$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141128.roa File: AS141128.roa (raw, json) Hash identifier: gFWWK9ZpJ7m1h/Vx6nLA8VY26cYgztIIGcN01aTm9BI= Subject key identifier: 1E:3B:64:FB:CD:87:F1:D8:C0:D9:D4:63:A2:EF:71:91:6C:F6:98:C9 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 0CAF24B3E4B933611C8DA86CB84AD3E70A2F72CC Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141128.roa Signing time: Tue 09 Jan 2024 04:00:30 +0000 ROA not before: Tue 09 Jan 2024 03:55:30 +0000 ROA not after: Tue 07 Jan 2025 04:00:30 +0000 asID: 141128 IP address blocks: 103.158.130.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:af:24:b3:e4:b9:33:61:1c:8d:a8:6c:b8:4a:d3:e7:0a:2f:72:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:30 2024 GMT Not After : Jan 7 04:00:30 2025 GMT Subject: CN=1E3B64FBCD87F1D8C0D9D463A2EF71916CF698C9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:ff:98:46:49:65:dc:36:e2:1f:fc:6d:d6:f9: db:8c:6a:76:0a:f8:05:48:60:40:c0:d9:a0:d5:ca: 6e:a0:4f:39:68:c7:2a:f5:38:c8:c9:0f:a4:9f:30: 04:1b:6c:4a:2e:7f:57:bd:32:82:e2:6b:0b:05:de: 0f:37:76:7e:ef:d2:86:9f:6a:c4:cb:92:5e:f2:93: 97:32:25:a9:05:62:de:b7:b3:41:81:e1:c1:3f:db: 93:06:e9:00:3f:68:a5:1c:8e:ee:85:1f:00:99:92: 5e:2d:40:fc:e8:d8:4d:2f:2c:e8:a8:07:9e:77:b4: 0a:23:b6:e3:07:a5:ed:41:ac:68:bf:a8:5f:01:6b: e5:21:b6:c5:11:92:0f:75:1a:ec:df:0d:2b:f8:93: 2e:5a:be:90:8f:2a:05:2d:23:35:68:02:48:17:1f: 78:9f:83:6c:b7:e4:56:23:06:26:bb:70:b9:42:61: c5:2b:5e:31:8e:6a:bd:a5:c3:38:24:22:4b:bb:6a: f7:8d:a9:4a:cd:27:4d:73:1f:74:83:99:0f:db:aa: 5b:d5:b8:0a:32:d9:a6:90:05:82:19:41:95:f3:f9: 86:cf:e7:c1:ed:71:13:74:69:49:b9:c7:01:0d:c6: c6:80:4b:a0:bf:b8:f9:be:46:63:e2:6d:a7:02:a3: 71:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:3B:64:FB:CD:87:F1:D8:C0:D9:D4:63:A2:EF:71:91:6C:F6:98:C9 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141128.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.158.130.0/24 Signature Algorithm: sha256WithRSAEncryption 65:b2:04:45:38:02:97:69:c3:22:50:fa:35:6e:96:f5:0a:0d: 48:8f:41:35:a7:d9:02:87:31:a8:b4:0c:f7:d0:ba:01:eb:b8: 97:23:31:c7:8f:c2:74:0b:93:50:be:2d:fd:d1:11:ca:4e:37: 13:26:a5:71:ef:6f:f2:44:e1:4b:d5:93:e3:67:83:86:e2:54: 2f:36:a9:39:3b:52:02:c9:a8:8f:d1:d5:02:79:71:1a:57:11: 67:5f:bd:da:f9:4b:f8:dd:cb:dd:c1:3e:b0:aa:03:b8:03:8e: 74:2e:e4:6e:a1:23:0f:57:3d:e8:df:68:2d:c8:db:e3:24:9b: f8:b0:23:de:fb:98:38:c9:c7:8c:e7:ab:d5:af:51:0e:64:8b: da:38:9d:aa:9e:3e:a6:68:07:37:f2:de:2e:47:c7:ba:b0:94: a4:a1:11:e6:24:de:d1:6e:3e:ba:dc:a8:1c:17:74:7f:af:7f: 52:3b:3b:d2:e6:06:21:85:e8:37:25:18:10:28:b4:aa:c3:ae: ea:49:20:b2:c4:cd:89:19:16:05:3c:a5:00:ed:a0:f9:db:41: 51:5f:a8:5b:e4:3d:66:37:a8:68:99:29:da:68:7a:5d:5e:17: 3f:20:83:92:d8:9b:dd:04:d4:4c:c0:84:d3:da:b0:da:a3:80: 42:79:c9:66 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUDK8ks+S5M2EcjahsuErT5wovcswwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUzMFoX DTI1MDEwNzA0MDAzMFowMzExMC8GA1UEAxMoMUUzQjY0RkJDRDg3RjFEOEMwRDlE NDYzQTJFRjcxOTE2Q0Y2OThDOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK7/mEZJZdw24h/8bdb524xqdgr4BUhgQMDZoNXKbqBPOWjHKvU4yMkPpJ8w BBtsSi5/V70yguJrCwXeDzd2fu/Shp9qxMuSXvKTlzIlqQVi3rezQYHhwT/bkwbp AD9opRyO7oUfAJmSXi1A/OjYTS8s6KgHnne0CiO24wel7UGsaL+oXwFr5SG2xRGS D3Ua7N8NK/iTLlq+kI8qBS0jNWgCSBcfeJ+DbLfkViMGJrtwuUJhxSteMY5qvaXD OCQiS7tq942pSs0nTXMfdIOZD9uqW9W4CjLZppAFghlBlfP5hs/nwe1xE3RpSbnH AQ3GxoBLoL+4+b5GY+JtpwKjcckCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQeO2T7 zYfx2MDZ1GOi73GRbPaYyTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MTEyOC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAGeegjANBgkqhkiG9w0BAQsFAAOCAQEAZbIERTgCl2nDIlD6NW6W 9QoNSI9BNafZAocxqLQM99C6Aeu4lyMxx4/CdAuTUL4t/dERyk43Eyalce9v8kTh S9WT42eDhuJULzapOTtSAsmoj9HVAnlxGlcRZ1+92vlL+N3L3cE+sKoDuAOOdC7k bqEjD1c96N9oLcjb4ySb+LAj3vuYOMnHjOer1a9RDmSL2jidqp4+pmgHN/LeLkfH urCUpKER5iTe0W4+utyoHBd0f69/Ujs70uYGIYXoNyUYECi0qsOu6kkgssTNiRkW BTylAO2g+dtBUV+oW+Q9ZjeoaJkp2mh6XV4XPyCDktib3QTUTMCE09qw2qOAQnnJ Zg== -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:25 2024 by rpki-client on console-fra.rpki-client.org