$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58821.roa File: AS58821.roa (raw, json) Hash identifier: qbPkoVzHaRQmIwQCG8BKezUNK6PpaGrapM/WLEIPLe8= Subject key identifier: B5:D5:BA:8D:84:93:4C:81:D4:C2:04:42:42:13:5D:A9:F6:45:BD:0F Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5DC4009F11B329721A2007988629B6E71498B189 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58821.roa Signing time: Tue 10 Dec 2024 05:00:02 +0000 ROA not before: Tue 10 Dec 2024 04:55:02 +0000 ROA not after: Tue 09 Dec 2025 05:00:02 +0000 asID: 58821 IP address blocks: 103.156.248.0/23 maxlen: 24 2001:df5:9f80::/48 maxlen: 48 2406:9140::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 12:52:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:c4:00:9f:11:b3:29:72:1a:20:07:98:86:29:b6:e7:14:98:b1:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Dec 10 04:55:02 2024 GMT Not After : Dec 9 05:00:02 2025 GMT Subject: CN=B5D5BA8D84934C81D4C2044242135DA9F645BD0F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:85:c1:68:86:84:43:03:e0:b5:8d:f1:c9:8e: 28:42:be:e0:db:c2:d2:48:b5:08:a3:9e:bc:52:df: 91:f1:d4:93:e9:cb:e9:11:78:d9:cc:77:3b:71:5c: 79:b4:de:1b:03:6d:d5:3a:f8:40:07:fb:bb:18:ef: 1a:71:34:06:4e:55:23:30:9d:2a:60:6d:99:21:68: f2:2f:40:0d:bb:ac:7b:95:e0:0c:16:bf:7b:e2:f4: 29:fb:51:1a:06:23:c7:f5:ae:7f:7c:b3:35:75:94: d2:7c:7f:c6:c0:9b:44:e1:17:c7:13:36:80:49:59: 99:a4:dd:55:1a:ac:da:ac:ac:36:dd:e7:06:94:61: 53:ad:63:c0:58:68:12:9d:d6:03:ca:c1:f4:40:af: be:b0:4b:c5:d8:ce:7b:af:d7:e1:da:b7:20:25:e8: cf:1f:f5:c0:79:e7:47:32:42:5f:fe:15:7b:d4:58: fe:37:53:33:19:92:ec:0f:9e:a9:ef:31:f4:63:a2: ac:e7:51:4e:b1:ec:45:93:f1:4a:f8:cf:54:7a:dc: 5d:5b:3b:5e:8a:18:7d:e0:40:87:8d:58:70:36:86: 08:3f:59:17:2e:22:6d:90:b3:60:12:77:d3:b1:5b: 43:1e:86:87:3b:7a:25:a6:4a:57:de:c0:70:af:bf: 39:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:D5:BA:8D:84:93:4C:81:D4:C2:04:42:42:13:5D:A9:F6:45:BD:0F X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58821.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.156.248.0/23 IPv6: 2001:df5:9f80::/48 2406:9140::/32 Signature Algorithm: sha256WithRSAEncryption 1b:6b:3b:54:bd:bc:a8:ef:74:51:da:ad:3a:0a:6b:66:06:57: c1:68:7f:66:f5:96:82:f9:4b:fc:fc:c3:ca:ca:f8:57:f0:21: e1:8b:a6:43:45:c7:3c:42:1a:03:64:bf:8f:31:28:8f:b7:85: af:83:31:a7:b6:59:08:30:93:45:6b:b0:47:50:f4:51:38:1d: 0c:79:22:39:d2:c3:fe:3a:c8:9e:f2:77:96:2e:66:ba:ff:81: d3:a3:3b:f9:e8:c6:f4:5a:d2:cc:1b:b7:fb:76:d3:dc:76:31: 51:a3:8c:ae:96:ee:6f:db:63:0e:83:e8:27:57:b7:a3:3d:49: ec:54:f9:83:f6:06:3a:1f:2e:df:e9:16:88:d8:ad:8e:a2:0a: c3:c2:e3:01:de:14:06:ec:0f:17:19:c8:98:a6:4d:dd:ee:52: 77:a0:31:df:c4:6f:5a:f5:7a:99:94:43:48:6d:65:44:86:00: 1e:2d:93:23:ed:cf:c2:69:6f:98:72:ac:c1:65:c3:fd:b3:52: 65:bf:83:08:6a:ad:02:46:ea:62:43:ef:7a:31:cd:07:a1:6e: be:30:52:d3:7c:b9:44:e9:e1:75:d5:79:d1:f4:fb:7a:64:9d: ca:bb:1b:47:3f:93:b2:94:31:29:c8:78:19:af:ce:87:23:a5: 73:7b:31:f0 -----BEGIN CERTIFICATE----- MIIE9DCCA9ygAwIBAgIUXcQAnxGzKXIaIAeYhim25xSYsYkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIxMDA0NTUwMloX DTI1MTIwOTA1MDAwMlowMzExMC8GA1UEAxMoQjVENUJBOEQ4NDkzNEM4MUQ0QzIw NDQyNDIxMzVEQTlGNjQ1QkQwRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALKFwWiGhEMD4LWN8cmOKEK+4NvC0ki1CKOevFLfkfHUk+nL6RF42cx3O3Fc ebTeGwNt1Tr4QAf7uxjvGnE0Bk5VIzCdKmBtmSFo8i9ADbuse5XgDBa/e+L0KftR GgYjx/Wuf3yzNXWU0nx/xsCbROEXxxM2gElZmaTdVRqs2qysNt3nBpRhU61jwFho Ep3WA8rB9ECvvrBLxdjOe6/X4dq3ICXozx/1wHnnRzJCX/4Ve9RY/jdTMxmS7A+e qe8x9GOirOdRTrHsRZPxSvjPVHrcXVs7XooYfeBAh41YcDaGCD9ZFy4ibZCzYBJ3 07FbQx6Ghzt6JaZKV97AcK+/OTkCAwEAAaOCAecwggHjMB0GA1UdDgQWBBS11bqN hJNMgdTCBEJCE12p9kW9DzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzU4ODIxLnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAM BAIAATAGAwQBZ5z4MBYEAgACMBADBwAgAQ31n4ADBQAkBpFAMA0GCSqGSIb3DQEB CwUAA4IBAQAbaztUvbyo73RR2q06CmtmBlfBaH9m9ZaC+Uv8/MPKyvhX8CHhi6ZD Rcc8QhoDZL+PMSiPt4WvgzGntlkIMJNFa7BHUPRROB0MeSI50sP+Osie8neWLma6 /4HTozv56Mb0WtLMG7f7dtPcdjFRo4yulu5v22MOg+gnV7ejPUnsVPmD9gY6Hy7f 6RaI2K2OogrDwuMB3hQG7A8XGciYpk3d7lJ3oDHfxG9a9XqZlENIbWVEhgAeLZMj 7c/CaW+YcqzBZcP9s1Jlv4MIaq0CRupiQ+96Mc0HoW6+MFLTfLlE6eF11XnR9Pt6 ZJ3KuxtHP5OylDEpyHgZr86HI6VzezHw -----END CERTIFICATE-----Generated at Tue Apr 29 06:27:14 2025 by rpki-client