$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS139983.roa File: AS139983.roa (raw, json) Hash identifier: gg8Xx1sxO/VrAx3fPM8armOjkn3ga91l3IEozJC2U3Q= Subject key identifier: B6:C0:E0:A2:41:C1:B9:A2:B9:F3:BD:69:F7:17:34:AD:1C:F5:FB:6F Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 27DCC87AF94621FD6429E60CE02C8D06C7037DC5 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS139983.roa Signing time: Fri 14 Feb 2025 09:35:40 +0000 ROA not before: Fri 14 Feb 2025 09:30:40 +0000 ROA not after: Fri 13 Feb 2026 09:35:40 +0000 asID: 139983 IP address blocks: 157.20.122.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 19:57:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:dc:c8:7a:f9:46:21:fd:64:29:e6:0c:e0:2c:8d:06:c7:03:7d:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 14 09:30:40 2025 GMT Not After : Feb 13 09:35:40 2026 GMT Subject: CN=B6C0E0A241C1B9A2B9F3BD69F71734AD1CF5FB6F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:f8:5e:ee:90:38:c8:fc:66:3d:25:f3:65:49: f3:4e:e0:17:ad:16:ae:e5:65:8a:9d:92:d6:aa:35: cb:46:87:25:ad:d1:b5:36:65:f9:40:af:cb:1d:e4: 8f:21:74:71:a8:e1:8f:f0:5f:94:cf:64:35:d3:11: a7:08:84:97:05:9f:1a:8c:27:b2:36:de:66:3b:9c: e4:2c:74:26:f1:76:c0:7d:70:ab:41:30:d6:0b:be: d0:cb:91:67:9b:4c:9b:54:41:08:60:84:cf:cb:81: 27:c3:a3:07:8d:15:8c:a2:90:d5:af:96:ce:e3:11: 74:77:2a:60:09:33:25:32:fb:80:cd:7e:03:f8:ca: 4b:38:35:2f:6a:bb:f0:66:b0:2d:a0:ea:da:58:15: bc:73:a5:7d:cc:36:9f:da:fb:a3:01:67:ad:a7:81: 9a:3f:5e:ac:2a:14:bb:04:88:50:df:93:97:f5:bd: c3:3b:f4:79:47:c9:6e:ae:d6:e0:97:e1:cb:f9:e5: b2:f1:4e:97:5e:53:22:57:1c:a6:80:58:b6:cd:5c: 07:91:9c:ad:b5:dc:5f:bc:ab:19:dd:f7:f7:e0:ff: a8:3f:aa:72:a5:be:c1:ee:55:ee:e3:ab:14:88:54: ab:3e:ab:94:bd:b8:e9:84:35:15:6f:ea:19:be:5d: 8e:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:C0:E0:A2:41:C1:B9:A2:B9:F3:BD:69:F7:17:34:AD:1C:F5:FB:6F X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS139983.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.122.0/23 Signature Algorithm: sha256WithRSAEncryption 62:14:f7:2e:8e:77:42:4b:6d:6e:e6:36:7d:66:7b:4a:8d:41: b9:7b:9a:8c:21:39:3d:15:06:2c:da:7a:6a:7e:f9:dd:fd:ec: c5:f4:8e:24:36:d5:03:f8:6f:9a:ef:d7:05:59:0a:0f:75:a4: 1b:f4:a0:40:68:09:48:81:5c:b3:88:b9:ee:74:dd:43:75:df: 36:3f:da:94:6d:d0:4f:a1:04:b0:0e:f4:76:b4:bb:5c:88:38: 0d:8c:de:95:cd:01:dd:bd:df:17:4f:e9:95:8d:58:2d:2c:23: f7:8e:26:10:fd:94:6c:c4:65:59:99:8f:2a:e9:02:9a:e1:c6: 9e:82:a5:e8:e5:5c:2f:ac:6c:c8:3c:8e:46:97:62:21:a4:ac: 45:63:b6:82:1a:46:58:0a:53:cc:2d:89:f6:c5:53:ff:1e:18: 95:bd:83:c4:e8:1c:fb:b6:47:e1:20:b2:e4:f2:94:e6:45:0f: a1:dc:5f:ce:b0:d3:dc:5b:37:95:bd:42:5b:d9:82:9d:7f:6c: de:12:99:d4:1f:33:7b:8e:1f:d1:fc:5e:1d:5e:6c:e6:7b:25: d6:90:06:3b:0c:ed:fa:06:af:a8:f8:cb:2b:95:74:e7:a8:fd: 42:9e:f6:3d:9c:54:a3:4c:fa:b8:89:8f:9c:f4:fc:b6:2c:b5: 51:0c:5a:11 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUJ9zIevlGIf1kKeYM4CyNBscDfcUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIxNDA5MzA0MFoX DTI2MDIxMzA5MzU0MFowMzExMC8GA1UEAxMoQjZDMEUwQTI0MUMxQjlBMkI5RjNC RDY5RjcxNzM0QUQxQ0Y1RkI2RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANz4Xu6QOMj8Zj0l82VJ807gF60WruVlip2S1qo1y0aHJa3RtTZl+UCvyx3k jyF0cajhj/BflM9kNdMRpwiElwWfGownsjbeZjuc5Cx0JvF2wH1wq0Ew1gu+0MuR Z5tMm1RBCGCEz8uBJ8OjB40VjKKQ1a+WzuMRdHcqYAkzJTL7gM1+A/jKSzg1L2q7 8GawLaDq2lgVvHOlfcw2n9r7owFnraeBmj9erCoUuwSIUN+Tl/W9wzv0eUfJbq7W 4Jfhy/nlsvFOl15TIlccpoBYts1cB5GcrbXcX7yrGd339+D/qD+qcqW+we5V7uOr FIhUqz6rlL246YQ1FW/qGb5djoUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBS2wOCi QcG5ornzvWn3FzStHPX7bzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzEzOTk4My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0UejANBgkqhkiG9w0BAQsFAAOCAQEAYhT3Lo53QkttbuY2fWZ7 So1BuXuajCE5PRUGLNp6an753f3sxfSOJDbVA/hvmu/XBVkKD3WkG/SgQGgJSIFc s4i57nTdQ3XfNj/alG3QT6EEsA70drS7XIg4DYzelc0B3b3fF0/plY1YLSwj944m EP2UbMRlWZmPKukCmuHGnoKl6OVcL6xsyDyORpdiIaSsRWO2ghpGWApTzC2J9sVT /x4Ylb2DxOgc+7ZH4SCy5PKU5kUPodxfzrDT3Fs3lb1CW9mCnX9s3hKZ1B8ze44f 0fxeHV5s5nsl1pAGOwzt+gavqPjLK5V056j9Qp72PZxUo0z6uImPnPT8tiy1UQxa EQ== -----END CERTIFICATE-----Generated at Thu Apr 24 18:01:27 2025 by rpki-client on console.sobornost.net