$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141461.roa File: AS141461.roa (raw, json) Hash identifier: NjB+4zDRZcc1iI7GpyYr4JpJJaVDLZVZomwQ2xsp2Ts= Subject key identifier: 00:20:C8:F9:DE:12:94:7C:4A:A3:36:26:00:35:D1:B9:22:DD:EB:24 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 31B7F16C8BBB762770BECD71CF5BE15159F425F7 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141461.roa Signing time: Thu 14 Nov 2024 03:00:00 +0000 ROA not before: Thu 14 Nov 2024 02:55:00 +0000 ROA not after: Thu 13 Nov 2025 03:00:00 +0000 asID: 141461 IP address blocks: 202.80.209.0/24 maxlen: 24 202.80.220.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:b7:f1:6c:8b:bb:76:27:70:be:cd:71:cf:5b:e1:51:59:f4:25:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 14 02:55:00 2024 GMT Not After : Nov 13 03:00:00 2025 GMT Subject: CN=0020C8F9DE12947C4AA336260035D1B922DDEB24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:de:f0:56:5a:10:56:ec:3b:f6:1e:e5:8e:c4: 48:c2:4f:a5:79:a6:11:19:89:18:38:26:48:ae:0e: 44:da:8d:3d:4c:56:f8:5d:36:87:6c:87:92:67:b9: 4e:4d:d5:65:f9:0f:61:21:bc:2d:81:c6:e0:a7:8a: 2f:56:3a:39:e1:95:3e:9e:73:d9:59:4d:aa:f3:55: f0:81:d1:a7:7e:79:b0:a3:a4:26:76:4e:0a:87:a9: ee:1d:16:2a:7f:7b:ff:06:30:68:f1:af:3e:0a:d7: 08:c6:04:20:cf:32:43:e8:4f:a0:d0:22:be:fa:18: e9:61:49:33:6e:c3:fc:ae:04:3f:bb:4e:81:f5:ab: fe:13:aa:b7:6b:f7:0c:00:2b:d9:df:01:c8:fa:54: 79:85:19:74:a8:ee:ec:fa:58:a9:b1:43:14:9a:aa: 93:4b:75:81:56:43:9c:ac:52:24:8f:58:f3:93:e8: a9:0f:c3:cf:20:9f:16:95:4b:d0:01:bc:b6:60:8a: 42:f8:a2:d5:b9:46:d0:0f:ff:15:e0:ee:47:7b:ab: 21:73:e5:70:d8:4d:1f:b9:41:61:f8:59:47:11:de: a1:95:51:12:e5:c0:01:4e:9d:6c:8b:55:d5:25:76: b2:e3:79:f0:7b:3d:f4:e1:a6:7a:78:e8:05:0b:ea: 19:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:20:C8:F9:DE:12:94:7C:4A:A3:36:26:00:35:D1:B9:22:DD:EB:24 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141461.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.80.209.0/24 202.80.220.0/23 Signature Algorithm: sha256WithRSAEncryption 82:2a:4f:4e:bc:11:b4:73:f4:cd:26:47:fd:79:70:2d:a0:78: b4:f2:27:7a:e5:e2:d8:04:be:22:57:aa:d0:59:f8:5f:e2:ce: 4b:81:2a:b8:82:d2:48:04:1c:56:05:6c:a4:f5:db:e7:06:56: 85:52:07:9d:f6:00:46:3f:c7:13:17:ae:cf:87:e9:67:77:d4: e6:a1:d8:6a:b9:f4:3f:e3:10:06:20:83:ce:87:04:fe:e8:9a: b6:d6:82:69:ed:80:56:70:17:95:fd:1c:21:8d:d0:c7:de:6c: 1d:95:7e:30:a0:57:52:7e:d9:da:f0:0e:3a:3b:00:0f:bf:b4: 57:dc:00:9e:26:f0:30:cc:21:91:36:db:d3:33:9d:65:19:e0: 10:ed:a1:2e:f8:9f:0e:1f:d1:05:2a:fb:0a:f2:84:cd:7f:8a: 35:81:ea:c8:14:dc:50:2d:c7:38:ad:bd:dd:6f:ae:74:49:33: a6:89:75:b0:9c:07:e1:ea:e4:1e:34:57:61:08:d5:61:c4:ef: c9:a4:b1:be:3e:6d:e4:30:d1:21:2f:5d:d9:0c:b5:5b:64:9d: 74:e0:40:57:ac:79:9f:43:a3:99:e4:a7:a6:06:c4:c9:4e:00: 5c:34:d3:76:2e:38:d5:4f:6e:c8:0d:ae:40:f8:8d:ae:78:20: 02:e0:5e:ea -----BEGIN CERTIFICATE----- MIIE4zCCA8ugAwIBAgIUMbfxbIu7didwvs1xz1vhUVn0JfcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTExNDAyNTUwMFoX DTI1MTExMzAzMDAwMFowMzExMC8GA1UEAxMoMDAyMEM4RjlERTEyOTQ3QzRBQTMz NjI2MDAzNUQxQjkyMkRERUIyNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANDe8FZaEFbsO/Ye5Y7ESMJPpXmmERmJGDgmSK4ORNqNPUxW+F02h2yHkme5 Tk3VZfkPYSG8LYHG4KeKL1Y6OeGVPp5z2VlNqvNV8IHRp355sKOkJnZOCoep7h0W Kn97/wYwaPGvPgrXCMYEIM8yQ+hPoNAivvoY6WFJM27D/K4EP7tOgfWr/hOqt2v3 DAAr2d8ByPpUeYUZdKju7PpYqbFDFJqqk0t1gVZDnKxSJI9Y85PoqQ/DzyCfFpVL 0AG8tmCKQvii1blG0A//FeDuR3urIXPlcNhNH7lBYfhZRxHeoZVREuXAAU6dbItV 1SV2suN58Hs99OGmenjoBQvqGZ8CAwEAAaOCAdYwggHSMB0GA1UdDgQWBBQAIMj5 3hKUfEqjNiYANdG5It3rJDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MTQ2MS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQw EgQCAAEwDAMEAMpQ0QMEAcpQ3DANBgkqhkiG9w0BAQsFAAOCAQEAgipPTrwRtHP0 zSZH/XlwLaB4tPIneuXi2AS+Ileq0Fn4X+LOS4EquILSSAQcVgVspPXb5wZWhVIH nfYARj/HExeuz4fpZ3fU5qHYarn0P+MQBiCDzocE/uiattaCae2AVnAXlf0cIY3Q x95sHZV+MKBXUn7Z2vAOOjsAD7+0V9wAnibwMMwhkTbb0zOdZRngEO2hLvifDh/R BSr7CvKEzX+KNYHqyBTcUC3HOK293W+udEkzpol1sJwH4erkHjRXYQjVYcTvyaSx vj5t5DDRIS9d2Qy1W2SddOBAV6x5n0OjmeSnpgbEyU4AXDTTdi441U9uyA2uQPiN rnggAuBe6g== -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:47 2024 by rpki-client on console-ams.rpki-client.org