0:5a:77:38:41:8e:66:b0:4f:0b: ce:2f:f7:c5:af:80:37:8f:9b:81:64:d1:23:05:6f: 7c:54:e7:da:f3:8c:49:30:77:af:8d:a7:65:a8:03: b2:1f:a0:f1:70:4d:8d:eb:dc:1b:7c:42:31:d3:17: bb:e1:20:64:23:8a:00:0f:b5:d3:ca:4d:80:61:24: 6a:46:b7:c1:67:f8:62:7d:fe:34:25:87:a4:0b:4d: af:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:17:4F:EE:E0:98:E2:7B:70:88:9C:1B:56:3A:0F:26:EE:C0:E2:FE X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140010.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.147.241.0/24 Signature Algorithm: sha256WithRSAEncryption 29:47:4e:2d:83:bc:4f:a9:63:6a:55:ef:e4:67:31:20:b8:9b: 86:e7:36:8d:58:d6:56:09:c9:70:ea:f9:0e:59:ac:6d:1d:bb: 60:a7:b8:2a:74:68:f2:ef:14:64:ac:c4:92:23:ab:0b:fc:35: 04:71:b7:a8:4e:03:31:35:34:08:cf:c2:92:c3:dd:87:41:b7: 48:11:85:5f:5c:30:b8:ee:a8:1f:85:2e:e8:f4:60:a8:36:05: e6:a4:6f:d2:19:6a:76:ca:cc:ab:f3:37:18:16:0d:c0:31:4e: 19:7e:e4:dc:e0:c8:d8:1b:73:aa:30:66:fd:ad:1b:81:24:c7: 77:10:c7:fd:42:d6:70:25:b0:ea:1b:bd:00:fd:82:d2:03:08: e0:42:3f:91:6e:7f:8c:34:df:52:e6:dc:73:28:36:62:c7:c5: 50:31:68:67:62:e5:da:a4:67:54:97:b4:09:72:46:42:01:f8: 37:9f:ea:5a:ce:01:5f:3e:af:4a:18:f8:39:13:05:14:5d:5d: 31:97:99:4a:dd:10:fe:80:d3:c1:27:10:e4:31:74:b0:da:e5: cb:c3:a3:33:49:9e:90:c1:80:1b:c1:c6:76:81:46:03:c2:14: 33:e3:8f:08:d0:f0:aa:41:e1:9f:61:64:c5:57:37:e7:e4:1c: 2d:84:19:b9 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUQ7oLSR4FsUddLGJMp1+jWTjQOOEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwMzA4MzgzNFoX DTI1MDEwMTA4NDMzNFowMzExMC8GA1UEAxMoNDIxNzRGRUVFMDk4RTI3QjcwODg5 QzFCNTYzQTBGMjZFRUMwRTJGRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMPCKbbZLIBALTToQM4MWWVvuiOxsS5Zkt8rYE21hV6c/LJ/ICUIvfpI4o/Q qP5n0ssKqP0b6Mag6lGXM66W62TGKEgOwmL0NHvik92CfgJ/AmVOl/f0RHVe/e08 rbkW4556OTCPpY6p0O0nxEJfowbVmQ/M3AiCmTHFTH9hu5sG+A7+qs6z7oWuWSNY XASJMqstS8MLMsu64erhhsZbrRI9ouigu/Hd1fbQWnc4QY5msE8Lzi/3xa+AN4+b gWTRIwVvfFTn2vOMSTB3r42nZagDsh+g8XBNjevcG3xCMdMXu+EgZCOKAA+108pN gGEkaka3wWf4Yn3+NCWHpAtNr4MCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRCF0/u 4Jjie3CInBtWOg8m7sDi/jAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MDAxMC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAGeT8TANBgkqhkiG9w0BAQsFAAOCAQEAKUdOLYO8T6ljalXv5Gcx ILibhuc2jVjWVgnJcOr5DlmsbR27YKe4KnRo8u8UZKzEkiOrC/w1BHG3qE4DMTU0 CM/CksPdh0G3SBGFX1wwuO6oH4Uu6PRgqDYF5qRv0hlqdsrMq/M3GBYNwDFOGX7k 3ODI2BtzqjBm/a0bgSTHdxDH/ULWcCWw6hu9AP2C0gMI4EI/kW5/jDTfUubccyg2 YsfFUDFoZ2Ll2qRnVJe0CXJGQgH4N5/qWs4BXz6vShj4ORMFFF1dMZeZSt0Q/oDT wScQ5DF0sNrly8OjM0mekMGAG8HGdoFGA8IUM+OPCNDwqkHhn2FkxVc35+QcLYQZ uQ== -----END CERTIFICATE-----Generated at Wed May 8 17:45:22 2024 by rpki-client on console-ams.rpki-client.org