$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS142389.roa File: AS142389.roa (raw, json) Hash identifier: tGxmr7WRPFVujvxTntjhX4BNTsh4PItazHpK40ETSyQ= Subject key identifier: D6:26:0B:29:23:36:D5:EC:F5:BA:33:04:D7:71:84:D9:94:20:E3:70 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5D59D08031485F94CE3D96A532201E4CF549771B Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS142389.roa Signing time: Tue 30 Jan 2024 16:01:58 +0000 ROA not before: Tue 30 Jan 2024 15:56:58 +0000 ROA not after: Tue 28 Jan 2025 16:01:58 +0000 asID: 142389 IP address blocks: 103.172.144.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 10 May 2024 16:39:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:59:d0:80:31:48:5f:94:ce:3d:96:a5:32:20:1e:4c:f5:49:77:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 30 15:56:58 2024 GMT Not After : Jan 28 16:01:58 2025 GMT Subject: CN=D6260B292336D5ECF5BA3304D77184D99420E370 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:c1:ce:86:e1:50:37:e3:22:80:62:3a:f4:14: 52:3f:80:6c:12:95:a4:3f:5a:35:fd:d5:e7:8b:3c: 8e:5f:db:cf:9a:04:ff:69:4d:4a:4b:2c:b5:8d:13: 8e:9f:42:9b:c9:29:23:72:69:ab:62:1f:ca:e2:fe: 33:68:ea:d4:a9:0e:77:52:89:6f:a0:13:25:c0:ed: 87:66:53:6c:ca:01:64:14:16:d7:36:61:f3:f6:4d: d4:3b:dc:01:40:f3:4f:6e:e4:2d:98:c8:a5:da:7b: 1b:55:e0:34:37:0e:9f:e7:59:48:69:84:63:50:c1: 5f:ce:c6:5e:5d:68:03:04:40:96:a4:55:3d:ac:bb: 3b:94:8c:0a:3b:c9:c4:c7:e1:62:c5:87:0e:b2:52: 0e:1f:38:03:22:4c:35:40:9a:5d:c6:d8:10:16:2b: 35:2e:62:a0:9f:9f:3c:89:31:63:90:cb:48:6b:e8: 0d:69:a9:85:89:77:b1:f1:a7:7d:f4:7b:22:17:dd: 9a:95:8f:bd:31:4c:64:c9:7a:33:cd:8f:5b:70:e1: df:d5:8e:db:e7:8c:84:2c:cf:d3:30:76:3c:c4:b7: 66:6e:82:65:f8:24:a8:84:65:09:81:fb:99:bf:5c: 0b:4d:26:08:d9:0c:dd:c0:49:6d:af:bf:c7:17:2a: 9d:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:26:0B:29:23:36:D5:EC:F5:BA:33:04:D7:71:84:D9:94:20:E3:70 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS142389.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.172.144.0/24 Signature Algorithm: sha256WithRSAEncryption 71:ce:29:f3:f1:e9:a0:c4:ba:dc:58:87:40:5b:97:9a:f1:7b: 6e:f1:47:fe:6b:cd:51:91:ab:40:c8:dc:4f:3b:21:a3:47:2d: e9:4f:bc:d9:b4:84:31:bc:26:d4:2e:aa:0f:7b:0a:17:3e:8d: de:e5:ac:e0:2e:f9:c6:04:e6:8d:f1:81:f9:a7:f6:7c:93:b8: 5d:11:2d:bd:b6:11:ed:e7:3d:f3:79:30:eb:ba:a5:b6:b6:85: a3:c4:d9:a1:29:de:63:bb:df:35:43:4d:8d:d1:41:a5:e7:b6: 91:c8:b5:3e:7a:ce:65:35:11:bb:47:61:a7:df:41:09:d3:cd: f7:3f:66:c5:9a:53:a9:43:a2:73:14:ce:d7:38:92:f0:03:50: bb:5d:e6:85:12:4a:49:c0:4f:66:51:8d:e1:d8:fb:16:a6:c4: b0:4d:81:bd:56:00:df:02:16:8f:e1:dc:6c:35:25:2d:f8:f3: 2d:39:e3:10:ed:82:8a:b9:6d:13:29:8e:be:f5:6b:f1:d4:96: b3:5e:4a:d3:23:ea:75:28:ed:ab:28:2e:c3:ff:5c:81:e8:02: 32:2f:3e:78:32:65:b4:83:74:4d:c7:39:96:27:b5:39:d9:2a: 1d:d9:b4:d4:8f:6a:06:7d:d3:1f:1c:35:ae:30:42:21:f8:70: fc:a5:51:d1 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUXVnQgDFIX5TOPZalMiAeTPVJdxswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEzMDE1NTY1OFoX DTI1MDEyODE2MDE1OFowMzExMC8GA1UEAxMoRDYyNjBCMjkyMzM2RDVFQ0Y1QkEz MzA0RDc3MTg0RDk5NDIwRTM3MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANHBzobhUDfjIoBiOvQUUj+AbBKVpD9aNf3V54s8jl/bz5oE/2lNSksstY0T jp9Cm8kpI3Jpq2IfyuL+M2jq1KkOd1KJb6ATJcDth2ZTbMoBZBQW1zZh8/ZN1Dvc AUDzT27kLZjIpdp7G1XgNDcOn+dZSGmEY1DBX87GXl1oAwRAlqRVPay7O5SMCjvJ xMfhYsWHDrJSDh84AyJMNUCaXcbYEBYrNS5ioJ+fPIkxY5DLSGvoDWmphYl3sfGn ffR7IhfdmpWPvTFMZMl6M82PW3Dh39WO2+eMhCzP0zB2PMS3Zm6CZfgkqIRlCYH7 mb9cC00mCNkM3cBJba+/xxcqneECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTWJgsp IzbV7PW6MwTXcYTZlCDjcDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MjM4OS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAGeskDANBgkqhkiG9w0BAQsFAAOCAQEAcc4p8/HpoMS63FiHQFuX mvF7bvFH/mvNUZGrQMjcTzsho0ct6U+82bSEMbwm1C6qD3sKFz6N3uWs4C75xgTm jfGB+af2fJO4XREtvbYR7ec983kw67qltraFo8TZoSneY7vfNUNNjdFBpee2kci1 PnrOZTURu0dhp99BCdPN9z9mxZpTqUOicxTO1ziS8ANQu13mhRJKScBPZlGN4dj7 FqbEsE2BvVYA3wIWj+HcbDUlLfjzLTnjEO2CirltEymOvvVr8dSWs15K0yPqdSjt qyguw/9cgegCMi8+eDJltIN0Tcc5lie1OdkqHdm01I9qBn3THxw1rjBCIfhw/KVR 0Q== -----END CERTIFICATE-----Generated at Tue May 7 16:42:40 2024 by rpki-client on console-ams.rpki-client.org