$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141060.roa File: AS141060.roa (raw, json) Hash identifier: XwK+7sbeo5hVeju6Jmc101+8sRwu2g9K6fmS7PxkZSs= Subject key identifier: 36:47:B1:ED:9F:1F:10:EB:0E:E3:C2:1C:2D:EE:13:F8:2B:6A:B5:96 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 7FA63D4B4EBBF5A81C2004CE297CB6D09B6C9D5C Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141060.roa Signing time: Tue 09 Jan 2024 04:00:10 +0000 ROA not before: Tue 09 Jan 2024 03:55:10 +0000 ROA not after: Tue 07 Jan 2025 04:00:10 +0000 asID: 141060 IP address blocks: 103.155.152.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 03:25:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:a6:3d:4b:4e:bb:f5:a8:1c:20:04:ce:29:7c:b6:d0:9b:6c:9d:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:10 2024 GMT Not After : Jan 7 04:00:10 2025 GMT Subject: CN=3647B1ED9F1F10EB0EE3C21C2DEE13F82B6AB596 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:9e:51:80:c4:7a:66:ac:a1:4c:0f:e6:31:0c: 0c:25:f5:31:48:22:3d:4d:97:bd:45:97:f5:d6:ba: fc:35:7e:d4:5e:a6:a7:8e:b9:91:e2:0c:03:1a:01: 74:f8:ad:8b:83:7e:db:67:80:28:50:2b:d5:08:08: 83:10:b3:9f:50:73:14:f4:e2:9f:58:f8:e8:4e:70: 61:5e:a4:ed:76:89:69:cb:60:37:f1:2f:07:3e:a4: 1e:39:91:d5:28:54:36:9f:77:50:59:a3:b9:d5:c4: 1a:a8:d1:88:af:40:4f:a9:20:c8:3b:d7:cd:b0:83: 6f:a1:99:17:e3:75:8d:1c:b1:3f:4e:3d:02:80:20: 77:d6:4b:1e:23:80:1d:45:40:db:61:97:76:36:11: 79:c6:e9:ec:da:ff:36:14:76:8b:9f:4e:04:6b:6d: 54:07:cb:ee:83:10:16:8e:71:36:f6:10:8d:92:41: 71:c3:da:17:b3:0a:fc:3e:23:3a:e1:cb:95:c4:3f: fc:d6:46:a1:a2:62:af:9f:e6:ab:f2:e4:c3:dc:a6: ca:d8:61:ac:72:09:83:51:a3:36:0a:0b:df:d0:fa: 39:b9:ff:ed:6e:35:ff:89:cd:82:24:e2:60:ce:42: ad:0b:01:fa:0a:62:b0:7a:0e:15:0a:90:53:82:b3: e5:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:47:B1:ED:9F:1F:10:EB:0E:E3:C2:1C:2D:EE:13:F8:2B:6A:B5:96 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141060.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.155.152.0/23 Signature Algorithm: sha256WithRSAEncryption 72:29:3d:d8:20:b4:39:6e:b1:1a:9e:92:4a:ac:03:8f:f4:98: 69:ef:2b:c1:af:67:5d:83:25:08:51:0e:33:d4:aa:5f:2f:d1: d2:a6:39:70:aa:e8:d0:54:86:27:4f:ce:21:e7:72:d9:00:0f: 3b:b6:30:f3:d2:eb:5a:ef:d3:22:30:fd:6d:44:5f:15:fa:fb: fb:64:f5:f2:33:37:c9:5d:45:ca:04:bf:0e:1e:38:11:9f:b5: a1:1a:b5:b4:7c:8f:df:30:bb:35:c3:b3:c3:84:04:69:75:48: 5b:1c:c5:fb:f6:01:7d:68:e1:65:9f:a6:b7:50:fe:e9:df:a7: 0c:21:61:06:02:f9:fe:da:73:77:4c:a1:4e:81:d1:43:e0:fa: 60:91:2a:98:ec:72:9a:8b:24:07:4e:0d:5f:7a:bb:b9:29:fb: 10:0c:b5:7b:9d:ab:aa:ac:47:34:3d:14:28:dc:5a:a7:1c:f3: 41:ce:0b:5d:5d:d1:ee:b0:93:c1:29:8e:1f:f8:1a:de:3a:c3: 93:79:97:18:63:b7:67:e0:00:d1:32:a8:28:72:29:4d:18:e9: e5:8d:42:b0:55:ac:42:f2:db:1d:20:b0:b3:42:1e:d9:b4:9c: 2f:d3:48:5d:92:c5:cb:5f:6d:e1:23:19:9f:1d:08:5e:60:1b: e7:11:73:55 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUf6Y9S0679agcIATOKXy20JtsnVwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUxMFoX DTI1MDEwNzA0MDAxMFowMzExMC8GA1UEAxMoMzY0N0IxRUQ5RjFGMTBFQjBFRTND MjFDMkRFRTEzRjgyQjZBQjU5NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO2eUYDEemasoUwP5jEMDCX1MUgiPU2XvUWX9da6/DV+1F6mp465keIMAxoB dPiti4N+22eAKFAr1QgIgxCzn1BzFPTin1j46E5wYV6k7XaJactgN/EvBz6kHjmR 1ShUNp93UFmjudXEGqjRiK9AT6kgyDvXzbCDb6GZF+N1jRyxP049AoAgd9ZLHiOA HUVA22GXdjYRecbp7Nr/NhR2i59OBGttVAfL7oMQFo5xNvYQjZJBccPaF7MK/D4j OuHLlcQ//NZGoaJir5/mq/Lkw9ymythhrHIJg1GjNgoL39D6Obn/7W41/4nNgiTi YM5CrQsB+gpisHoOFQqQU4Kz5e0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQ2R7Ht nx8Q6w7jwhwt7hP4K2q1ljAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MTA2MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWebmDANBgkqhkiG9w0BAQsFAAOCAQEAcik92CC0OW6xGp6SSqwD j/SYae8rwa9nXYMlCFEOM9SqXy/R0qY5cKro0FSGJ0/OIedy2QAPO7Yw89LrWu/T IjD9bURfFfr7+2T18jM3yV1FygS/Dh44EZ+1oRq1tHyP3zC7NcOzw4QEaXVIWxzF +/YBfWjhZZ+mt1D+6d+nDCFhBgL5/tpzd0yhToHRQ+D6YJEqmOxymoskB04NX3q7 uSn7EAy1e52rqqxHND0UKNxapxzzQc4LXV3R7rCTwSmOH/ga3jrDk3mXGGO3Z+AA 0TKoKHIpTRjp5Y1CsFWsQvLbHSCws0Ie2bScL9NIXZLFy19t4SMZnx0IXmAb5xFz VQ== -----END CERTIFICATE-----Generated at Fri May 3 04:42:25 2024 by rpki-client on console-fra.rpki-client.org