$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS45325.roa File: AS45325.roa (raw, json) Hash identifier: Jfrhiqz1JTXHGhR/YVHgcpJ3zwiPtDm/0p38Rn9yr6c= Subject key identifier: EF:15:3B:D1:52:F2:40:4A:DF:96:03:1F:56:91:44:BE:95:93:7E:90 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 43CCE2A49B29718F16F5DC2E6F990556F87FCAF3 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS45325.roa Signing time: Wed 05 Jun 2024 06:23:48 +0000 ROA not before: Wed 05 Jun 2024 06:18:48 +0000 ROA not after: Wed 04 Jun 2025 06:23:48 +0000 asID: 45325 IP address blocks: 103.3.68.0/23 maxlen: 24 103.151.140.0/24 maxlen: 24 103.151.141.0/24 maxlen: 24 2001:df7:880::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:cc:e2:a4:9b:29:71:8f:16:f5:dc:2e:6f:99:05:56:f8:7f:ca:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 5 06:18:48 2024 GMT Not After : Jun 4 06:23:48 2025 GMT Subject: CN=EF153BD152F2404ADF96031F569144BE95937E90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:df:53:f8:7a:38:d0:99:9c:d4:95:2d:f6:34: cf:ce:9e:53:e0:4f:77:8e:f8:8a:1e:d2:c3:eb:1b: 6e:c4:98:89:ef:0c:1e:8d:15:d3:5c:2f:35:c0:ab: ca:d8:67:ed:74:be:ab:cf:be:54:a2:31:e6:de:8c: e8:1c:1d:55:e7:d4:50:03:e1:a0:1d:30:89:d8:26: e5:d2:09:ce:1b:69:29:3e:82:b8:fb:8e:60:26:14: e0:88:aa:fa:91:25:b1:c6:63:df:6f:34:b8:50:22: d7:e7:9c:3a:92:ca:e1:a9:e3:9e:8a:bd:f2:ae:46: ab:5d:14:98:76:ad:e5:77:7d:2d:59:c9:c5:b9:2d: a8:b6:0d:92:a3:31:ec:19:b5:47:1d:49:f2:33:ca: a6:11:bf:27:59:fa:62:bf:18:4f:4e:4d:9c:c7:c1: 23:9f:56:3d:b7:f3:09:a9:46:bb:b5:f7:04:53:d5: 8d:94:40:5d:91:e8:3e:93:ed:36:01:96:ee:c6:b8: f6:3e:37:ea:37:39:d5:65:1b:f2:3e:d3:3f:64:7e: eb:62:02:9c:62:66:d1:fb:62:fb:81:ec:0d:d3:30: 1a:b5:2b:32:43:66:82:3b:c1:c5:90:d7:17:2e:89: e4:99:da:96:4f:87:76:54:38:f8:87:d7:ef:4c:c0: 51:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:15:3B:D1:52:F2:40:4A:DF:96:03:1F:56:91:44:BE:95:93:7E:90 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS45325.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.3.68.0/23 103.151.140.0/23 IPv6: 2001:df7:880::/48 Signature Algorithm: sha256WithRSAEncryption 1e:74:33:74:b3:89:be:0d:ca:a0:eb:3e:fa:4a:89:30:bf:33: 90:a0:28:2d:7d:71:86:be:ae:1e:06:c9:dc:da:47:0d:45:ae: 5b:53:f6:1e:26:71:99:f8:6f:ad:14:ed:3e:9b:8b:6d:1a:ca: 11:ab:14:19:73:37:48:a5:5a:bb:72:01:10:c0:59:37:c2:d0: eb:e5:c3:8f:c6:97:44:19:96:32:93:c2:21:1b:23:ca:5b:0d: 88:55:2d:e9:be:63:48:eb:f0:0e:f4:0b:4b:15:7c:2b:b0:d4: 4d:d5:14:90:ad:1f:94:f0:46:9c:f4:9f:35:03:c0:41:38:0f: 64:6d:5a:66:15:4b:d8:20:5a:10:fa:1f:49:e5:22:1e:76:1f: b3:d9:8d:09:3b:e2:3a:52:6f:e4:19:38:c6:f2:7e:6b:44:99: 12:53:e0:71:ff:35:1b:bf:3e:cb:5e:6d:e4:98:c8:bc:45:5e: ba:38:0f:71:8b:7c:14:1b:cb:90:ef:45:5f:71:58:86:ec:5b: 19:dd:1c:a3:97:52:c2:0e:a9:e7:5c:ae:95:0d:3a:fa:12:94: fa:bf:e1:46:34:b8:66:ef:db:60:26:32:0b:70:62:6b:e8:9c: 1c:69:63:39:da:bb:1f:b6:00:36:57:fb:ee:3e:08:b9:84:a8: b5:0c:72:54 -----BEGIN CERTIFICATE----- MIIE8zCCA9ugAwIBAgIUQ8zipJspcY8W9dwub5kFVvh/yvMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDYwNTA2MTg0OFoX DTI1MDYwNDA2MjM0OFowMzExMC8GA1UEAxMoRUYxNTNCRDE1MkYyNDA0QURGOTYw MzFGNTY5MTQ0QkU5NTkzN0U5MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANvfU/h6ONCZnNSVLfY0z86eU+BPd474ih7Sw+sbbsSYie8MHo0V01wvNcCr ythn7XS+q8++VKIx5t6M6BwdVefUUAPhoB0widgm5dIJzhtpKT6CuPuOYCYU4Iiq +pElscZj3280uFAi1+ecOpLK4anjnoq98q5Gq10UmHat5Xd9LVnJxbktqLYNkqMx 7Bm1Rx1J8jPKphG/J1n6Yr8YT05NnMfBI59WPbfzCalGu7X3BFPVjZRAXZHoPpPt NgGW7sa49j436jc51WUb8j7TP2R+62ICnGJm0fti+4HsDdMwGrUrMkNmgjvBxZDX Fy6J5Jnalk+HdlQ4+IfX70zAUXECAwEAAaOCAeYwggHiMB0GA1UdDgQWBBTvFTvR UvJASt+WAx9WkUS+lZN+kDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzQ1MzI1LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAS BAIAATAMAwQBZwNEAwQBZ5eMMA8EAgACMAkDBwAgAQ33CIAwDQYJKoZIhvcNAQEL BQADggEBAB50M3Szib4NyqDrPvpKiTC/M5CgKC19cYa+rh4GydzaRw1FrltT9h4m cZn4b60U7T6bi20ayhGrFBlzN0ilWrtyARDAWTfC0Ovlw4/Gl0QZljKTwiEbI8pb DYhVLem+Y0jr8A70C0sVfCuw1E3VFJCtH5TwRpz0nzUDwEE4D2RtWmYVS9ggWhD6 H0nlIh52H7PZjQk74jpSb+QZOMbyfmtEmRJT4HH/NRu/PstebeSYyLxFXro4D3GL fBQby5DvRV9xWIbsWxndHKOXUsIOqedcrpUNOvoSlPq/4UY0uGbv22AmMgtwYmvo nBxpYznaux+2ADZX++4+CLmEqLUMclQ= -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:50 2024 by rpki-client on console-ams.rpki-client.org