$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS38773.roa File: AS38773.roa (raw, json) Hash identifier: nqyVsJleyD1eooPZv027clTZBmnN3BjvgQ1ZYMzoSEw= Subject key identifier: AB:90:DC:67:11:96:57:A8:37:40:A8:80:87:DB:D4:FA:BE:BE:C4:DB Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 213BDDD08B07D69AEAD34D5E14217115038D1386 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS38773.roa Signing time: Tue 10 Dec 2024 05:00:25 +0000 ROA not before: Tue 10 Dec 2024 04:55:25 +0000 ROA not after: Tue 09 Dec 2025 05:00:25 +0000 asID: 38773 IP address blocks: 114.141.88.0/21 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:3b:dd:d0:8b:07:d6:9a:ea:d3:4d:5e:14:21:71:15:03:8d:13:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Dec 10 04:55:25 2024 GMT Not After : Dec 9 05:00:25 2025 GMT Subject: CN=AB90DC67119657A83740A88087DBD4FABEBEC4DB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:cf:76:c1:a9:57:1e:5d:08:c2:c5:b5:ef:d7: 60:ba:1c:fb:0c:4f:41:d8:6f:a7:ab:b2:9a:aa:b7: 68:99:23:90:45:30:b3:06:f7:0c:eb:73:2f:53:d7: 9e:5a:ba:27:11:eb:a8:e8:ef:51:66:d9:b2:bc:ff: 68:8c:82:b0:51:61:85:79:2c:7c:9b:e5:aa:41:34: a9:16:19:86:6e:ef:95:fc:b8:3b:93:67:12:e8:47: 70:c5:64:6b:2b:3a:43:6a:0d:61:b2:f1:37:f9:9d: f4:4d:c3:19:26:3e:c5:0f:67:72:db:55:4d:8e:59: 7b:bc:a9:eb:51:40:da:8d:ad:07:1c:70:ee:47:d5: 4e:c3:1f:88:03:ad:63:c2:2e:d1:24:5b:92:60:17: 2b:75:e6:41:49:cf:a5:51:54:12:06:7d:18:d0:fa: 9a:ee:8e:cd:9d:43:d5:45:b7:2a:1f:c8:76:35:28: 61:72:f1:49:35:60:e0:57:ea:c7:f3:b2:de:78:16: 3a:1d:b6:0f:ca:a6:3f:51:90:16:27:cd:de:06:10: 76:83:ef:81:43:e0:8d:e5:18:37:38:b5:78:3e:aa: f3:dd:5b:4a:ff:b9:a2:77:02:64:47:0f:a4:cf:4b: 20:77:a6:1b:24:2d:10:36:41:3e:fb:11:20:da:b8: e6:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:90:DC:67:11:96:57:A8:37:40:A8:80:87:DB:D4:FA:BE:BE:C4:DB X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS38773.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 114.141.88.0/21 Signature Algorithm: sha256WithRSAEncryption 5a:e2:82:a4:3e:06:8f:de:61:5b:e8:86:c0:0a:a0:83:5b:99: 30:88:01:d3:5a:73:4d:75:ca:e6:4e:d7:44:b4:ed:a7:e7:1f: 10:f8:21:fd:4c:4b:57:37:2b:ce:d9:4c:50:30:e2:27:f6:71: 85:1b:ef:3d:ce:41:dd:3c:8c:58:8b:c8:53:a4:7b:c2:16:46: 21:9f:2e:ee:ba:31:53:b6:89:d6:b6:fc:61:6e:44:f4:90:85: 38:02:57:11:a3:5a:43:ba:a1:36:e1:f0:09:31:81:07:18:85: 82:31:20:c1:16:96:60:e0:81:0f:fc:38:3c:3f:ea:e3:87:91: 4e:15:46:4e:10:f7:ac:f3:13:c1:2d:f2:f0:17:55:b7:af:3b: 65:24:dd:9f:0b:28:72:9d:1b:75:d9:f2:45:7b:06:e8:d7:df: 5a:e9:65:5a:fd:e4:d5:97:8b:a1:8b:f7:ec:e2:5b:cc:d9:2f: 22:7d:8e:6a:ae:82:ed:7b:0a:34:9a:12:25:03:7c:65:de:09: c2:ac:27:49:38:13:cd:fd:44:82:0d:35:2f:33:42:20:d8:3e: 38:09:14:cc:be:92:ed:7e:f9:73:88:a3:c1:d9:2d:b8:22:80: ac:84:1b:da:dc:88:de:6c:a6:72:cc:79:5f:4d:c8:56:87:0c: 51:1b:cc:38 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUITvd0IsH1prq001eFCFxFQONE4YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIxMDA0NTUyNVoX DTI1MTIwOTA1MDAyNVowMzExMC8GA1UEAxMoQUI5MERDNjcxMTk2NTdBODM3NDBB ODgwODdEQkQ0RkFCRUJFQzREQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK/PdsGpVx5dCMLFte/XYLoc+wxPQdhvp6uymqq3aJkjkEUwswb3DOtzL1PX nlq6JxHrqOjvUWbZsrz/aIyCsFFhhXksfJvlqkE0qRYZhm7vlfy4O5NnEuhHcMVk ays6Q2oNYbLxN/md9E3DGSY+xQ9ncttVTY5Ze7yp61FA2o2tBxxw7kfVTsMfiAOt Y8Iu0SRbkmAXK3XmQUnPpVFUEgZ9GND6mu6OzZ1D1UW3Kh/IdjUoYXLxSTVg4Ffq x/Oy3ngWOh22D8qmP1GQFifN3gYQdoPvgUPgjeUYNzi1eD6q891bSv+5oncCZEcP pM9LIHemGyQtEDZBPvsRINq45tkCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBSrkNxn EZZXqDdAqICH29T6vr7E2zAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzM4NzczLnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDco1YMA0GCSqGSIb3DQEBCwUAA4IBAQBa4oKkPgaP3mFb6IbACqCD W5kwiAHTWnNNdcrmTtdEtO2n5x8Q+CH9TEtXNyvO2UxQMOIn9nGFG+89zkHdPIxY i8hTpHvCFkYhny7uujFTtonWtvxhbkT0kIU4AlcRo1pDuqE24fAJMYEHGIWCMSDB FpZg4IEP/Dg8P+rjh5FOFUZOEPes8xPBLfLwF1W3rztlJN2fCyhynRt12fJFewbo 199a6WVa/eTVl4uhi/fs4lvM2S8ifY5qroLtewo0mhIlA3xl3gnCrCdJOBPN/USC DTUvM0Ig2D44CRTMvpLtfvlziKPB2S24IoCshBva3IjebKZyzHlfTchWhwxRG8w4 -----END CERTIFICATE-----Generated at Sat Apr 5 06:22:56 2025 by rpki-client