$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS138091.roa File: AS138091.roa (raw, json) Hash identifier: XeXpNesk7QY2VATg1aednobmnh83TAksXjBd6Gz+lvk= Subject key identifier: F8:FF:2C:80:91:3E:53:2E:33:23:31:72:E3:84:86:CC:40:1B:E8:64 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 26368C88BB338F6D48C6B7290B2BB5DD0053B0A3 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS138091.roa Signing time: Thu 06 Feb 2025 10:44:54 +0000 ROA not before: Thu 06 Feb 2025 10:39:54 +0000 ROA not after: Thu 05 Feb 2026 10:44:54 +0000 asID: 138091 IP address blocks: 157.20.243.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 19:57:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:36:8c:88:bb:33:8f:6d:48:c6:b7:29:0b:2b:b5:dd:00:53:b0:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 6 10:39:54 2025 GMT Not After : Feb 5 10:44:54 2026 GMT Subject: CN=F8FF2C80913E532E33233172E38486CC401BE864 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:36:41:75:5f:d4:c1:73:86:d2:fd:82:35:1f: 83:27:96:ec:e2:65:33:6c:7a:25:81:17:71:08:fe: db:44:c8:27:be:3a:e8:62:6b:a5:e3:d9:71:d7:d2: 33:ba:bf:87:08:e9:f4:47:8f:be:60:17:f7:07:a5: 7c:54:46:13:4b:8f:7b:0f:3e:97:59:fa:2c:25:35: 70:c0:0c:bf:75:66:fb:62:f9:ad:41:2d:52:9e:67: 36:9b:63:18:94:26:28:f6:50:ff:c5:0b:81:04:bd: f1:53:05:47:5f:76:56:a4:80:a6:fb:63:c1:c5:f8: fd:d0:a6:10:7b:11:94:60:f2:2a:98:ce:4c:25:ab: 2a:88:ff:c7:13:18:11:15:f1:1d:a2:3a:d8:27:be: b8:85:97:27:69:9d:57:2b:8a:cf:7e:32:e8:e5:8f: ff:51:a3:45:91:fe:5b:0c:e3:56:db:94:8d:b1:da: 0e:9e:23:a7:88:43:1c:89:5d:a3:d0:5d:74:96:6d: 8e:e0:73:b5:0a:f4:89:ba:b9:75:b9:25:b5:0e:5c: 55:e1:0d:e8:f3:b2:21:2b:f7:8f:99:8e:22:36:2b: fd:47:fa:82:68:bd:e5:0c:e5:e4:35:35:e0:1b:e1: 74:f8:33:7d:e3:46:76:a4:cd:f4:e8:94:21:53:80: 5a:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:FF:2C:80:91:3E:53:2E:33:23:31:72:E3:84:86:CC:40:1B:E8:64 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS138091.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.243.0/24 Signature Algorithm: sha256WithRSAEncryption 8e:66:4c:9e:b1:46:7a:86:68:67:da:15:ae:56:40:26:e8:96: ce:6e:d1:fe:12:35:fb:e3:03:a7:a4:1b:7a:ed:b7:f9:c2:ad: 88:83:b5:4a:ed:02:fc:ec:a2:97:d4:31:ec:39:1c:00:96:e7: 4b:2a:e7:12:2f:bc:7d:9e:16:31:b0:2a:99:bf:45:2d:8a:b2: 8f:bf:cd:3e:ea:ea:97:e5:74:76:80:aa:34:76:d3:07:6c:3d: 31:22:1b:ee:6e:fc:26:cc:7d:1b:37:5e:4d:ec:86:45:e5:00: a3:f9:43:b5:a0:d7:c0:e5:b8:a3:60:08:ce:79:1c:88:d2:f5: 45:b9:37:2e:20:57:7d:05:b6:51:73:74:04:d0:2b:8c:b1:4e: 8c:d1:26:d4:7e:24:29:7c:50:3f:5b:42:14:be:6a:7a:cb:c6: 8b:e8:9c:b5:80:06:24:5a:80:eb:35:3b:1b:ca:49:bd:31:89: d8:2f:ca:d0:12:26:be:0e:34:3e:05:bd:bb:f2:f3:07:ec:e7: 1a:68:0f:41:6e:49:8a:e5:98:94:ce:8c:5a:0b:fa:06:54:0f: 8b:a5:ec:11:c8:52:47:e5:ca:a5:52:eb:2a:53:d7:93:d1:fa: 1b:10:ba:b7:0d:1e:d9:e8:79:66:df:6d:fa:36:76:e1:40:47: 4b:e4:96:42 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUJjaMiLszj21IxrcpCyu13QBTsKMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1NFoX DTI2MDIwNTEwNDQ1NFowMzExMC8GA1UEAxMoRjhGRjJDODA5MTNFNTMyRTMzMjMz MTcyRTM4NDg2Q0M0MDFCRTg2NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPI2QXVf1MFzhtL9gjUfgyeW7OJlM2x6JYEXcQj+20TIJ7466GJrpePZcdfS M7q/hwjp9EePvmAX9welfFRGE0uPew8+l1n6LCU1cMAMv3Vm+2L5rUEtUp5nNptj GJQmKPZQ/8ULgQS98VMFR192VqSApvtjwcX4/dCmEHsRlGDyKpjOTCWrKoj/xxMY ERXxHaI62Ce+uIWXJ2mdVyuKz34y6OWP/1GjRZH+WwzjVtuUjbHaDp4jp4hDHIld o9BddJZtjuBztQr0ibq5dbkltQ5cVeEN6POyISv3j5mOIjYr/Uf6gmi95Qzl5DU1 4BvhdPgzfeNGdqTN9OiUIVOAWqsCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBT4/yyA kT5TLjMjMXLjhIbMQBvoZDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzEzODA5MS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAJ0U8zANBgkqhkiG9w0BAQsFAAOCAQEAjmZMnrFGeoZoZ9oVrlZA JuiWzm7R/hI1++MDp6Qbeu23+cKtiIO1Su0C/Oyil9Qx7DkcAJbnSyrnEi+8fZ4W MbAqmb9FLYqyj7/NPurql+V0doCqNHbTB2w9MSIb7m78Jsx9GzdeTeyGReUAo/lD taDXwOW4o2AIznkciNL1Rbk3LiBXfQW2UXN0BNArjLFOjNEm1H4kKXxQP1tCFL5q esvGi+ictYAGJFqA6zU7G8pJvTGJ2C/K0BImvg40PgW9u/LzB+znGmgPQW5JiuWY lM6MWgv6BlQPi6XsEchSR+XKpVLrKlPXk9H6GxC6tw0e2eh5Zt9t+jZ24UBHS+SW Qg== -----END CERTIFICATE-----Generated at Thu Apr 24 18:01:27 2025 by rpki-client on console.sobornost.net