$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140029.roa File: AS140029.roa (raw, json) Hash identifier: PVROU6NJ+qMIorSBmR2c8S5DfOWOD0iUa7yQqeBc8kE= Subject key identifier: F7:4C:4E:CA:87:0D:4C:5B:A7:24:2B:8F:88:1B:3B:20:91:F2:C9:AD Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 260C794B12FECAE982647CA2665DED219097F428 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140029.roa Signing time: Tue 09 Jan 2024 04:00:04 +0000 ROA not before: Tue 09 Jan 2024 03:55:04 +0000 ROA not after: Tue 07 Jan 2025 04:00:04 +0000 asID: 140029 IP address blocks: 103.149.208.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 18:02:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:0c:79:4b:12:fe:ca:e9:82:64:7c:a2:66:5d:ed:21:90:97:f4:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:04 2024 GMT Not After : Jan 7 04:00:04 2025 GMT Subject: CN=F74C4ECA870D4C5BA7242B8F881B3B2091F2C9AD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:6d:e2:36:15:e2:c7:8b:48:5e:be:e4:fe:62: 51:6c:7a:63:cd:ef:26:cf:4b:ec:90:e3:65:dc:8f: 8d:b8:02:9c:eb:ff:fe:fb:3d:1e:ec:24:db:6c:f2: 96:bf:fa:2d:07:5b:94:cc:54:c9:de:09:94:4f:95: 9e:58:ce:f2:f6:ad:bc:51:c4:91:b2:2c:8a:02:26: f1:f4:9a:ed:92:8f:74:3c:4d:89:53:f1:46:39:49: 0a:ff:37:e7:c1:4e:18:fd:6b:18:92:b8:69:ee:27: 0f:c1:29:42:b7:f8:89:87:ec:60:ca:7b:ea:bc:94: 12:fa:67:fa:ad:5e:83:27:f7:ca:d1:00:ac:4c:50: 22:11:ea:cb:78:91:ab:fe:e4:08:27:ed:bc:bc:d7: ff:ee:c5:1f:6c:a9:44:29:d4:7d:56:82:a9:8a:85: d8:9c:95:c6:6f:f1:8d:a4:49:e3:b8:e6:af:2e:8b: 76:78:9f:ec:35:61:d5:db:5d:5a:38:89:c4:eb:0f: 7b:33:dc:69:a9:0c:32:de:2a:e5:d1:3b:7b:ea:94: 1a:5d:46:82:cc:16:94:d5:41:84:08:6c:f3:fb:21: 5c:d6:4b:2c:0b:f0:2b:02:26:1a:09:f4:cc:15:b5: 87:02:57:51:e3:db:4c:61:fa:4b:39:ca:b3:d9:f2: 46:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:4C:4E:CA:87:0D:4C:5B:A7:24:2B:8F:88:1B:3B:20:91:F2:C9:AD X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140029.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.149.208.0/24 Signature Algorithm: sha256WithRSAEncryption 7f:d1:49:f9:0a:73:12:53:9b:c5:bd:f5:77:ae:44:1d:bd:db: 6c:d4:9a:43:1b:5c:4e:39:ee:cd:ba:85:ba:b5:4f:39:f6:6d: 44:db:43:19:b9:bd:b9:c9:02:ec:02:11:4f:11:7f:21:1c:58: 67:25:a9:27:88:1d:fa:6c:b5:e3:59:df:b9:30:83:da:fc:7d: 8e:32:84:0a:e3:9a:a3:c8:c6:5b:0f:27:7b:f1:1a:a5:b5:d0: 25:9e:95:1b:18:c7:d7:9a:14:52:8b:da:35:29:ff:a5:0d:2f: 23:1a:75:22:fd:97:00:17:19:ec:ea:1d:fe:b7:2c:16:0f:cf: 35:f3:86:30:52:7d:77:c5:58:25:34:b8:33:79:5b:38:c7:86: 1f:0e:65:4a:69:8a:72:6b:6c:95:d5:78:14:b0:92:9c:7d:3f: 5a:a7:79:24:21:4e:e5:d2:98:c2:81:4f:a9:37:39:54:5c:dc: 3f:5c:4d:1a:87:9d:48:17:34:ab:31:15:45:94:a1:f4:ea:c1: 44:a5:a7:85:e9:a7:4d:57:91:ab:05:32:e4:0d:73:f6:a5:b4: b0:61:88:a2:c1:56:d5:6b:67:0e:c3:41:0e:d8:30:8f:88:71: c7:f3:98:3d:c0:22:2d:6e:46:0c:cc:e5:ab:5c:29:f1:7a:5b: 1a:87:bd:52 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUJgx5SxL+yumCZHyiZl3tIZCX9CgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUwNFoX DTI1MDEwNzA0MDAwNFowMzExMC8GA1UEAxMoRjc0QzRFQ0E4NzBENEM1QkE3MjQy QjhGODgxQjNCMjA5MUYyQzlBRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOdt4jYV4seLSF6+5P5iUWx6Y83vJs9L7JDjZdyPjbgCnOv//vs9Huwk22zy lr/6LQdblMxUyd4JlE+VnljO8vatvFHEkbIsigIm8fSa7ZKPdDxNiVPxRjlJCv83 58FOGP1rGJK4ae4nD8EpQrf4iYfsYMp76ryUEvpn+q1egyf3ytEArExQIhHqy3iR q/7kCCftvLzX/+7FH2ypRCnUfVaCqYqF2JyVxm/xjaRJ47jmry6Ldnif7DVh1dtd WjiJxOsPezPcaakMMt4q5dE7e+qUGl1GgswWlNVBhAhs8/shXNZLLAvwKwImGgn0 zBW1hwJXUePbTGH6SznKs9nyRsUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBT3TE7K hw1MW6ckK4+IGzsgkfLJrTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MDAyOS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAGeV0DANBgkqhkiG9w0BAQsFAAOCAQEAf9FJ+QpzElObxb31d65E Hb3bbNSaQxtcTjnuzbqFurVPOfZtRNtDGbm9uckC7AIRTxF/IRxYZyWpJ4gd+my1 41nfuTCD2vx9jjKECuOao8jGWw8ne/EapbXQJZ6VGxjH15oUUovaNSn/pQ0vIxp1 Iv2XABcZ7Ood/rcsFg/PNfOGMFJ9d8VYJTS4M3lbOMeGHw5lSmmKcmtsldV4FLCS nH0/Wqd5JCFO5dKYwoFPqTc5VFzcP1xNGoedSBc0qzEVRZSh9OrBRKWnhemnTVeR qwUy5A1z9qW0sGGIosFW1WtnDsNBDtgwj4hxx/OYPcAiLW5GDMzlq1wp8XpbGoe9 Ug== -----END CERTIFICATE-----Generated at Wed May 8 17:45:22 2024 by rpki-client on console-ams.rpki-client.org