$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141963.roa File: AS141963.roa (raw, json) Hash identifier: oElQapToV+0GZb3YLA31/cmwcn0ojFaefh5RfQ/0sT8= Subject key identifier: 80:78:7A:F9:27:F6:16:65:B9:73:20:6E:AC:53:F4:E7:A3:41:6E:53 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5A935C7B56FF5E63261FF96413890774303221C7 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141963.roa Signing time: Tue 09 Jan 2024 04:00:24 +0000 ROA not before: Tue 09 Jan 2024 03:55:24 +0000 ROA not after: Tue 07 Jan 2025 04:00:24 +0000 asID: 141963 IP address blocks: 103.166.234.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:93:5c:7b:56:ff:5e:63:26:1f:f9:64:13:89:07:74:30:32:21:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:24 2024 GMT Not After : Jan 7 04:00:24 2025 GMT Subject: CN=80787AF927F61665B973206EAC53F4E7A3416E53 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:5e:29:89:29:65:3e:3e:06:ae:65:77:95:82: fc:64:1c:78:ec:ad:a5:77:86:2c:f1:0d:c4:89:c0: 32:db:1a:87:1d:7a:a5:9e:69:6f:9d:07:3c:5e:51: f7:eb:63:22:74:af:a7:3b:60:7c:64:34:9a:8e:6c: 27:f5:27:09:f8:e3:38:e4:86:82:5a:40:88:4f:fa: 4d:fa:85:57:cb:c5:91:02:55:7d:3d:6f:b5:55:c0: 66:1f:ae:8f:33:2b:f8:a9:cb:ae:43:5e:f0:7d:a2: 3a:a2:d5:9a:44:c4:5b:7f:44:55:87:12:fc:2b:7b: 73:f3:66:c3:c0:f7:b4:0d:ce:5e:39:1a:60:8b:d5: fb:78:af:3b:e4:90:71:73:85:6e:91:f1:f6:c5:f8: b0:e6:55:28:c3:79:fc:21:7f:ac:54:a9:b7:41:39: 5a:dc:9b:34:1b:e7:d8:52:ce:b7:27:8a:83:3c:87: 66:9a:34:c5:a2:ee:1c:89:e9:9a:5c:bd:c1:e1:57: cb:8b:20:12:91:38:a5:c0:23:e5:d2:a4:24:64:f0: 6d:57:8f:4c:7e:e2:43:de:cf:90:03:79:ac:a2:a9: 00:00:94:b2:89:e2:b6:0e:b5:d6:35:d0:db:49:c8: 93:7e:3d:fc:40:0d:e3:72:7f:2b:b7:f8:6e:f6:6f: 7a:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:78:7A:F9:27:F6:16:65:B9:73:20:6E:AC:53:F4:E7:A3:41:6E:53 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141963.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.166.234.0/24 Signature Algorithm: sha256WithRSAEncryption 85:68:09:40:63:67:6a:1d:c6:ac:1e:b3:f8:38:4f:bc:77:8f: e8:c0:20:a6:2a:86:aa:b8:1c:46:de:8c:e1:12:c9:91:d2:76: 6b:c9:d7:c0:e4:43:dc:6f:9b:54:00:16:54:24:68:c5:37:c8: 67:50:28:43:2f:00:38:4a:30:13:e6:f0:c8:ec:2a:1b:a4:90: 7c:7b:43:92:7b:ac:09:26:07:25:e5:5a:ab:00:aa:f7:b1:a6: 48:d4:93:da:82:07:b8:b7:7e:36:bb:52:7c:02:81:86:2f:1d: fa:d0:a5:c5:b6:a8:70:d7:b6:da:db:f3:93:a3:33:8c:aa:27: 2b:63:75:a3:8a:37:15:59:7c:db:5b:ca:a9:27:78:2f:98:07: ed:13:57:98:20:c9:5c:31:d3:96:c0:8f:95:de:f9:f4:82:d3: b7:f4:a9:68:79:3b:2a:f5:86:67:dc:f8:5c:de:eb:5f:ca:1c: 81:07:90:9a:4f:e2:84:2a:2d:1b:f8:fe:de:8a:89:d0:1d:ae: ac:82:8b:44:47:a1:44:97:22:62:a7:09:46:50:46:e5:fc:ec: 8e:0e:12:8b:36:da:07:6e:0a:e5:0b:e1:a4:77:03:f2:46:6c: f0:f0:2d:6e:1c:fc:a8:df:06:57:d5:69:9e:52:f9:90:fb:0a: c9:02:92:c2 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUWpNce1b/XmMmH/lkE4kHdDAyIccwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUyNFoX DTI1MDEwNzA0MDAyNFowMzExMC8GA1UEAxMoODA3ODdBRjkyN0Y2MTY2NUI5NzMy MDZFQUM1M0Y0RTdBMzQxNkU1MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOheKYkpZT4+Bq5ld5WC/GQceOytpXeGLPENxInAMtsahx16pZ5pb50HPF5R 9+tjInSvpztgfGQ0mo5sJ/UnCfjjOOSGglpAiE/6TfqFV8vFkQJVfT1vtVXAZh+u jzMr+KnLrkNe8H2iOqLVmkTEW39EVYcS/Ct7c/Nmw8D3tA3OXjkaYIvV+3ivO+SQ cXOFbpHx9sX4sOZVKMN5/CF/rFSpt0E5WtybNBvn2FLOtyeKgzyHZpo0xaLuHInp mly9weFXy4sgEpE4pcAj5dKkJGTwbVePTH7iQ97PkAN5rKKpAACUsonitg611jXQ 20nIk349/EAN43J/K7f4bvZverMCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSAeHr5 J/YWZblzIG6sU/Tno0FuUzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MTk2My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAGem6jANBgkqhkiG9w0BAQsFAAOCAQEAhWgJQGNnah3GrB6z+DhP vHeP6MAgpiqGqrgcRt6M4RLJkdJ2a8nXwORD3G+bVAAWVCRoxTfIZ1AoQy8AOEow E+bwyOwqG6SQfHtDknusCSYHJeVaqwCq97GmSNST2oIHuLd+NrtSfAKBhi8d+tCl xbaocNe22tvzk6MzjKonK2N1o4o3FVl821vKqSd4L5gH7RNXmCDJXDHTlsCPld75 9ILTt/SpaHk7KvWGZ9z4XN7rX8ocgQeQmk/ihCotG/j+3oqJ0B2urIKLREehRJci YqcJRlBG5fzsjg4SizbaB24K5QvhpHcD8kZs8PAtbhz8qN8GV9VpnlL5kPsKyQKS wg== -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:48 2024 by rpki-client on console-ams.rpki-client.org