$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141059.roa File: AS141059.roa (raw, json) Hash identifier: hlarsn2A/ruBwbXT/7KsHCbFo4J3g0z0acUzNyBzIuQ= Subject key identifier: 3C:01:6C:68:24:4A:6B:1D:DA:C3:EA:59:A0:E5:BB:40:C6:CF:00:14 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 224559711D41757422C720416C82D6FB385B7305 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141059.roa Signing time: Tue 09 Jan 2024 04:00:10 +0000 ROA not before: Tue 09 Jan 2024 03:55:10 +0000 ROA not after: Tue 07 Jan 2025 04:00:10 +0000 asID: 141059 IP address blocks: 103.155.125.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 13:23:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:45:59:71:1d:41:75:74:22:c7:20:41:6c:82:d6:fb:38:5b:73:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:10 2024 GMT Not After : Jan 7 04:00:10 2025 GMT Subject: CN=3C016C68244A6B1DDAC3EA59A0E5BB40C6CF0014 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:9c:51:05:6b:80:1a:1c:0a:9d:b8:54:d7:c7: 1e:74:20:14:2f:f5:bd:fd:5f:ca:83:8b:6b:d7:67: e5:c1:7c:a4:3c:be:b5:6c:7e:2b:e3:1f:20:63:3f: 82:59:23:1d:d5:03:4b:6c:3f:9b:4a:bc:b3:d7:33: cc:e2:16:f7:d2:fe:6e:c5:56:2a:a6:cd:ed:de:c5: fe:53:55:86:1b:f2:07:09:75:bc:f8:7b:27:64:d2: 7f:af:b2:34:74:49:36:d2:a6:86:62:12:0d:c2:2d: 8a:00:55:9c:91:28:76:94:24:2d:e7:ae:66:d2:94: 97:31:67:5c:3d:e6:b9:43:0a:49:93:70:d0:f1:65: 75:d5:43:b4:79:3d:0f:0a:69:20:5c:0a:75:62:22: 5b:60:bf:8a:31:0d:c3:08:c4:dd:27:ed:ba:b0:7d: 5d:13:b3:9c:36:d7:21:3b:2e:0f:52:b7:58:cd:a0: ba:ce:f6:8d:c8:ba:b5:a8:24:85:b5:ca:9e:c9:ae: 47:84:25:fe:75:0d:88:ad:43:8c:45:73:39:67:a4: f0:90:e5:61:7f:38:a1:8b:68:2a:a5:b9:71:47:3b: ad:6e:e2:9d:3b:3b:1c:b5:e1:1f:64:ec:ed:fc:77: 4f:77:f7:0c:59:ec:51:c4:4d:3c:1b:d4:51:39:98: 72:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:01:6C:68:24:4A:6B:1D:DA:C3:EA:59:A0:E5:BB:40:C6:CF:00:14 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141059.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.155.125.0/24 Signature Algorithm: sha256WithRSAEncryption 36:74:ca:03:b8:f1:0e:8a:f5:bc:1e:35:3a:20:3f:9e:bf:08: be:bb:d6:82:cb:fa:33:a2:d2:67:6e:68:bd:5e:ee:c4:08:4e: 0f:e7:92:08:a6:61:f6:a8:cf:25:1c:0b:00:4c:bc:95:46:80: 9e:ec:c5:76:fb:d3:4e:e4:08:49:b9:7e:ba:24:67:46:80:3d: c2:4e:ea:5c:aa:db:fd:8a:8e:27:49:c9:b6:a8:df:46:74:1e: ce:41:4c:c6:6d:a8:89:6e:02:f1:1e:77:e4:a1:e3:dd:8e:78: c5:97:d9:66:8f:7e:23:bd:90:f8:a9:2c:a0:87:08:52:45:73: 4a:7e:4e:df:04:58:07:0f:a0:2d:4a:2b:89:cc:2e:1d:f2:e2: 18:2f:14:f8:11:17:5b:03:fc:ca:f4:af:27:de:41:81:ba:1d: e3:dd:f6:fd:e3:d8:b2:a5:40:49:6a:20:40:87:50:77:f7:14: 9e:06:29:62:27:ae:2a:03:9d:68:7f:3e:51:0f:7a:c3:29:1d: a0:29:52:41:ca:72:1a:7e:61:53:f1:1b:1f:79:a8:be:4a:91: 24:36:49:1d:f1:73:5b:5d:72:42:55:71:43:16:44:30:e0:06: f4:64:e2:ef:30:20:c4:43:ed:78:01:61:81:26:c7:fd:dd:0d: 7e:60:2e:98 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUIkVZcR1BdXQixyBBbILW+zhbcwUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUxMFoX DTI1MDEwNzA0MDAxMFowMzExMC8GA1UEAxMoM0MwMTZDNjgyNDRBNkIxRERBQzNF QTU5QTBFNUJCNDBDNkNGMDAxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMWcUQVrgBocCp24VNfHHnQgFC/1vf1fyoOLa9dn5cF8pDy+tWx+K+MfIGM/ glkjHdUDS2w/m0q8s9czzOIW99L+bsVWKqbN7d7F/lNVhhvyBwl1vPh7J2TSf6+y NHRJNtKmhmISDcItigBVnJEodpQkLeeuZtKUlzFnXD3muUMKSZNw0PFlddVDtHk9 DwppIFwKdWIiW2C/ijENwwjE3SfturB9XROznDbXITsuD1K3WM2gus72jci6tagk hbXKnsmuR4Ql/nUNiK1DjEVzOWek8JDlYX84oYtoKqW5cUc7rW7inTs7HLXhH2Ts 7fx3T3f3DFnsUcRNPBvUUTmYcqUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQ8AWxo JEprHdrD6lmg5btAxs8AFDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MTA1OS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAGebfTANBgkqhkiG9w0BAQsFAAOCAQEANnTKA7jxDor1vB41OiA/ nr8IvrvWgsv6M6LSZ25ovV7uxAhOD+eSCKZh9qjPJRwLAEy8lUaAnuzFdvvTTuQI Sbl+uiRnRoA9wk7qXKrb/YqOJ0nJtqjfRnQezkFMxm2oiW4C8R535KHj3Y54xZfZ Zo9+I72Q+KksoIcIUkVzSn5O3wRYBw+gLUoricwuHfLiGC8U+BEXWwP8yvSvJ95B gbod4932/ePYsqVASWogQIdQd/cUngYpYieuKgOdaH8+UQ96wykdoClSQcpyGn5h U/EbH3movkqRJDZJHfFzW11yQlVxQxZEMOAG9GTi7zAgxEPteAFhgSbH/d0NfmAu mA== -----END CERTIFICATE-----Generated at Wed May 8 10:06:52 2024 by rpki-client on console-ams.rpki-client.org