$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141673.roa File: AS141673.roa (raw, json) Hash identifier: FH0cbjVswBt2duaZ1TNhkyUQO8RY0upb/45SLpEAFyU= Subject key identifier: FD:25:54:E0:AB:E7:BF:7F:8D:5A:A2:A9:DE:C4:37:FC:39:CF:71:5B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 0463CA640653295D28631309B62407708762CBD9 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141673.roa Signing time: Tue 04 Feb 2025 14:50:40 +0000 ROA not before: Tue 04 Feb 2025 14:45:40 +0000 ROA not after: Tue 03 Feb 2026 14:50:40 +0000 asID: 141673 IP address blocks: 103.210.52.0/23 maxlen: 24 202.58.64.0/21 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:63:ca:64:06:53:29:5d:28:63:13:09:b6:24:07:70:87:62:cb:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Feb 4 14:45:40 2025 GMT Not After : Feb 3 14:50:40 2026 GMT Subject: CN=FD2554E0ABE7BF7F8D5AA2A9DEC437FC39CF715B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:cf:cf:7f:a4:a9:e4:27:a6:4a:78:17:92:fe: e1:fa:bf:7d:f3:a9:a1:99:0a:63:c3:4b:ee:07:c0: 34:98:3d:d2:71:28:1e:93:11:99:23:f8:a5:20:dd: 59:90:04:15:f5:1e:2d:d1:17:3e:a0:b9:72:be:69: 53:a3:74:c4:fd:99:3e:69:e7:9e:e2:f2:79:56:11: 2f:c2:94:7f:19:54:27:5c:27:0d:80:6d:b4:30:c2: 41:ac:63:66:69:67:fc:70:ad:0a:49:1b:fe:07:ac: 61:8e:1a:f7:79:2c:ba:a5:d6:3c:f1:c1:73:b9:b1: 62:cf:c3:63:5b:3c:2f:93:9f:a5:01:c9:dd:40:e9: f9:ed:b6:1f:c5:d1:b9:a5:f2:45:79:ff:27:7c:eb: 83:60:be:9a:94:9a:20:61:f8:14:40:82:f0:f4:02: 65:82:2d:71:a1:40:bd:d0:c0:89:f3:06:34:f6:65: cf:a8:d0:ef:79:20:da:c3:0d:9f:dd:98:b6:1c:36: b5:47:d7:db:b7:3c:b4:2d:7a:46:f4:dd:79:b9:90: 2a:4c:7b:c8:4d:ec:c7:94:13:d9:3c:6f:7e:ce:22: d0:ee:53:db:4a:0a:a0:84:2a:70:8e:5d:0a:ea:e5: 01:41:bd:b1:01:0e:e3:b9:36:51:ba:f9:05:0b:17: fe:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:25:54:E0:AB:E7:BF:7F:8D:5A:A2:A9:DE:C4:37:FC:39:CF:71:5B X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141673.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.210.52.0/23 202.58.64.0/21 Signature Algorithm: sha256WithRSAEncryption 8a:09:a4:2e:10:96:84:7d:ac:db:fe:56:a7:ac:f5:f8:b1:e9: 80:4e:1b:31:02:b0:f2:89:45:76:2d:78:18:de:51:3e:1b:b1: ac:a6:ff:38:17:f9:4d:bc:7d:e2:97:25:7a:5b:13:34:37:f7: b5:0c:65:aa:1c:c7:30:9b:d9:7e:bb:b9:9e:97:11:92:52:b8: 0f:51:20:a4:0f:ad:d7:d7:4d:6f:84:8c:ba:1c:45:0b:6b:e6: b3:5d:10:c7:4e:1f:b3:f7:46:fc:ac:e2:63:57:45:77:e7:b6: 36:3f:a5:64:e4:00:0c:1e:66:9d:2c:cd:e6:ef:b0:c7:5a:e7: 99:f1:48:3f:76:c1:58:bc:a5:62:60:5b:35:46:b3:1a:c0:32: 18:13:39:09:26:43:49:51:86:72:1f:6c:92:6f:70:ed:0b:f8: 79:92:0f:e3:6b:e0:9c:a6:97:5f:9f:5f:85:50:c7:0c:4d:e6: bc:1b:53:fe:9e:f5:6d:1c:87:cc:68:d8:7b:19:65:fb:b2:26: 2f:36:e4:e4:8d:25:81:1b:7a:74:9a:09:88:3d:0c:fe:a3:88: ea:99:a6:82:6c:89:ab:5d:c9:57:16:b3:77:a6:a7:05:20:2b: 27:54:4b:7b:3d:92:0a:d0:d8:e2:8f:f6:f3:51:05:eb:31:f7: 85:9b:5c:06 -----BEGIN CERTIFICATE----- MIIE4zCCA8ugAwIBAgIUBGPKZAZTKV0oYxMJtiQHcIdiy9kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDIwNDE0NDU0MFoX DTI2MDIwMzE0NTA0MFowMzExMC8GA1UEAxMoRkQyNTU0RTBBQkU3QkY3RjhENUFB MkE5REVDNDM3RkMzOUNGNzE1QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMrPz3+kqeQnpkp4F5L+4fq/ffOpoZkKY8NL7gfANJg90nEoHpMRmSP4pSDd WZAEFfUeLdEXPqC5cr5pU6N0xP2ZPmnnnuLyeVYRL8KUfxlUJ1wnDYBttDDCQaxj Zmln/HCtCkkb/gesYY4a93ksuqXWPPHBc7mxYs/DY1s8L5OfpQHJ3UDp+e22H8XR uaXyRXn/J3zrg2C+mpSaIGH4FECC8PQCZYItcaFAvdDAifMGNPZlz6jQ73kg2sMN n92Ythw2tUfX27c8tC16RvTdebmQKkx7yE3sx5QT2Txvfs4i0O5T20oKoIQqcI5d CurlAUG9sQEO47k2Ubr5BQsX/sECAwEAAaOCAdYwggHSMB0GA1UdDgQWBBT9JVTg q+e/f41aoqnexDf8Oc9xWzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MTY3My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQw EgQCAAEwDAMEAWfSNAMEA8o6QDANBgkqhkiG9w0BAQsFAAOCAQEAigmkLhCWhH2s 2/5Wp6z1+LHpgE4bMQKw8olFdi14GN5RPhuxrKb/OBf5Tbx94pclelsTNDf3tQxl qhzHMJvZfru5npcRklK4D1EgpA+t19dNb4SMuhxFC2vms10Qx04fs/dG/KziY1dF d+e2Nj+lZOQADB5mnSzN5u+wx1rnmfFIP3bBWLylYmBbNUazGsAyGBM5CSZDSVGG ch9skm9w7Qv4eZIP42vgnKaXX59fhVDHDE3mvBtT/p71bRyHzGjYexll+7ImLzbk 5I0lgRt6dJoJiD0M/qOI6pmmgmyJq13JVxazd6anBSArJ1RLez2SCtDY4o/281EF 6zH3hZtcBg== -----END CERTIFICATE-----Generated at Sat Apr 5 06:29:17 2025 by rpki-client