$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141674.roa File: AS141674.roa (raw, json) Hash identifier: 0yt8mouO0VaYBqmtw+X5v/E8fjshlA9ytXq41FRpSAA= Subject key identifier: 13:13:6F:57:1B:24:CE:C5:10:D9:3A:1B:A6:B0:96:E0:61:8E:B0:70 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 371C006C9FF751D590BDBB1B3785BF3E14CB3FCB Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141674.roa Signing time: Tue 03 Jun 2025 03:00:00 +0000 ROA not before: Tue 03 Jun 2025 02:55:00 +0000 ROA not after: Tue 02 Jun 2026 03:00:00 +0000 asID: 141674 IP address blocks: 2001:df2:38c0::/48 maxlen: 48 2001:df2:78c0::/48 maxlen: 48 2001:df2:8440::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 21:09:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:1c:00:6c:9f:f7:51:d5:90:bd:bb:1b:37:85:bf:3e:14:cb:3f:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 3 02:55:00 2025 GMT Not After : Jun 2 03:00:00 2026 GMT Subject: CN=13136F571B24CEC510D93A1BA6B096E0618EB070 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:44:1a:c1:c9:85:5d:81:a2:c8:f0:cd:96:4b: a2:37:68:9f:d4:72:5a:5e:ab:d1:df:a1:d9:e9:0e: cc:b3:e2:7e:de:50:95:6f:46:6c:61:79:48:5c:9e: b5:90:c2:b3:90:7f:0d:b7:c0:37:1f:20:8b:02:43: 38:ce:e7:5f:08:c5:ad:90:08:3b:f1:99:56:87:cb: c2:5c:ef:e6:fa:9c:f4:5e:4d:3e:df:68:c8:36:b9: cf:84:1d:df:4d:e2:2c:01:d6:4b:ee:4c:c0:93:e0: 41:20:32:b8:ba:ba:33:d0:91:01:93:bf:88:27:bf: 8f:03:39:a6:e5:6a:91:5b:0d:0c:97:02:19:63:26: f5:55:e0:7d:1e:42:2d:06:02:b7:c8:65:f1:ef:6c: 8c:69:b4:93:f0:a4:dd:4c:5d:76:74:8b:0f:a6:42: 4e:67:c8:62:8e:15:26:fb:14:87:87:bd:38:e4:fc: 29:94:96:ab:96:c2:9d:c1:19:a0:94:14:f9:9d:82: 09:2a:0c:1a:9a:87:35:0b:4a:8e:c6:74:d8:4c:9d: d4:55:c7:8d:4f:9a:14:23:df:bd:cf:5b:5a:03:93: cd:47:2c:70:50:4a:d6:8d:2a:0e:bd:33:e6:85:16: da:07:21:2f:f2:1a:fa:27:53:2d:ab:f6:30:b2:b5: a5:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:13:6F:57:1B:24:CE:C5:10:D9:3A:1B:A6:B0:96:E0:61:8E:B0:70 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141674.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:38c0::/48 2001:df2:78c0::/48 2001:df2:8440::/48 Signature Algorithm: sha256WithRSAEncryption 8a:58:1f:b4:20:9f:22:1e:81:8f:0b:58:8c:59:66:e9:9a:f5: ed:3e:ff:55:63:1d:4c:70:bc:f6:00:2c:ba:5f:f1:38:b3:c9: dc:9f:45:9b:23:99:58:54:dc:10:f0:c1:77:33:15:26:90:52: 23:2b:95:93:35:01:df:2c:37:0f:b1:7d:e0:44:37:d8:3f:58: b0:6a:f3:24:7a:f5:b7:34:1c:d6:16:8a:20:a5:3d:d4:5d:49: a4:c7:09:78:43:ae:d2:56:81:9e:45:f3:a7:9a:eb:7b:1d:f5: a0:71:23:d0:8a:71:83:39:f2:09:3e:a6:8c:bf:b1:e4:b5:17: 53:6f:8c:68:d1:26:eb:5c:89:ef:ce:09:c7:d0:53:46:6c:e0: 4e:ed:95:37:01:c2:43:ec:d1:6c:1f:96:4c:2c:64:9a:3f:d5: b8:b8:92:a3:70:25:1d:90:0c:e5:4a:e9:8b:b6:0c:e9:05:34: 8a:c0:75:a1:e0:9e:ba:5b:25:65:85:94:27:34:24:7a:39:e0: 51:e0:ea:9c:d0:bc:01:51:37:cd:3e:39:b7:6c:c4:97:04:c0: b7:b3:d0:5f:8c:21:5f:66:ee:a1:98:f6:a1:6b:c5:9e:db:14: 21:95:27:8c:10:61:e3:8e:b4:57:9f:61:6a:d0:2f:d5:bc:1c: 8b:b1:f2:f0 -----BEGIN CERTIFICATE----- MIIE8jCCA9qgAwIBAgIUNxwAbJ/3UdWQvbsbN4W/PhTLP8swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYwMzAyNTUwMFoX DTI2MDYwMjAzMDAwMFowMzExMC8GA1UEAxMoMTMxMzZGNTcxQjI0Q0VDNTEwRDkz QTFCQTZCMDk2RTA2MThFQjA3MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANVEGsHJhV2BosjwzZZLojdon9RyWl6r0d+h2ekOzLPift5QlW9GbGF5SFye tZDCs5B/DbfANx8giwJDOM7nXwjFrZAIO/GZVofLwlzv5vqc9F5NPt9oyDa5z4Qd 303iLAHWS+5MwJPgQSAyuLq6M9CRAZO/iCe/jwM5puVqkVsNDJcCGWMm9VXgfR5C LQYCt8hl8e9sjGm0k/Ck3UxddnSLD6ZCTmfIYo4VJvsUh4e9OOT8KZSWq5bCncEZ oJQU+Z2CCSoMGpqHNQtKjsZ02Eyd1FXHjU+aFCPfvc9bWgOTzUcscFBK1o0qDr0z 5oUW2gchL/Ia+idTLav2MLK1peECAwEAAaOCAeUwggHhMB0GA1UdDgQWBBQTE29X GyTOxRDZOhumsJbgYY6wcDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MTY3NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMw IQQCAAIwGwMHACABDfI4wAMHACABDfJ4wAMHACABDfKEQDANBgkqhkiG9w0BAQsF AAOCAQEAilgftCCfIh6BjwtYjFlm6Zr17T7/VWMdTHC89gAsul/xOLPJ3J9FmyOZ WFTcEPDBdzMVJpBSIyuVkzUB3yw3D7F94EQ32D9YsGrzJHr1tzQc1haKIKU91F1J pMcJeEOu0laBnkXzp5rrex31oHEj0IpxgznyCT6mjL+x5LUXU2+MaNEm61yJ784J x9BTRmzgTu2VNwHCQ+zRbB+WTCxkmj/VuLiSo3AlHZAM5Urpi7YM6QU0isB1oeCe ulslZYWUJzQkejngUeDqnNC8AVE3zT45t2zElwTAt7PQX4whX2buoZj2oWvFntsU IZUnjBBh4460V59hatAv1bwci7Hy8A== -----END CERTIFICATE-----Generated at Tue Jun 3 23:14:56 2025 by rpki-client