$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS138842.roa File: AS138842.roa (raw, json) Hash identifier: sWNQQS2JVxbMS6EpuBqIuCM0Ct4+syG/1zQks1ZUxPs= Subject key identifier: 66:E5:EE:A9:A6:07:2A:31:62:46:EF:C2:CD:6B:8A:C7:47:7C:F2:BD Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 4E86A07F8BCE3243E8FC0E2B44895C9311903AE8 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS138842.roa Signing time: Mon 21 Apr 2025 04:22:29 +0000 ROA not before: Mon 21 Apr 2025 04:17:29 +0000 ROA not after: Mon 20 Apr 2026 04:22:29 +0000 asID: 138842 IP address blocks: 160.19.32.0/23 maxlen: 24 160.25.238.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Apr 2025 03:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:86:a0:7f:8b:ce:32:43:e8:fc:0e:2b:44:89:5c:93:11:90:3a:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Apr 21 04:17:29 2025 GMT Not After : Apr 20 04:22:29 2026 GMT Subject: CN=66E5EEA9A6072A316246EFC2CD6B8AC7477CF2BD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:af:2c:b2:b1:e1:fc:d6:0c:42:18:b0:60:49: 14:54:21:19:a1:07:4c:42:34:87:1e:8e:76:a2:ea: 08:46:ee:7e:2a:eb:45:51:84:cb:1b:a9:c1:90:79: 8d:19:c0:41:ed:80:e8:62:70:81:c0:0c:21:1e:b7: d2:cc:a1:7d:3c:d9:bf:6f:d6:4a:bd:d2:49:6e:31: 55:3e:f3:e4:e3:94:43:89:66:39:48:40:1a:96:b6: 36:b8:b7:55:3c:11:d6:6b:af:3b:95:6a:8a:34:d2: 23:b3:31:47:62:55:22:98:b4:85:3f:8b:f8:7a:65: d5:d5:62:fc:8d:65:72:e8:af:00:26:01:6a:6e:2e: 90:3d:00:c8:35:a5:78:22:1c:e9:89:99:10:5f:3e: 50:4d:7f:f5:54:17:a8:be:6a:55:cc:d5:81:0f:b9: 3a:74:a8:d7:00:ef:51:72:fa:f7:39:db:a5:e7:e8: 7a:4c:0b:5f:85:ee:a0:6f:53:76:70:ac:92:2e:c3: 18:c1:3f:f1:4a:ae:d9:d4:eb:54:13:56:4b:9d:19: 95:2a:fc:54:39:59:25:e5:bc:3b:93:6b:c6:da:64: bf:19:b4:ca:33:d0:d0:bb:2c:f4:94:2d:d2:c0:67: 93:6e:07:22:3a:a3:fe:ba:5d:df:8c:73:3f:cd:d0: 4e:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:E5:EE:A9:A6:07:2A:31:62:46:EF:C2:CD:6B:8A:C7:47:7C:F2:BD X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS138842.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.19.32.0/23 160.25.238.0/23 Signature Algorithm: sha256WithRSAEncryption 57:88:c1:2c:00:4e:04:68:e5:61:36:9e:46:74:c1:34:80:70: 82:c1:54:49:df:23:d9:e0:3a:2d:f8:fd:1b:c9:08:93:8a:87: e3:f9:33:4b:d4:3f:a5:16:32:81:ec:4f:16:84:e7:6d:74:e4: d8:88:f0:2c:47:01:1a:f3:f3:72:7a:ae:2f:a8:22:4b:aa:90: 60:c5:75:c8:b4:a0:24:92:c1:8e:fc:13:d6:c6:83:2f:28:e4: ab:e1:20:c5:83:7b:36:23:b2:9b:48:13:d4:4e:a6:b2:05:9f: 9e:1e:27:ab:3a:e0:e7:e9:f9:ca:91:a6:97:b8:a6:cf:b0:ff: 87:9d:8e:0c:7b:28:a2:9d:14:c7:04:f8:9d:f6:5b:81:8e:cd: da:6c:c0:98:0d:ef:ac:7c:4a:29:eb:d1:19:5d:77:a2:f9:27: 80:3c:5e:c8:39:c0:32:b8:8d:c5:bc:b7:31:be:71:05:0e:5b: 9d:e7:68:36:f1:83:4e:84:e8:f1:ee:d8:a5:b2:1f:af:c0:e5: 4f:d8:69:3a:58:d8:b1:8b:85:ef:3e:af:cd:cb:30:39:8b:b8: 9a:95:37:35:05:1b:63:af:72:e5:cc:b9:c8:ce:06:e5:8e:c3: 85:24:ed:21:70:03:11:bb:ed:ea:81:5e:14:d3:be:b1:1a:df: a6:1b:05:6b -----BEGIN CERTIFICATE----- MIIE4zCCA8ugAwIBAgIUToagf4vOMkPo/A4rRIlckxGQOugwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDQyMTA0MTcyOVoX DTI2MDQyMDA0MjIyOVowMzExMC8GA1UEAxMoNjZFNUVFQTlBNjA3MkEzMTYyNDZF RkMyQ0Q2QjhBQzc0NzdDRjJCRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALGvLLKx4fzWDEIYsGBJFFQhGaEHTEI0hx6OdqLqCEbufirrRVGEyxupwZB5 jRnAQe2A6GJwgcAMIR630syhfTzZv2/WSr3SSW4xVT7z5OOUQ4lmOUhAGpa2Nri3 VTwR1muvO5VqijTSI7MxR2JVIpi0hT+L+Hpl1dVi/I1lcuivACYBam4ukD0AyDWl eCIc6YmZEF8+UE1/9VQXqL5qVczVgQ+5OnSo1wDvUXL69znbpefoekwLX4XuoG9T dnCski7DGME/8Uqu2dTrVBNWS50ZlSr8VDlZJeW8O5Nrxtpkvxm0yjPQ0Lss9JQt 0sBnk24HIjqj/rpd34xzP83QTosCAwEAAaOCAdYwggHSMB0GA1UdDgQWBBRm5e6p pgcqMWJG78LNa4rHR3zyvTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzEzODg0Mi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQw EgQCAAEwDAMEAaATIAMEAaAZ7jANBgkqhkiG9w0BAQsFAAOCAQEAV4jBLABOBGjl YTaeRnTBNIBwgsFUSd8j2eA6Lfj9G8kIk4qH4/kzS9Q/pRYygexPFoTnbXTk2Ijw LEcBGvPzcnquL6giS6qQYMV1yLSgJJLBjvwT1saDLyjkq+EgxYN7NiOym0gT1E6m sgWfnh4nqzrg5+n5ypGml7imz7D/h52ODHsoop0UxwT4nfZbgY7N2mzAmA3vrHxK KevRGV13ovkngDxeyDnAMriNxby3Mb5xBQ5bnedoNvGDToTo8e7YpbIfr8DlT9hp OljYsYuF7z6vzcswOYu4mpU3NQUbY69y5cy5yM4G5Y7DhSTtIXADEbvt6oFeFNO+ sRrfphsFaw== -----END CERTIFICATE-----Generated at Sun Apr 27 07:41:39 2025 by rpki-client