$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS142383.roa File: AS142383.roa (raw, json) Hash identifier: g5qorFUgAMVpPex+NxbYeYGsSTdUFiD1JJ2fc95CX1g= Subject key identifier: 11:C5:7F:6C:7E:48:4C:11:6E:A8:7E:FF:A3:0C:EB:01:64:CB:E4:A2 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 6A18240D8F41A556DC1B3264A5921651EA99B4AA Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS142383.roa Signing time: Fri 19 Jan 2024 07:16:16 +0000 ROA not before: Fri 19 Jan 2024 07:11:16 +0000 ROA not after: Fri 17 Jan 2025 07:16:16 +0000 asID: 142383 IP address blocks: 103.172.20.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 18:02:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:18:24:0d:8f:41:a5:56:dc:1b:32:64:a5:92:16:51:ea:99:b4:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 19 07:11:16 2024 GMT Not After : Jan 17 07:16:16 2025 GMT Subject: CN=11C57F6C7E484C116EA87EFFA30CEB0164CBE4A2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:18:c3:9a:79:f0:c5:46:3c:be:ef:cf:70:c5: 37:16:82:36:dd:58:90:60:c8:a3:9c:b5:2f:ec:1e: ef:0d:ac:06:55:93:71:48:8b:0d:12:e1:e4:99:a6: d8:93:c5:fe:a5:43:9e:59:aa:14:d2:05:a0:ad:fe: f1:f1:1c:d6:04:0a:76:8e:7f:19:81:32:2a:40:1b: a0:3d:c0:4e:5a:1d:ee:f1:34:eb:33:62:8f:3d:1a: ea:55:5e:05:fb:99:01:ff:81:34:9b:2c:a2:41:6b: 12:aa:7d:be:15:e8:6a:78:49:9f:1f:cd:0a:30:68: fe:37:2f:47:50:9d:d2:8a:a2:7d:5f:9d:d2:ab:b1: dc:ed:26:10:5f:59:26:2c:01:cd:2f:9e:b9:a4:82: 08:a0:c4:3b:e7:3b:33:d1:a0:22:33:4d:cb:4f:c7: 34:a3:3a:fa:dd:68:12:db:55:18:84:c5:d3:e1:e1: b7:68:0e:eb:2a:4a:e0:b0:e8:38:c0:cb:cc:91:3a: 5d:bd:5f:5c:02:2a:99:fb:87:e2:9c:bc:1b:95:a5: 72:be:89:fa:c7:e9:01:be:16:f8:a0:81:e4:e1:42: 90:02:eb:02:9b:58:49:cc:3c:a3:a7:2c:99:8c:8d: 9d:ca:3c:72:34:9a:13:b4:67:f2:60:86:8d:2f:33: db:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:C5:7F:6C:7E:48:4C:11:6E:A8:7E:FF:A3:0C:EB:01:64:CB:E4:A2 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS142383.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.172.20.0/23 Signature Algorithm: sha256WithRSAEncryption 30:99:0c:80:94:96:73:e7:37:5f:d7:f1:fc:ed:8f:2c:79:e7: 00:35:3e:b9:6d:97:6d:eb:17:70:35:4b:95:0b:38:5c:50:5c: 9e:f2:59:d9:a5:79:8d:4d:82:75:62:a2:52:50:c4:65:66:6b: df:36:dd:6b:1f:d3:ca:eb:c8:0e:7c:4f:92:92:7a:7a:59:34: a4:46:c3:61:37:d0:b2:5c:ea:44:82:00:8c:5a:33:4d:0d:d7: 52:86:b1:0f:d4:bb:01:5c:ee:4d:94:0e:fe:58:0f:dd:06:04: bf:36:2d:5c:ef:27:17:3c:ba:58:ba:d9:fc:0e:02:f7:d2:c9: 8a:f5:ce:ac:e8:97:64:2d:f4:44:31:07:23:3a:19:ca:cf:cd: 96:d9:db:2d:06:87:af:a6:6e:f4:98:6d:73:b3:9f:47:ed:a7: 48:a6:c3:6f:a3:93:01:19:9f:57:16:5b:6c:c5:a2:18:6e:69: a5:0f:c0:dd:63:3b:85:5d:66:b7:af:b8:3f:ae:58:77:e7:7a: 83:5f:7b:59:4a:9d:09:03:f1:36:aa:5f:94:9b:41:2f:21:40: 1f:93:2c:6c:ba:11:76:a4:3a:ad:21:a0:ca:10:31:0c:aa:54: bb:90:ec:96:96:be:cb:85:a7:b3:29:e7:af:86:8e:e2:ac:e7: 27:2d:bc:58 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUahgkDY9BpVbcGzJkpZIWUeqZtKowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDExOTA3MTExNloX DTI1MDExNzA3MTYxNlowMzExMC8GA1UEAxMoMTFDNTdGNkM3RTQ4NEMxMTZFQTg3 RUZGQTMwQ0VCMDE2NENCRTRBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANMYw5p58MVGPL7vz3DFNxaCNt1YkGDIo5y1L+we7w2sBlWTcUiLDRLh5Jmm 2JPF/qVDnlmqFNIFoK3+8fEc1gQKdo5/GYEyKkAboD3ATlod7vE06zNijz0a6lVe BfuZAf+BNJssokFrEqp9vhXoanhJnx/NCjBo/jcvR1Cd0oqifV+d0qux3O0mEF9Z JiwBzS+euaSCCKDEO+c7M9GgIjNNy0/HNKM6+t1oEttVGITF0+Hht2gO6ypK4LDo OMDLzJE6Xb1fXAIqmfuH4py8G5Wlcr6J+sfpAb4W+KCB5OFCkALrAptYScw8o6cs mYyNnco8cjSaE7Rn8mCGjS8z240CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQRxX9s fkhMEW6ofv+jDOsBZMvkojAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MjM4My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWesFDANBgkqhkiG9w0BAQsFAAOCAQEAMJkMgJSWc+c3X9fx/O2P LHnnADU+uW2XbesXcDVLlQs4XFBcnvJZ2aV5jU2CdWKiUlDEZWZr3zbdax/TyuvI DnxPkpJ6elk0pEbDYTfQslzqRIIAjFozTQ3XUoaxD9S7AVzuTZQO/lgP3QYEvzYt XO8nFzy6WLrZ/A4C99LJivXOrOiXZC30RDEHIzoZys/NltnbLQaHr6Zu9Jhtc7Of R+2nSKbDb6OTARmfVxZbbMWiGG5ppQ/A3WM7hV1mt6+4P65Yd+d6g197WUqdCQPx NqpflJtBLyFAH5MsbLoRdqQ6rSGgyhAxDKpUu5Dslpa+y4Wnsynnr4aO4qznJy28 WA== -----END CERTIFICATE-----Generated at Wed May 8 18:12:16 2024 by rpki-client on console-fra.rpki-client.org