$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141126.roa File: AS141126.roa (raw, json) Hash identifier: Khl6yBoLW2XGFZbyty3GBNJAhJIkndtKEZQShmuXrlE= Subject key identifier: 3A:B9:79:3D:BF:9A:F6:88:E6:54:DB:30:C9:3E:BF:5F:3C:03:03:C7 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 432A9E71B55728388DE5C543CBCCA10F2D0CA2AE Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141126.roa Signing time: Thu 03 Oct 2024 04:41:26 +0000 ROA not before: Thu 03 Oct 2024 04:36:26 +0000 ROA not after: Thu 02 Oct 2025 04:41:26 +0000 asID: 141126 IP address blocks: 103.158.154.0/23 maxlen: 24 203.81.248.0/22 maxlen: 24 203.175.126.0/23 maxlen: 24 2001:df1:d040::/48 maxlen: 48 2001:df5:5980::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 06:34:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:2a:9e:71:b5:57:28:38:8d:e5:c5:43:cb:cc:a1:0f:2d:0c:a2:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Oct 3 04:36:26 2024 GMT Not After : Oct 2 04:41:26 2025 GMT Subject: CN=3AB9793DBF9AF688E654DB30C93EBF5F3C0303C7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:00:65:be:02:00:76:61:bb:71:f1:e9:9d:d3: 57:1b:4e:5f:73:d2:0b:37:14:d8:d4:7f:c3:1a:ec: 81:4a:79:0d:e8:26:84:1b:97:a8:eb:03:b3:62:bb: 91:89:a0:20:f8:6a:39:05:7e:f2:3e:09:18:04:76: 9e:a0:bd:d7:b1:83:fc:a1:88:fc:61:f1:85:9a:55: 49:58:b3:dd:e7:7d:cf:33:d4:7e:54:f8:64:9e:d5: ed:05:28:db:83:f5:e6:81:7a:7a:08:fb:03:1e:64: 17:d2:30:72:3d:db:31:96:3f:b5:b2:d0:81:a7:25: 1e:46:b8:28:9d:6d:a2:8c:2f:95:7b:c5:b3:52:53: 76:5e:e0:60:ce:08:e4:7d:94:72:a9:e4:fd:e4:8f: 1b:34:58:db:d9:86:4a:2c:75:8c:69:6e:0c:00:b6: 1a:96:3c:e5:8c:0c:52:09:3e:d9:13:52:24:01:02: 64:00:cb:a8:42:44:0c:b1:7e:44:27:eb:5f:22:f7: ea:1b:7e:40:03:26:f5:bf:0a:62:14:4b:aa:e0:e7: 11:77:88:94:7c:af:84:a3:a0:05:e5:44:97:ae:19: de:31:c1:92:4a:a9:f7:e3:8f:c4:e9:03:35:f6:4f: 97:8e:48:96:36:08:ec:50:f1:3b:9e:dc:60:90:39: 0d:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:B9:79:3D:BF:9A:F6:88:E6:54:DB:30:C9:3E:BF:5F:3C:03:03:C7 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141126.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.158.154.0/23 203.81.248.0/22 203.175.126.0/23 IPv6: 2001:df1:d040::/48 2001:df5:5980::/48 Signature Algorithm: sha256WithRSAEncryption 07:9e:29:4d:b1:c6:ff:b0:a7:92:9a:03:76:85:24:bf:03:13: b6:8b:7d:74:ac:7f:40:45:83:bf:3e:1d:18:51:e7:45:15:30: 84:80:10:b3:99:bd:57:d7:87:fc:db:4b:53:18:b6:eb:bb:74: c8:d7:2a:e5:cc:55:4f:e8:63:19:1a:7a:42:ad:46:87:d9:94: ec:a9:69:91:21:9e:26:11:d7:b3:4e:cc:be:26:9c:cc:ec:2c: 2c:34:1a:c4:7a:e1:eb:a9:60:f9:5e:32:60:fd:1a:c9:c0:b4: ec:89:31:ba:60:22:ab:1b:78:ff:5a:3d:2a:d6:d0:06:3d:ab: 4b:f0:22:ca:0e:f0:50:f5:75:45:3e:69:39:cb:66:57:26:d9: f3:c6:8c:08:a6:6f:c1:fe:f4:d6:a3:cd:8d:f3:d6:11:8c:9e: 88:ef:60:52:45:31:b5:ca:f0:e0:a5:95:77:42:3c:5d:e2:26: 59:ff:13:75:df:a5:9c:77:cd:26:6f:dd:d0:e7:27:be:24:fc: 6b:86:cb:a6:14:e0:1d:5a:ba:f9:9a:02:25:9e:05:75:79:d6: e9:20:c5:49:e1:23:bc:a9:1c:78:07:a3:d4:e5:74:c6:cc:b2: c1:51:e0:29:84:4a:db:2d:ad:08:84:77:cb:ed:f9:de:52:22: 2b:e0:53:a3 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgIUQyqecbVXKDiN5cVDy8yhDy0Moq4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTAwMzA0MzYyNloX DTI1MTAwMjA0NDEyNlowMzExMC8GA1UEAxMoM0FCOTc5M0RCRjlBRjY4OEU2NTRE QjMwQzkzRUJGNUYzQzAzMDNDNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALIAZb4CAHZhu3Hx6Z3TVxtOX3PSCzcU2NR/wxrsgUp5DegmhBuXqOsDs2K7 kYmgIPhqOQV+8j4JGAR2nqC917GD/KGI/GHxhZpVSViz3ed9zzPUflT4ZJ7V7QUo 24P15oF6egj7Ax5kF9Iwcj3bMZY/tbLQgaclHka4KJ1toowvlXvFs1JTdl7gYM4I 5H2Ucqnk/eSPGzRY29mGSix1jGluDAC2GpY85YwMUgk+2RNSJAECZADLqEJEDLF+ RCfrXyL36ht+QAMm9b8KYhRLquDnEXeIlHyvhKOgBeVEl64Z3jHBkkqp9+OPxOkD NfZPl45IljYI7FDxO57cYJA5DQUCAwEAAaOCAfYwggHyMB0GA1UdDgQWBBQ6uXk9 v5r2iOZU2zDJPr9fPAMDxzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MTEyNi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBFBggrBgEFBQcBBwEB/wQ2MDQw GAQCAAEwEgMEAWeemgMEAstR+AMEAcuvfjAYBAIAAjASAwcAIAEN8dBAAwcAIAEN 9VmAMA0GCSqGSIb3DQEBCwUAA4IBAQAHnilNscb/sKeSmgN2hSS/AxO2i310rH9A RYO/Ph0YUedFFTCEgBCzmb1X14f820tTGLbru3TI1yrlzFVP6GMZGnpCrUaH2ZTs qWmRIZ4mEdezTsy+JpzM7CwsNBrEeuHrqWD5XjJg/RrJwLTsiTG6YCKrG3j/Wj0q 1tAGPatL8CLKDvBQ9XVFPmk5y2ZXJtnzxowIpm/B/vTWo82N89YRjJ6I72BSRTG1 yvDgpZV3Qjxd4iZZ/xN136Wcd80mb93Q5ye+JPxrhsumFOAdWrr5mgIlngV1edbp IMVJ4SO8qRx4B6PU5XTGzLLBUeAphErbLa0IhHfL7fneUiIr4FOj -----END CERTIFICATE-----Generated at Sun Feb 16 20:43:44 2025 by rpki-client