$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141904.roa File: AS141904.roa (raw, json) Hash identifier: p1F0KDgIGYQwKtUMPB2ob+CNPEq+4IluSQJiRldeBKA= Subject key identifier: 29:9C:B8:CA:2A:D2:9C:42:AD:BD:11:25:EA:0A:40:55:25:15:25:26 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 329ABA3A5F3C70794243F43C20CC63E289D48B42 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141904.roa Signing time: Tue 09 Jan 2024 04:00:18 +0000 ROA not before: Tue 09 Jan 2024 03:55:18 +0000 ROA not after: Tue 07 Jan 2025 04:00:18 +0000 asID: 141904 IP address blocks: 103.164.68.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 09 May 2024 10:44:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:9a:ba:3a:5f:3c:70:79:42:43:f4:3c:20:cc:63:e2:89:d4:8b:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:18 2024 GMT Not After : Jan 7 04:00:18 2025 GMT Subject: CN=299CB8CA2AD29C42ADBD1125EA0A405525152526 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:88:ad:29:17:97:9f:b8:b8:e6:d1:b8:85:96: 7a:1d:5e:3a:e3:bc:4a:c9:d9:ec:50:83:90:f3:87: e9:80:6d:64:e4:e6:fd:22:8e:c6:fd:2c:a1:4b:b8: 38:e1:d9:53:20:68:a0:45:f9:9b:65:fe:4c:f8:3a: be:11:a4:66:ce:0c:00:2f:02:e9:75:ca:21:a7:5c: 24:43:18:b0:34:27:14:8d:9a:a0:8e:1e:51:02:96: fa:5f:b5:13:1f:11:d3:2c:e0:af:b2:ae:f5:96:3d: 0f:98:d9:fc:fe:ed:fb:47:ff:6c:54:07:57:cf:c6: 3d:11:62:47:ed:9f:38:b3:d4:75:59:5a:1f:81:7d: e0:22:5a:a8:eb:c7:2a:1a:47:26:d2:32:01:1d:8b: 7d:96:3a:5d:c0:f7:1a:d3:08:85:50:c4:7c:fd:8b: 51:f3:5f:62:30:86:65:d1:50:e7:14:ac:ec:70:20: 04:8e:52:7f:e7:4b:9f:e2:90:65:08:9c:6e:8d:a7: 7d:61:4e:d6:b1:b3:5a:13:f3:a0:d8:c4:b2:97:09: dd:28:ae:45:0e:91:bf:a9:d8:33:2c:35:f2:58:f0: 1c:40:26:53:e9:c3:dc:d3:0a:ab:8e:d3:63:a3:d7: 2d:7c:dd:35:69:3e:4a:fc:d1:ec:9c:9f:15:c5:a7: 3c:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:9C:B8:CA:2A:D2:9C:42:AD:BD:11:25:EA:0A:40:55:25:15:25:26 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141904.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.164.68.0/23 Signature Algorithm: sha256WithRSAEncryption 88:51:45:6d:90:48:b6:8e:d8:50:c0:34:f4:4f:5a:a1:f9:62: 07:78:a1:bc:7c:87:89:c1:75:e2:d0:0d:b5:1b:b3:50:de:0c: a2:25:44:36:8b:14:29:56:3b:b2:8f:6c:ef:0b:65:70:f9:e5: 5f:d5:04:bb:b4:9d:ee:6c:be:68:a2:16:67:05:9d:9d:b6:fa: 4c:53:62:a5:d7:9b:22:af:8c:58:76:78:36:50:b7:f3:db:4f: 5c:18:27:b7:28:2b:6b:3b:98:9e:5f:7f:36:c1:d3:2e:5e:d8: 9e:72:f2:e3:7e:b0:2d:aa:01:f9:37:09:e1:a7:7f:df:35:91: 76:36:0e:57:e0:05:07:9d:4e:af:18:e7:05:a4:de:ca:c9:52: 45:0f:bf:60:0d:50:de:60:2b:8a:b5:12:e9:0a:7d:61:ff:eb: 28:23:17:83:51:83:15:6e:17:43:44:7c:9f:ac:25:e3:f8:bc: c6:ec:29:a5:a0:62:ee:0f:79:05:92:32:f5:c9:f2:8c:f8:51: 37:b1:ea:61:39:97:31:bb:03:5e:4e:db:92:35:35:ad:fa:bf: e0:eb:4c:fe:4d:f9:b4:62:de:84:69:c7:5a:73:13:48:a6:0d: cb:c6:6d:78:d4:4b:4a:f6:49:16:93:a2:87:c6:33:a1:19:f9: 56:27:4c:1b -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUMpq6Ol88cHlCQ/Q8IMxj4onUi0IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUxOFoX DTI1MDEwNzA0MDAxOFowMzExMC8GA1UEAxMoMjk5Q0I4Q0EyQUQyOUM0MkFEQkQx MTI1RUEwQTQwNTUyNTE1MjUyNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKuIrSkXl5+4uObRuIWWeh1eOuO8SsnZ7FCDkPOH6YBtZOTm/SKOxv0soUu4 OOHZUyBooEX5m2X+TPg6vhGkZs4MAC8C6XXKIadcJEMYsDQnFI2aoI4eUQKW+l+1 Ex8R0yzgr7Ku9ZY9D5jZ/P7t+0f/bFQHV8/GPRFiR+2fOLPUdVlaH4F94CJaqOvH KhpHJtIyAR2LfZY6XcD3GtMIhVDEfP2LUfNfYjCGZdFQ5xSs7HAgBI5Sf+dLn+KQ ZQicbo2nfWFO1rGzWhPzoNjEspcJ3SiuRQ6Rv6nYMyw18ljwHEAmU+nD3NMKq47T Y6PXLXzdNWk+SvzR7JyfFcWnPAcCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQpnLjK KtKcQq29ESXqCkBVJRUlJjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MTkwNC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWekRDANBgkqhkiG9w0BAQsFAAOCAQEAiFFFbZBIto7YUMA09E9a ofliB3ihvHyHicF14tANtRuzUN4MoiVENosUKVY7so9s7wtlcPnlX9UEu7Sd7my+ aKIWZwWdnbb6TFNipdebIq+MWHZ4NlC389tPXBgntygrazuYnl9/NsHTLl7YnnLy 436wLaoB+TcJ4ad/3zWRdjYOV+AFB51OrxjnBaTeyslSRQ+/YA1Q3mArirUS6Qp9 Yf/rKCMXg1GDFW4XQ0R8n6wl4/i8xuwppaBi7g95BZIy9cnyjPhRN7HqYTmXMbsD Xk7bkjU1rfq/4OtM/k35tGLehGnHWnMTSKYNy8ZteNRLSvZJFpOih8YzoRn5VidM Gw== -----END CERTIFICATE-----Generated at Mon May 6 01:46:07 2024 by rpki-client on console-ams.rpki-client.org