$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140421.roa File: AS140421.roa (raw, json) Hash identifier: M7SLLNUxnvmv0u6jVkylVtp4MqFJQqUH7HqCaAkEsCc= Subject key identifier: 04:CE:68:79:A2:FB:EE:F7:BC:CE:82:A9:C7:67:18:19:09:29:97:75 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 544476B15AE11E13856383C893E437C00860DF02 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140421.roa Signing time: Fri 02 May 2025 08:36:21 +0000 ROA not before: Fri 02 May 2025 08:31:21 +0000 ROA not after: Fri 01 May 2026 08:36:21 +0000 asID: 140421 IP address blocks: 103.148.88.0/23 maxlen: 24 144.48.12.0/24 maxlen: 24 2001:df2:c980::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 08 May 2025 14:41:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:44:76:b1:5a:e1:1e:13:85:63:83:c8:93:e4:37:c0:08:60:df:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 2 08:31:21 2025 GMT Not After : May 1 08:36:21 2026 GMT Subject: CN=04CE6879A2FBEEF7BCCE82A9C767181909299775 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:da:f4:9d:0d:1e:d3:86:cb:db:82:3e:09:87: 67:2f:97:11:21:a7:ac:ba:29:87:ad:f7:1f:d1:e7: 4a:d9:af:2e:ff:f0:5f:97:54:24:a2:d9:e7:ab:0b: 51:76:83:7a:ca:8a:82:bc:19:d7:88:44:41:af:b3: 00:31:1f:a2:d3:0b:19:71:61:eb:30:fc:f3:97:1e: 47:da:80:f0:7e:60:57:6a:f1:02:19:91:61:86:6c: 69:14:5c:6a:fc:e6:5f:cd:04:7d:7c:7f:92:d7:c9: 1c:95:e7:a6:86:3a:b6:27:24:8f:95:99:fe:13:8f: 9a:b8:b2:dc:c9:03:33:01:7f:16:9e:50:d8:92:bd: 9d:51:8d:7b:4d:3c:2a:3a:44:dd:ff:bf:a6:e1:8d: 8b:0e:7f:01:41:9c:7a:3b:99:cb:8c:79:36:f5:7b: d3:3b:fa:f0:7c:13:6c:e2:39:c6:80:31:e7:ec:ba: 21:f1:86:74:63:c1:19:56:ef:6f:ca:a7:63:b0:c1: 9c:a5:de:22:85:c0:ed:d2:49:f4:c9:5f:89:28:c0: 5e:a6:6c:be:7c:b2:82:97:12:12:e2:85:77:15:98: 86:0a:cd:8e:4f:56:58:19:bc:3c:fb:fd:a4:38:37: 65:c6:8c:d2:6d:01:a4:50:cb:f3:42:8b:f6:80:ac: c8:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:CE:68:79:A2:FB:EE:F7:BC:CE:82:A9:C7:67:18:19:09:29:97:75 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140421.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.148.88.0/23 144.48.12.0/24 IPv6: 2001:df2:c980::/48 Signature Algorithm: sha256WithRSAEncryption 03:65:11:51:c7:04:83:b8:54:da:22:da:4d:d0:1e:ba:7c:e6: a2:61:b2:2e:dc:c5:5b:51:14:8a:cf:ef:4a:86:ec:6c:a7:74: e3:70:d3:f2:3f:72:2f:5b:04:c3:db:89:cc:11:ef:8b:87:0e: 13:0c:27:2d:ff:85:23:d3:36:cb:6b:02:dd:29:14:c6:84:1e: b4:10:c6:0e:34:53:11:d2:bf:aa:41:30:77:a5:3d:e0:d9:c7: 00:1a:16:1d:97:3d:3d:62:2b:43:11:4b:ba:eb:93:d4:45:93: 66:28:02:e1:d7:4f:e7:b0:57:4b:46:17:13:9e:dd:b4:1c:fe: 38:5f:7f:ed:b0:07:fa:cb:89:6a:22:62:a4:34:b2:cc:19:ab: 61:51:b0:c1:4f:bc:fa:17:64:4b:8a:cf:35:01:95:87:39:97: e2:ab:ac:c3:6c:ed:fd:14:5b:57:d6:4d:65:12:cb:1a:bf:24: d1:63:00:d0:0e:87:08:6b:3d:ee:9b:de:3f:b7:6d:74:bb:22: 8c:be:c6:eb:89:01:48:06:50:ed:dd:84:35:97:5b:3c:05:00: fe:4a:e3:f4:8a:cc:41:a9:ed:11:b1:2a:90:1a:ea:80:0b:a8: 51:8a:fa:a5:c4:9f:a0:8c:50:c0:23:b6:d9:60:8d:3a:ac:36: fc:87:ec:cf -----BEGIN CERTIFICATE----- MIIE9DCCA9ygAwIBAgIUVER2sVrhHhOFY4PIk+Q3wAhg3wIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUwMjA4MzEyMVoX DTI2MDUwMTA4MzYyMVowMzExMC8GA1UEAxMoMDRDRTY4NzlBMkZCRUVGN0JDQ0U4 MkE5Qzc2NzE4MTkwOTI5OTc3NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKPa9J0NHtOGy9uCPgmHZy+XESGnrLoph633H9HnStmvLv/wX5dUJKLZ56sL UXaDesqKgrwZ14hEQa+zADEfotMLGXFh6zD885ceR9qA8H5gV2rxAhmRYYZsaRRc avzmX80EfXx/ktfJHJXnpoY6tickj5WZ/hOPmriy3MkDMwF/Fp5Q2JK9nVGNe008 KjpE3f+/puGNiw5/AUGcejuZy4x5NvV70zv68HwTbOI5xoAx5+y6IfGGdGPBGVbv b8qnY7DBnKXeIoXA7dJJ9MlfiSjAXqZsvnyygpcSEuKFdxWYhgrNjk9WWBm8PPv9 pDg3ZcaM0m0BpFDL80KL9oCsyD8CAwEAAaOCAecwggHjMB0GA1UdDgQWBBQEzmh5 ovvu97zOgqnHZxgZCSmXdTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MDQyMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2BggrBgEFBQcBBwEB/wQnMCUw EgQCAAEwDAMEAWeUWAMEAJAwDDAPBAIAAjAJAwcAIAEN8smAMA0GCSqGSIb3DQEB CwUAA4IBAQADZRFRxwSDuFTaItpN0B66fOaiYbIu3MVbURSKz+9Khuxsp3TjcNPy P3IvWwTD24nMEe+Lhw4TDCct/4Uj0zbLawLdKRTGhB60EMYONFMR0r+qQTB3pT3g 2ccAGhYdlz09YitDEUu665PURZNmKALh10/nsFdLRhcTnt20HP44X3/tsAf6y4lq ImKkNLLMGathUbDBT7z6F2RLis81AZWHOZfiq6zDbO39FFtX1k1lEssavyTRYwDQ DocIaz3um94/t210uyKMvsbriQFIBlDt3YQ1l1s8BQD+SuP0isxBqe0RsSqQGuqA C6hRivqlxJ+gjFDAI7bZYI06rDb8h+zP -----END CERTIFICATE-----Generated at Mon May 5 21:58:04 2025 by rpki-client