$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS45298.roa File: AS45298.roa (raw, json) Hash identifier: 3fGzmXf5QZbMcT58S+G7dqQX07EDBYnXGvXz2I9NJis= Subject key identifier: 5E:B3:EA:F5:87:3B:8D:94:A9:75:6A:A3:A5:44:26:5A:49:36:BD:34 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5F7C71D842A73B8A94F9F33225F573DA1E892956 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS45298.roa Signing time: Thu 02 Nov 2023 03:43:51 +0000 ROA not before: Thu 02 Nov 2023 03:38:51 +0000 ROA not after: Thu 31 Oct 2024 03:43:51 +0000 asID: 45298 IP address blocks: 103.228.8.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 03:34:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:7c:71:d8:42:a7:3b:8a:94:f9:f3:32:25:f5:73:da:1e:89:29:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 2 03:38:51 2023 GMT Not After : Oct 31 03:43:51 2024 GMT Subject: CN=5EB3EAF5873B8D94A9756AA3A544265A4936BD34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:39:72:6e:55:bb:ef:5a:ff:d0:2f:11:c4:e8: 17:09:50:d4:95:2e:39:c9:3b:c6:13:13:6e:f7:44: be:4b:f7:11:f3:21:4a:02:eb:b5:a3:42:f8:f8:83: 75:ff:a8:4d:67:02:6f:ac:f4:27:ce:b6:2b:ec:9f: e4:06:d5:67:4c:15:ff:a5:af:ca:a0:1b:3e:b7:17: 66:e8:cf:3d:a7:ec:7f:11:d1:f8:b0:7e:fb:e5:b7: ef:02:f1:0f:33:96:d7:89:40:d8:86:3e:67:92:e6: 52:a7:c5:b3:d4:7d:0d:bd:d4:d7:0e:f8:5b:53:0d: b0:cd:a1:ec:5e:2d:1e:24:af:31:89:24:7d:5a:7f: d0:80:98:bd:50:1f:7c:e4:d7:5c:7c:c7:f1:9c:3a: d6:5e:e8:38:b3:a5:02:31:fb:c7:7a:bc:73:53:c5: 87:32:6c:ec:31:ae:e6:2b:36:f2:e8:29:ab:5f:af: d6:e7:a2:56:b1:12:0d:24:7a:63:ef:7f:9f:53:11: 6b:03:70:ad:51:00:a7:8a:fe:29:17:c3:6b:56:0d: ad:55:ec:2b:f5:b3:ce:53:01:b6:88:85:4b:a9:b5: fc:a6:1e:c7:a3:d9:5c:25:cd:34:20:b7:27:c9:8f: 14:b4:93:d9:e9:9c:ed:b3:df:8c:3a:24:6d:4f:dd: ae:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:B3:EA:F5:87:3B:8D:94:A9:75:6A:A3:A5:44:26:5A:49:36:BD:34 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS45298.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.228.8.0/24 Signature Algorithm: sha256WithRSAEncryption 7f:3b:71:ac:30:58:0b:20:d4:2b:f2:7f:1e:63:5d:7e:5a:e8: 27:85:c3:a6:31:e6:1d:ff:64:f6:d2:cb:c8:5f:22:04:34:09: aa:e6:f7:99:ab:7c:47:82:42:a3:5f:b8:64:37:89:1a:d4:89: 24:db:b5:b7:06:09:9f:18:90:6c:03:d1:7f:7a:60:c9:a3:42: c4:b0:2f:2f:0e:24:bb:3a:2b:b8:1c:e3:c9:c6:a6:0a:32:cb: 53:e0:d5:5d:01:8e:47:ce:53:f6:40:9f:85:90:10:06:84:b2: 1b:04:50:ca:dd:a4:c2:88:94:45:e9:65:44:ae:8f:2e:43:24: 5c:da:2d:2a:88:50:36:89:c0:fa:70:5a:a7:8a:77:31:c3:d9: 0d:c7:8d:27:cd:bd:20:31:a2:21:7c:a8:75:8b:d3:6c:64:a0: 4d:d4:5b:89:9d:da:a5:a2:b1:0a:98:da:4f:1d:60:3f:d9:ef: d5:d2:e9:81:01:3e:69:3f:f6:08:ee:cd:51:2b:9e:f2:04:ab: ee:c5:25:78:cd:af:f5:6f:0e:09:16:98:60:93:1b:a7:49:36: 57:60:12:da:9f:65:c8:e4:d1:9c:6e:ba:df:e3:32:53:ec:3f: 4e:c5:4d:f6:28:10:3a:df:17:2a:60:f0:51:b7:b4:9a:e1:8a: f2:ab:f1:a0 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUX3xx2EKnO4qU+fMyJfVz2h6JKVYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMTEwMjAzMzg1MVoX DTI0MTAzMTAzNDM1MVowMzExMC8GA1UEAxMoNUVCM0VBRjU4NzNCOEQ5NEE5NzU2 QUEzQTU0NDI2NUE0OTM2QkQzNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANA5cm5Vu+9a/9AvEcToFwlQ1JUuOck7xhMTbvdEvkv3EfMhSgLrtaNC+PiD df+oTWcCb6z0J862K+yf5AbVZ0wV/6WvyqAbPrcXZujPPafsfxHR+LB+++W37wLx DzOW14lA2IY+Z5LmUqfFs9R9Db3U1w74W1MNsM2h7F4tHiSvMYkkfVp/0ICYvVAf fOTXXHzH8Zw61l7oOLOlAjH7x3q8c1PFhzJs7DGu5is28ugpq1+v1ueiVrESDSR6 Y+9/n1MRawNwrVEAp4r+KRfDa1YNrVXsK/WzzlMBtoiFS6m1/KYex6PZXCXNNCC3 J8mPFLST2emc7bPfjDokbU/drqUCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBRes+r1 hzuNlKl1aqOlRCZaSTa9NDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzQ1Mjk4LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAZ+QIMA0GCSqGSIb3DQEBCwUAA4IBAQB/O3GsMFgLINQr8n8eY11+ WugnhcOmMeYd/2T20svIXyIENAmq5veZq3xHgkKjX7hkN4ka1Ikk27W3BgmfGJBs A9F/emDJo0LEsC8vDiS7Oiu4HOPJxqYKMstT4NVdAY5HzlP2QJ+FkBAGhLIbBFDK 3aTCiJRF6WVEro8uQyRc2i0qiFA2icD6cFqnincxw9kNx40nzb0gMaIhfKh1i9Ns ZKBN1FuJndqlorEKmNpPHWA/2e/V0umBAT5pP/YI7s1RK57yBKvuxSV4za/1bw4J FphgkxunSTZXYBLan2XI5NGcbrrf4zJT7D9OxU32KBA63xcqYPBRt7Sa4Yryq/Gg -----END CERTIFICATE-----Generated at Wed May 8 21:02:25 2024 by rpki-client on console-fra.rpki-client.org