$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141626.roa File: AS141626.roa (raw, json) Hash identifier: +42lsbtns8DZK7jQNJWxp1xD8F+cBuYT0xLoHyrJoFM= Subject key identifier: CE:9F:4F:2F:F0:75:CF:82:E3:70:DF:16:97:8B:CE:41:31:FC:78:D2 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 0806B087D61B6317A8FD9F9B8929F135B40BA816 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141626.roa Signing time: Tue 09 Jan 2024 04:00:29 +0000 ROA not before: Tue 09 Jan 2024 03:55:29 +0000 ROA not after: Tue 07 Jan 2025 04:00:29 +0000 asID: 141626 IP address blocks: 103.161.128.0/24 maxlen: 24 103.169.226.0/24 maxlen: 24 2407:9440::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:06:b0:87:d6:1b:63:17:a8:fd:9f:9b:89:29:f1:35:b4:0b:a8:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:29 2024 GMT Not After : Jan 7 04:00:29 2025 GMT Subject: CN=CE9F4F2FF075CF82E370DF16978BCE4131FC78D2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:b1:2f:f9:e2:f1:2b:b3:96:a5:b0:e1:12:b6: 91:bd:54:f0:4e:0d:b4:27:e4:00:8c:c5:c2:6d:8f: c8:bf:3e:a9:ec:1f:65:2f:ec:b2:67:9c:f4:50:19: 36:07:ea:7d:7c:d1:94:24:49:31:d9:e8:b5:2e:00: 3c:02:7d:02:4b:52:48:a2:0c:af:cf:64:75:b5:23: 47:d3:9a:cb:a1:98:ad:38:b2:58:d3:97:5c:69:98: 07:61:63:52:64:8b:ff:1b:4e:21:c8:6e:a4:b2:c8: ae:2f:27:22:8c:27:28:90:d6:c9:47:7e:af:f0:04: 3a:47:e3:27:c3:b8:84:a7:43:fb:fc:cc:f9:07:38: 27:02:20:af:12:39:64:5c:62:14:79:ec:5e:f8:54: c6:ff:93:42:ff:ea:fc:0f:a0:26:01:f5:73:61:c5: ae:9e:80:66:77:f6:d3:ad:55:7e:00:4b:22:19:aa: 8f:52:48:6e:41:31:ff:0c:14:c3:ff:5e:36:65:21: b7:05:c6:66:63:3d:1c:17:e1:f6:a4:66:4d:87:97: 58:e6:6a:40:10:72:2b:d1:25:24:4c:39:7d:fa:28: 7c:17:b0:c3:f3:7d:93:28:c1:ab:b1:7c:ad:7b:f7: cf:56:c5:7a:a5:d0:a8:1a:03:4d:9d:6e:bd:6d:55: 7b:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:9F:4F:2F:F0:75:CF:82:E3:70:DF:16:97:8B:CE:41:31:FC:78:D2 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141626.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.161.128.0/24 103.169.226.0/24 IPv6: 2407:9440::/32 Signature Algorithm: sha256WithRSAEncryption 79:30:52:bf:2d:4a:27:1a:f9:91:79:f3:c5:88:bd:c0:f6:7a: a0:d1:50:38:6a:46:cd:ed:bd:7e:91:a1:c8:e7:06:ec:b2:42: 32:57:a8:b2:8e:01:88:5e:ee:d0:29:3e:7f:68:c2:85:b2:f2: 20:69:4f:31:f1:32:eb:a5:69:ac:c2:83:84:f1:6c:93:8a:bb: 08:2d:75:e5:fe:a1:99:6a:a0:3e:82:86:aa:e7:d7:8a:8e:cf: 8e:57:58:58:40:7a:37:2e:e5:fe:9d:11:2a:a3:43:10:dc:d9: 60:c9:87:4e:73:2b:a1:b9:94:99:43:98:ed:eb:28:d7:2f:1a: 3f:04:fd:23:d6:06:1a:a1:53:27:b1:96:91:3a:75:0e:5f:3f: b3:cc:f5:4d:a4:7e:ba:68:bb:d8:f9:b3:49:21:78:84:90:10: f0:12:99:7b:b7:18:6e:1a:ae:07:75:ea:94:23:00:72:1e:ec: 86:60:11:d3:2f:ae:a3:1c:69:cb:a4:1e:6a:f6:e1:7d:58:eb: 96:2c:1f:92:1a:61:dc:41:4a:6c:96:1b:d2:51:b6:87:d9:f6: df:cd:e7:f0:27:37:7c:5e:61:6a:32:95:db:a9:98:ad:82:49: f1:70:ea:db:ad:d7:93:45:c1:1b:bd:c2:93:49:c4:fa:7f:77: 9f:f5:cb:43 -----BEGIN CERTIFICATE----- MIIE8jCCA9qgAwIBAgIUCAawh9YbYxeo/Z+biSnxNbQLqBYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUyOVoX DTI1MDEwNzA0MDAyOVowMzExMC8GA1UEAxMoQ0U5RjRGMkZGMDc1Q0Y4MkUzNzBE RjE2OTc4QkNFNDEzMUZDNzhEMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMuxL/ni8SuzlqWw4RK2kb1U8E4NtCfkAIzFwm2PyL8+qewfZS/ssmec9FAZ NgfqfXzRlCRJMdnotS4APAJ9AktSSKIMr89kdbUjR9Oay6GYrTiyWNOXXGmYB2Fj UmSL/xtOIchupLLIri8nIownKJDWyUd+r/AEOkfjJ8O4hKdD+/zM+Qc4JwIgrxI5 ZFxiFHnsXvhUxv+TQv/q/A+gJgH1c2HFrp6AZnf2061VfgBLIhmqj1JIbkEx/wwU w/9eNmUhtwXGZmM9HBfh9qRmTYeXWOZqQBByK9ElJEw5ffoofBeww/N9kyjBq7F8 rXv3z1bFeqXQqBoDTZ1uvW1Vex0CAwEAAaOCAeUwggHhMB0GA1UdDgQWBBTOn08v 8HXPguNw3xaXi85BMfx40jAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MTYyNi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMw EgQCAAEwDAMEAGehgAMEAGep4jANBAIAAjAHAwUAJAeUQDANBgkqhkiG9w0BAQsF AAOCAQEAeTBSvy1KJxr5kXnzxYi9wPZ6oNFQOGpGze29fpGhyOcG7LJCMleoso4B iF7u0Ck+f2jChbLyIGlPMfEy66VprMKDhPFsk4q7CC115f6hmWqgPoKGqufXio7P jldYWEB6Ny7l/p0RKqNDENzZYMmHTnMrobmUmUOY7eso1y8aPwT9I9YGGqFTJ7GW kTp1Dl8/s8z1TaR+umi72PmzSSF4hJAQ8BKZe7cYbhquB3XqlCMAch7shmAR0y+u oxxpy6QeavbhfVjrliwfkhph3EFKbJYb0lG2h9n2383n8Cc3fF5hajKV26mYrYJJ 8XDq263Xk0XBG73Ck0nE+n93n/XLQw== -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:47 2024 by rpki-client on console-ams.rpki-client.org