$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS38771.roa File: AS38771.roa (raw, json) Hash identifier: nLtO4DsvEykt4cMr0kD5RAH993aATCIbVVNvZeoNXUk= Subject key identifier: 98:1F:F5:C5:47:4B:AE:E4:23:52:BF:5C:C0:58:38:81:93:C5:C2:D9 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 23A9B58B5B314E651AB2353B4D753F04B9973C8F Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS38771.roa Signing time: Tue 09 Jan 2024 04:00:02 +0000 ROA not before: Tue 09 Jan 2024 03:55:02 +0000 ROA not after: Tue 07 Jan 2025 04:00:02 +0000 asID: 38771 IP address blocks: 103.171.234.0/23 maxlen: 24 114.141.48.0/21 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 18:02:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:a9:b5:8b:5b:31:4e:65:1a:b2:35:3b:4d:75:3f:04:b9:97:3c:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:02 2024 GMT Not After : Jan 7 04:00:02 2025 GMT Subject: CN=981FF5C5474BAEE42352BF5CC058388193C5C2D9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:fb:69:61:71:4b:c8:97:0f:42:22:74:24:56: d9:5d:b2:82:99:14:71:32:10:1a:67:a5:a1:21:59: c3:a9:c5:cb:f0:7d:be:dc:83:29:d6:1c:4e:42:7e: 2d:30:84:f9:d7:f2:b6:8a:56:6f:cc:18:f8:71:33: dc:86:a8:9d:3f:03:43:35:95:84:cc:51:8c:c4:19: 7a:fc:4c:79:f7:31:0a:8e:18:81:3e:64:aa:cd:91: 03:2a:ee:24:8c:23:1e:eb:b9:1c:37:6a:3e:7e:d2: 02:4f:69:55:f3:bd:0b:c7:98:66:ee:3a:08:55:63: 3d:2f:ce:14:75:53:43:de:0a:b3:b0:a5:6a:38:46: 34:73:0a:6e:5c:1e:70:be:d9:de:01:d5:20:bf:54: bb:c9:16:b6:17:ad:f8:bc:db:18:cc:3d:13:8c:4e: 5b:f4:7c:a7:25:7b:af:5d:c3:9a:c0:71:dd:02:cd: cd:18:c6:66:7b:54:22:c9:0d:e8:13:d4:5d:c4:60: 26:75:89:8f:a3:02:ec:20:8f:eb:ba:a8:ad:95:87: 85:e8:7f:12:e6:8f:b4:35:cb:61:4a:5f:86:9a:80: 88:c8:5c:98:77:fd:e1:80:53:86:2a:81:bb:1b:54: 17:08:42:9f:60:8a:af:00:21:eb:84:8e:e4:1d:9d: d0:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:1F:F5:C5:47:4B:AE:E4:23:52:BF:5C:C0:58:38:81:93:C5:C2:D9 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS38771.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.171.234.0/23 114.141.48.0/21 Signature Algorithm: sha256WithRSAEncryption 9b:47:fe:7d:df:9e:10:cb:39:a7:e6:1c:75:8e:9d:f6:c4:96: 0f:52:3e:c9:9f:b1:d2:7e:d3:77:9d:c6:2f:57:fd:5d:57:a7: 13:8c:22:91:2c:d1:79:2e:01:7b:1c:dc:19:d9:7d:f7:cf:54: d3:41:28:09:07:9b:77:cf:7a:04:0b:61:a7:82:8a:25:7a:d8: ba:df:1b:56:11:b3:66:1b:9a:3a:9f:61:79:94:a5:a6:ff:e5: 44:69:6b:63:7c:44:0e:82:6a:59:51:09:a3:fb:7d:49:61:39: 01:b9:95:77:65:31:e3:7c:23:c2:e0:e3:47:9e:a9:6b:02:fa: 80:88:5b:29:47:04:f8:1c:bb:b4:d2:77:7d:cc:1d:44:c4:c0: 91:5e:51:77:8d:44:47:fb:3a:20:f2:89:17:13:53:18:87:9c: 56:e4:1f:da:ff:8d:ea:cc:1b:0e:8a:54:30:ad:a6:1b:b4:40: d4:9f:29:ec:e4:e1:4f:d2:26:2a:bb:45:bb:9e:4a:ef:63:80: e6:38:c8:d8:44:a3:85:f7:85:16:5f:dd:0b:d2:ac:55:5f:d2: e6:e6:e4:00:f3:cd:23:c7:92:b7:d0:0c:4f:97:51:5a:9f:21: b6:31:8d:f9:7f:c2:94:f3:02:1a:bd:e3:25:1a:23:6f:f3:0a: 3a:fc:28:05 -----BEGIN CERTIFICATE----- MIIE4jCCA8qgAwIBAgIUI6m1i1sxTmUasjU7TXU/BLmXPI8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUwMloX DTI1MDEwNzA0MDAwMlowMzExMC8GA1UEAxMoOTgxRkY1QzU0NzRCQUVFNDIzNTJC RjVDQzA1ODM4ODE5M0M1QzJEOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANr7aWFxS8iXD0IidCRW2V2ygpkUcTIQGmeloSFZw6nFy/B9vtyDKdYcTkJ+ LTCE+dfytopWb8wY+HEz3IaonT8DQzWVhMxRjMQZevxMefcxCo4YgT5kqs2RAyru JIwjHuu5HDdqPn7SAk9pVfO9C8eYZu46CFVjPS/OFHVTQ94Ks7ClajhGNHMKblwe cL7Z3gHVIL9Uu8kWthet+LzbGMw9E4xOW/R8pyV7r13DmsBx3QLNzRjGZntUIskN 6BPUXcRgJnWJj6MC7CCP67qorZWHheh/EuaPtDXLYUpfhpqAiMhcmHf94YBThiqB uxtUFwhCn2CKrwAh64SO5B2d0CcCAwEAAaOCAdUwggHRMB0GA1UdDgQWBBSYH/XF R0uu5CNSv1zAWDiBk8XC2TAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzM4NzcxLnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQBZ6vqAwQDco0wMA0GCSqGSIb3DQEBCwUAA4IBAQCbR/59354Qyzmn 5hx1jp32xJYPUj7Jn7HSftN3ncYvV/1dV6cTjCKRLNF5LgF7HNwZ2X33z1TTQSgJ B5t3z3oEC2Gngooleti63xtWEbNmG5o6n2F5lKWm/+VEaWtjfEQOgmpZUQmj+31J YTkBuZV3ZTHjfCPC4ONHnqlrAvqAiFspRwT4HLu00nd9zB1ExMCRXlF3jURH+zog 8okXE1MYh5xW5B/a/43qzBsOilQwraYbtEDUnyns5OFP0iYqu0W7nkrvY4DmOMjY RKOF94UWX90L0qxVX9Lm5uQA880jx5K30AxPl1FanyG2MY35f8KU8wIaveMlGiNv 8wo6/CgF -----END CERTIFICATE-----Generated at Wed May 8 17:45:24 2024 by rpki-client on console-ams.rpki-client.org