$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140472.roa File: AS140472.roa (raw, json) Hash identifier: WvHJ+0E1wGIlGWK3wvgIfVkzk1otlVdUB7Z9JToiBtk= Subject key identifier: 71:A6:95:89:2E:60:51:11:33:46:FA:B0:BD:BB:C9:0D:B7:B2:55:BE Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2BDE3712672ECB8088CD15E4332AAA4E6B62F61E Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140472.roa Signing time: Tue 09 Jan 2024 04:00:09 +0000 ROA not before: Tue 09 Jan 2024 03:55:09 +0000 ROA not after: Tue 07 Jan 2025 04:00:09 +0000 asID: 140472 IP address blocks: 103.153.192.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 13:23:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:de:37:12:67:2e:cb:80:88:cd:15:e4:33:2a:aa:4e:6b:62:f6:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:09 2024 GMT Not After : Jan 7 04:00:09 2025 GMT Subject: CN=71A695892E6051113346FAB0BDBBC90DB7B255BE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:d4:87:d4:19:17:c7:a3:d7:d3:f9:de:b2:f0: b6:d0:8b:33:20:89:f5:af:32:c7:73:f4:f7:26:f7: 64:ac:8e:6f:27:b6:df:b5:53:74:97:f8:65:05:40: a5:56:be:b8:0e:76:ba:4c:77:9c:81:55:46:b5:d4: 5a:dd:fd:4c:af:3d:e6:ae:d2:6a:1b:27:9a:06:8b: 9e:50:4d:7f:d0:b7:0b:a2:d3:bc:7a:d5:00:cf:d1: bc:98:8f:a9:26:b6:31:90:ec:83:9d:69:b3:3d:34: 69:ce:5f:f7:13:4a:a7:02:ce:08:d1:a3:d5:0a:25: 9f:f5:1e:5a:91:95:65:eb:d8:9d:87:84:68:c3:01: 40:fa:11:5f:06:82:c5:e0:e7:e7:56:a1:61:74:fc: 3a:94:9c:de:f4:a5:c1:61:e7:36:f1:32:42:41:a2: 0f:b8:7a:21:48:ed:26:77:25:ee:39:37:fb:ba:f9: af:42:55:96:bc:7d:fe:2e:a6:40:36:dd:c0:e9:c4: 73:c1:49:e7:27:2c:41:88:71:da:53:0a:22:09:1c: d7:98:4d:1c:9b:d8:42:6d:8d:e9:65:d2:05:d9:e6: 91:d2:fb:c1:27:7d:17:06:f8:04:c1:42:dd:fb:49: 50:de:e1:38:84:1b:89:b3:44:4f:a0:f2:0c:59:1f: 50:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:A6:95:89:2E:60:51:11:33:46:FA:B0:BD:BB:C9:0D:B7:B2:55:BE X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140472.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.153.192.0/23 Signature Algorithm: sha256WithRSAEncryption 12:ef:02:be:4b:31:41:f0:e7:09:2a:33:e9:0b:08:e9:8e:b4: af:2b:0d:e8:ca:fc:e7:f6:d6:34:87:2d:34:fb:8c:a2:f5:0d: 3f:60:02:57:84:29:92:f5:cb:ca:7e:03:c6:d0:c8:ed:ac:18: 00:9b:fc:57:6b:76:67:d9:3c:0d:f2:c9:69:53:bb:a0:f1:dc: 33:a4:c0:8e:17:22:cf:d2:16:a8:69:26:a5:2e:c7:6f:3d:a1: 8c:88:c1:38:ac:63:95:94:cb:12:a2:3f:98:23:5f:96:00:38: 0d:c2:c3:92:6f:09:6c:83:74:c0:e8:53:85:3e:bb:46:f6:0a: fb:50:34:36:79:b7:44:77:e5:5e:fa:fa:bd:9f:66:9e:27:d0: 66:e8:93:7a:75:39:87:3e:d1:73:37:ea:9d:5b:8b:05:36:0e: 76:7f:ab:d2:64:90:24:2e:0f:8e:2c:82:d9:e0:82:42:05:e3: 32:8d:f5:08:d6:e9:8c:93:7d:96:9b:b5:04:9b:05:31:b5:38: 6b:1c:8a:4f:2f:63:b5:39:48:d0:06:95:03:93:53:bd:e0:0d: 5e:b9:83:9d:9d:65:40:71:23:91:af:a7:a7:38:91:e0:96:9a: 9f:e4:54:dd:de:2f:a8:de:3f:90:c0:e1:98:de:44:43:4a:82: ff:e5:22:b5 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUK943Emcuy4CIzRXkMyqqTmti9h4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUwOVoX DTI1MDEwNzA0MDAwOVowMzExMC8GA1UEAxMoNzFBNjk1ODkyRTYwNTExMTMzNDZG QUIwQkRCQkM5MERCN0IyNTVCRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMnUh9QZF8ej19P53rLwttCLMyCJ9a8yx3P09yb3ZKyObye237VTdJf4ZQVA pVa+uA52ukx3nIFVRrXUWt39TK895q7SahsnmgaLnlBNf9C3C6LTvHrVAM/RvJiP qSa2MZDsg51psz00ac5f9xNKpwLOCNGj1Qoln/UeWpGVZevYnYeEaMMBQPoRXwaC xeDn51ahYXT8OpSc3vSlwWHnNvEyQkGiD7h6IUjtJncl7jk3+7r5r0JVlrx9/i6m QDbdwOnEc8FJ5ycsQYhx2lMKIgkc15hNHJvYQm2N6WXSBdnmkdL7wSd9Fwb4BMFC 3ftJUN7hOIQbibNET6DyDFkfUBUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRxppWJ LmBRETNG+rC9u8kNt7JVvjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MDQ3Mi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWeZwDANBgkqhkiG9w0BAQsFAAOCAQEAEu8CvksxQfDnCSoz6QsI 6Y60rysN6Mr85/bWNIctNPuMovUNP2ACV4QpkvXLyn4DxtDI7awYAJv8V2t2Z9k8 DfLJaVO7oPHcM6TAjhciz9IWqGkmpS7Hbz2hjIjBOKxjlZTLEqI/mCNflgA4DcLD km8JbIN0wOhThT67RvYK+1A0Nnm3RHflXvr6vZ9mnifQZuiTenU5hz7RczfqnVuL BTYOdn+r0mSQJC4PjiyC2eCCQgXjMo31CNbpjJN9lpu1BJsFMbU4axyKTy9jtTlI 0AaVA5NTveANXrmDnZ1lQHEjka+npziR4Jaan+RU3d4vqN4/kMDhmN5EQ0qC/+Ui tQ== -----END CERTIFICATE-----Generated at Wed May 8 10:06:52 2024 by rpki-client on console-ams.rpki-client.org