$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147072.roa File: AS147072.roa (raw, json) Hash identifier: KbF99aljrjlmm7N0Dyt9Euevtag0LXKLQRCYXeFBsfg= Subject key identifier: 6F:7C:DF:E9:9B:86:4F:92:93:2E:9E:20:B3:EA:8F:82:21:62:6C:CC Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 45D3166CB5CB27C333BB2E33A67717AEEA39B3F9 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147072.roa Signing time: Tue 09 Jan 2024 04:00:22 +0000 ROA not before: Tue 09 Jan 2024 03:55:22 +0000 ROA not after: Tue 07 Jan 2025 04:00:22 +0000 asID: 147072 IP address blocks: 103.172.244.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:d3:16:6c:b5:cb:27:c3:33:bb:2e:33:a6:77:17:ae:ea:39:b3:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:22 2024 GMT Not After : Jan 7 04:00:22 2025 GMT Subject: CN=6F7CDFE99B864F92932E9E20B3EA8F8221626CCC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:0b:d2:19:6c:7b:97:09:47:4f:49:74:99:ce: 59:fd:d9:64:c0:ca:16:99:0e:37:de:d1:8b:08:19: 3f:ba:ec:d4:8f:17:77:d8:bb:c7:54:87:cd:b4:c9: 2e:a9:ec:9d:a9:fa:7b:d8:cf:c5:b9:65:40:42:71: 2d:5e:80:b3:ec:76:0e:27:d5:0d:7a:c0:d2:35:69: b5:66:ff:31:d9:f8:11:4a:b9:d7:9c:97:ba:b0:e5: 70:3d:ff:53:3f:be:e4:f4:e1:a5:5c:99:82:d5:8f: 0c:08:00:9e:ed:de:0c:da:3e:e3:7e:76:61:2e:a2: f6:ac:0f:73:1b:b7:50:5b:a5:79:3d:e0:32:c2:e6: 28:d0:a7:bf:e6:77:22:29:36:a1:7c:a8:16:20:ad: fe:b2:ce:3e:e7:75:77:41:23:cf:2f:5f:cb:e8:dd: 33:c1:3f:c3:6e:af:5a:6e:fd:99:db:0b:83:97:80: d9:5a:f0:82:71:cb:0b:82:37:88:55:e0:5e:f7:01: b5:5a:f2:82:2d:a4:d1:91:ba:0c:b4:d9:63:73:c6: 27:8e:c8:a1:84:17:f6:47:4f:c5:02:9d:bb:7f:22: ac:ef:82:c2:ae:ed:48:67:1e:2d:0d:02:94:f7:46: d4:8a:9c:9d:bc:68:f5:60:aa:f8:c7:5a:d4:df:db: 63:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:7C:DF:E9:9B:86:4F:92:93:2E:9E:20:B3:EA:8F:82:21:62:6C:CC X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147072.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.172.244.0/23 Signature Algorithm: sha256WithRSAEncryption 31:a1:14:ba:f0:d4:0e:90:ee:4f:41:ba:56:d6:8d:3c:5c:e6: f2:92:ee:b5:5c:1d:38:e2:86:2c:84:89:94:6e:ba:53:0e:49: 73:7a:0f:ae:1a:9c:89:3c:fb:00:12:c3:9f:79:06:a3:14:86: 2b:d3:1c:21:39:15:ee:67:34:bd:76:ff:99:2e:6d:f1:56:b4: 4d:50:b0:9a:43:55:ee:c1:d9:9d:4b:02:c1:a4:89:fe:0e:d1: 2b:4d:cf:d0:a0:09:dd:4c:8d:13:05:c5:34:34:cb:36:db:e1: b9:15:cc:15:49:aa:48:63:e9:f7:09:2d:b3:45:6d:ee:69:8c: 73:68:80:b2:fa:80:f7:14:58:fe:ac:7d:45:24:5c:e5:35:bc: 4f:b8:3c:0c:29:d6:b0:ce:26:eb:65:18:b6:f4:30:a5:a3:8a: 2b:da:4e:f6:34:45:b6:fc:9c:4a:0a:21:2f:18:34:79:0f:af: 7a:ed:ac:60:b5:39:83:49:0c:42:52:a1:da:32:4e:af:5e:2d: 97:46:8e:e7:96:74:51:22:c2:83:80:cd:9f:dd:76:ed:c0:e5: d4:86:87:86:ee:55:ef:16:81:39:57:8e:d6:52:f9:6f:8e:9d: 49:b2:57:ec:d5:f4:01:98:8d:21:11:2b:e8:20:bc:c9:45:f2: 90:50:3b:22 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIURdMWbLXLJ8Mzuy4zpncXruo5s/kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUyMloX DTI1MDEwNzA0MDAyMlowMzExMC8GA1UEAxMoNkY3Q0RGRTk5Qjg2NEY5MjkzMkU5 RTIwQjNFQThGODIyMTYyNkNDQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ4L0hlse5cJR09JdJnOWf3ZZMDKFpkON97RiwgZP7rs1I8Xd9i7x1SHzbTJ Lqnsnan6e9jPxbllQEJxLV6As+x2DifVDXrA0jVptWb/Mdn4EUq515yXurDlcD3/ Uz++5PThpVyZgtWPDAgAnu3eDNo+4352YS6i9qwPcxu3UFuleT3gMsLmKNCnv+Z3 Iik2oXyoFiCt/rLOPud1d0Ejzy9fy+jdM8E/w26vWm79mdsLg5eA2VrwgnHLC4I3 iFXgXvcBtVrygi2k0ZG6DLTZY3PGJ47IoYQX9kdPxQKdu38irO+Cwq7tSGceLQ0C lPdG1Iqcnbxo9WCq+Mda1N/bY6ECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRvfN/p m4ZPkpMuniCz6o+CIWJszDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0NzA3Mi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWes9DANBgkqhkiG9w0BAQsFAAOCAQEAMaEUuvDUDpDuT0G6VtaN PFzm8pLutVwdOOKGLISJlG66Uw5Jc3oPrhqciTz7ABLDn3kGoxSGK9McITkV7mc0 vXb/mS5t8Va0TVCwmkNV7sHZnUsCwaSJ/g7RK03P0KAJ3UyNEwXFNDTLNtvhuRXM FUmqSGPp9wkts0Vt7mmMc2iAsvqA9xRY/qx9RSRc5TW8T7g8DCnWsM4m62UYtvQw paOKK9pO9jRFtvycSgohLxg0eQ+veu2sYLU5g0kMQlKh2jJOr14tl0aO55Z0USLC g4DNn9127cDl1IaHhu5V7xaBOVeO1lL5b46dSbJX7NX0AZiNIREr6CC8yUXykFA7 Ig== -----END CERTIFICATE-----Generated at Mon Nov 25 13:14:28 2024 by rpki-client on console-ams.rpki-client.org