$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140443.roa File: AS140443.roa (raw, json) Hash identifier: Lq5kkc8K5S1l+5zbuIzpD1mtUzNrhyK2U1azDdQwzwg= Subject key identifier: FB:38:B4:0C:D1:05:88:6A:A9:BD:3F:32:52:31:19:63:37:59:B3:43 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 421D6859EEA32808962D307BD60FE18928AA251B Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140443.roa Signing time: Tue 21 Jan 2025 04:00:00 +0000 ROA not before: Tue 21 Jan 2025 03:55:00 +0000 ROA not after: Tue 20 Jan 2026 04:00:00 +0000 asID: 140443 IP address blocks: 103.160.62.0/23 maxlen: 24 103.173.74.0/23 maxlen: 24 103.178.152.0/24 maxlen: 24 103.178.153.0/24 maxlen: 24 2001:df1:ff40::/48 maxlen: 48 2001:df4:f80::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:1d:68:59:ee:a3:28:08:96:2d:30:7b:d6:0f:e1:89:28:aa:25:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Jan 21 03:55:00 2025 GMT Not After : Jan 20 04:00:00 2026 GMT Subject: CN=FB38B40CD105886AA9BD3F32523119633759B343 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:06:e6:b2:dd:b0:8b:2a:75:a2:69:ff:24:27: 8b:b7:00:44:21:60:af:1c:40:c3:c6:b7:a5:86:12: af:dc:f9:d3:63:54:aa:03:a0:65:44:47:0b:56:88: 37:35:15:87:93:ee:0e:24:9c:e7:dd:a3:c2:75:0c: 9d:25:c9:ab:2c:b7:11:f4:e4:a6:4a:c6:37:a2:f1: 92:70:02:79:74:4a:32:29:cf:b5:a5:07:a1:b3:8e: 4b:97:2e:a6:63:2c:eb:0c:c3:fb:8c:57:1c:00:19: 2f:15:bb:26:e1:58:45:77:a5:57:f3:c0:e3:f1:d7: d1:9c:30:ba:26:57:cb:a5:73:87:55:72:d9:1d:b5: 90:c0:96:2f:bc:49:44:04:95:b9:43:fd:81:cb:49: fa:dc:c6:3a:cf:c1:a2:1a:76:16:ea:21:69:88:87: 85:01:3b:4b:bd:a1:1c:02:8d:92:a1:19:1c:ab:e6: 38:dd:91:a7:79:18:09:84:1a:01:76:6a:74:c9:5a: 6d:ca:ae:ef:fa:fc:b8:e3:9c:66:2a:4b:54:90:66: c0:c5:a8:3e:9a:76:19:a1:0b:ee:88:23:72:b2:a5: e5:5d:70:1e:9b:a1:05:62:17:20:6f:84:aa:89:7f: 20:c5:69:5f:11:25:e2:5d:72:2c:22:37:22:a4:3d: 39:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:38:B4:0C:D1:05:88:6A:A9:BD:3F:32:52:31:19:63:37:59:B3:43 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140443.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.160.62.0/23 103.173.74.0/23 103.178.152.0/23 IPv6: 2001:df1:ff40::/48 2001:df4:f80::/48 Signature Algorithm: sha256WithRSAEncryption 87:3c:63:07:81:4e:95:aa:82:78:48:07:78:50:54:e2:fb:3e: ff:b0:5c:df:15:b7:c9:ce:fa:2e:67:4d:14:0b:75:bb:02:3e: 27:6d:35:89:4a:8a:6d:dd:2d:98:5c:84:57:18:3f:ce:69:69: e2:e0:56:27:89:49:58:6c:1c:08:8d:b9:1b:f1:47:16:f9:9e: 7b:82:4e:d8:ba:72:f0:a9:d5:3b:70:a4:a0:78:c2:bb:c9:ad: cf:c7:63:6d:39:0a:51:8a:e1:05:93:03:b6:ac:b5:7b:a3:65: 64:bd:90:58:3a:44:a3:91:bc:93:3a:d4:64:3b:5c:bd:e1:04: 83:2a:76:10:ac:6a:4e:3e:33:b5:e4:a1:9a:98:00:3e:18:be: f2:e8:97:f2:c4:05:e9:fe:2c:21:1e:10:93:c3:65:87:17:e3: 00:a8:b9:06:f9:29:bc:5d:94:71:a5:84:75:12:36:7b:01:13: 94:f7:fc:0f:7f:b1:87:16:fa:52:7c:f8:13:33:79:96:c1:5f: cb:c5:d1:f4:79:fb:ce:71:55:5d:f2:78:97:1c:c9:c0:d4:40: 12:8e:1d:a6:d1:57:14:11:5d:18:cd:86:b9:ea:bb:0a:45:9c: 3a:13:24:8c:48:e6:a6:8d:75:6d:58:d7:34:2b:80:50:28:0a: 35:45:ba:ea -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgIUQh1oWe6jKAiWLTB71g/hiSiqJRswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDEyMTAzNTUwMFoX DTI2MDEyMDA0MDAwMFowMzExMC8GA1UEAxMoRkIzOEI0MENEMTA1ODg2QUE5QkQz RjMyNTIzMTE5NjMzNzU5QjM0MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKkG5rLdsIsqdaJp/yQni7cARCFgrxxAw8a3pYYSr9z502NUqgOgZURHC1aI NzUVh5PuDiSc592jwnUMnSXJqyy3EfTkpkrGN6LxknACeXRKMinPtaUHobOOS5cu pmMs6wzD+4xXHAAZLxW7JuFYRXelV/PA4/HX0ZwwuiZXy6Vzh1Vy2R21kMCWL7xJ RASVuUP9gctJ+tzGOs/Bohp2FuohaYiHhQE7S72hHAKNkqEZHKvmON2Rp3kYCYQa AXZqdMlabcqu7/r8uOOcZipLVJBmwMWoPpp2GaEL7ogjcrKl5V1wHpuhBWIXIG+E qol/IMVpXxEl4l1yLCI3IqQ9OdkCAwEAAaOCAfYwggHyMB0GA1UdDgQWBBT7OLQM 0QWIaqm9PzJSMRljN1mzQzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MDQ0My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBFBggrBgEFBQcBBwEB/wQ2MDQw GAQCAAEwEgMEAWegPgMEAWetSgMEAWeymDAYBAIAAjASAwcAIAEN8f9AAwcAIAEN 9A+AMA0GCSqGSIb3DQEBCwUAA4IBAQCHPGMHgU6VqoJ4SAd4UFTi+z7/sFzfFbfJ zvouZ00UC3W7Aj4nbTWJSopt3S2YXIRXGD/OaWni4FYniUlYbBwIjbkb8UcW+Z57 gk7YunLwqdU7cKSgeMK7ya3Px2NtOQpRiuEFkwO2rLV7o2VkvZBYOkSjkbyTOtRk O1y94QSDKnYQrGpOPjO15KGamAA+GL7y6JfyxAXp/iwhHhCTw2WHF+MAqLkG+Sm8 XZRxpYR1EjZ7AROU9/wPf7GHFvpSfPgTM3mWwV/LxdH0efvOcVVd8niXHMnA1EAS jh2m0VcUEV0YzYa56rsKRZw6EySMSOamjXVtWNc0K4BQKAo1Rbrq -----END CERTIFICATE-----Generated at Sat Apr 5 06:22:24 2025 by rpki-client