$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS149694.roa File: AS149694.roa (raw, json) Hash identifier: Kx89+IybkjcYt5L0G1MVytJRDlXb9P4URxURkcDUxFI= Subject key identifier: A7:9D:FC:A0:52:9A:1D:82:3E:C1:E2:99:76:17:9B:D0:21:C3:3D:C1 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 516E280C683CA9D84043CF140AEE9DF1D15C2D4C Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS149694.roa Signing time: Thu 06 Feb 2025 10:44:51 +0000 ROA not before: Thu 06 Feb 2025 10:39:51 +0000 ROA not after: Thu 05 Feb 2026 10:44:51 +0000 asID: 149694 IP address blocks: 157.20.232.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 21:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:6e:28:0c:68:3c:a9:d8:40:43:cf:14:0a:ee:9d:f1:d1:5c:2d:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Feb 6 10:39:51 2025 GMT Not After : Feb 5 10:44:51 2026 GMT Subject: CN=A79DFCA0529A1D823EC1E29976179BD021C33DC1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:07:87:1c:1d:d7:31:49:6c:c7:e2:76:ec:aa: 20:3d:13:87:69:16:63:7e:f3:2f:9c:df:2a:6c:00: 08:a2:8c:12:2b:54:78:f0:85:47:e8:ee:ae:ad:19: 3a:95:81:66:12:86:2a:38:60:44:c8:69:06:65:19: e8:58:0f:03:14:8e:14:98:28:5e:48:0d:5b:bb:c9: 18:b8:36:da:d5:0a:fe:a0:71:62:7a:56:07:8e:3e: e0:d5:d0:3e:fa:29:5a:2a:2c:f2:06:2b:a1:1c:4b: a2:6f:e8:cb:d6:b0:2d:2a:af:7e:46:73:f3:dc:a0: 6c:89:bb:2a:a9:84:62:47:e4:96:e7:32:69:6b:04: e3:0d:69:ee:99:5a:f8:a6:09:cd:87:4c:e9:49:a1: c3:b6:c6:ec:64:06:2e:e7:39:00:59:a4:df:e3:8b: 5e:bc:79:23:06:26:4d:95:b4:7e:ab:14:85:5b:3e: 64:9e:64:f7:ab:43:b8:93:4c:4d:8a:b5:b9:ba:f0: 7c:1e:8c:47:98:d9:b7:f8:64:1b:bb:32:40:1f:1a: 95:0a:bb:14:f7:0d:1c:bc:3e:9c:e1:da:18:28:64: 2f:df:87:56:2f:20:f1:29:ac:fc:d8:8b:2a:92:e1: 5c:bf:a0:1f:e8:47:a1:7e:f5:cd:29:47:28:f2:c3: 91:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:9D:FC:A0:52:9A:1D:82:3E:C1:E2:99:76:17:9B:D0:21:C3:3D:C1 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS149694.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.232.0/24 Signature Algorithm: sha256WithRSAEncryption 3b:83:89:31:2f:29:c8:1b:ef:8b:be:f5:d3:f9:10:98:ab:eb: 8b:95:62:84:6f:fa:db:d7:3d:49:1e:0f:f0:77:52:2f:b3:5a: 6c:17:7a:a4:c5:d9:dd:4f:d5:ed:ea:15:5e:55:6f:e3:8f:e2: 89:c9:de:8e:72:aa:70:bd:de:24:f9:76:db:d5:51:42:d8:8c: 6b:5d:5a:32:d2:2f:8e:e2:97:28:3a:61:8e:9b:2f:b6:f9:72: 15:3c:c1:7d:11:4f:18:d6:dd:b9:de:e3:13:63:a6:29:b7:86: 76:50:de:2e:87:f1:26:fa:d8:d4:d7:29:7e:cd:4e:33:be:b3: 5c:5d:f9:c5:76:bf:82:a9:9b:b0:a3:17:56:34:94:03:3a:ee: 19:f7:28:8c:e1:c3:71:36:ed:bb:bc:2e:df:34:25:d5:85:73: 7b:2a:29:50:11:be:b3:9f:4f:a3:30:cc:73:ef:8f:a2:1b:49: 6e:ff:0e:74:6b:30:be:9d:e8:59:f0:0d:5a:f9:1a:4c:a9:98: e3:af:19:a7:8c:05:24:1d:3c:b6:c7:4b:5a:15:b9:68:e5:36: ab:5c:c0:a7:d8:42:fc:27:a7:07:3a:5b:86:1f:a2:2f:f9:13: 80:c9:ff:90:19:49:54:94:5e:04:39:18:3e:35:68:1b:ea:d1: 8b:d1:42:e1 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUUW4oDGg8qdhAQ88UCu6d8dFcLUwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1MVoX DTI2MDIwNTEwNDQ1MVowMzExMC8GA1UEAxMoQTc5REZDQTA1MjlBMUQ4MjNFQzFF Mjk5NzYxNzlCRDAyMUMzM0RDMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKkHhxwd1zFJbMfiduyqID0Th2kWY37zL5zfKmwACKKMEitUePCFR+jurq0Z OpWBZhKGKjhgRMhpBmUZ6FgPAxSOFJgoXkgNW7vJGLg22tUK/qBxYnpWB44+4NXQ PvopWios8gYroRxLom/oy9awLSqvfkZz89ygbIm7KqmEYkfklucyaWsE4w1p7pla +KYJzYdM6Umhw7bG7GQGLuc5AFmk3+OLXrx5IwYmTZW0fqsUhVs+ZJ5k96tDuJNM TYq1ubrwfB6MR5jZt/hkG7syQB8alQq7FPcNHLw+nOHaGChkL9+HVi8g8Sms/NiL KpLhXL+gH+hHoX71zSlHKPLDkecCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSnnfyg Upodgj7B4pl2F5vQIcM9wTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE0OTY5NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAJ0U6DANBgkqhkiG9w0BAQsFAAOCAQEAO4OJMS8pyBvvi7710/kQ mKvri5VihG/629c9SR4P8HdSL7NabBd6pMXZ3U/V7eoVXlVv44/iicnejnKqcL3e JPl229VRQtiMa11aMtIvjuKXKDphjpsvtvlyFTzBfRFPGNbdud7jE2OmKbeGdlDe LofxJvrY1Ncpfs1OM76zXF35xXa/gqmbsKMXVjSUAzruGfcojOHDcTbtu7wu3zQl 1YVzeyopUBG+s59PozDMc++PohtJbv8OdGswvp3oWfANWvkaTKmY468Zp4wFJB08 tsdLWhW5aOU2q1zAp9hC/CenBzpbhh+iL/kTgMn/kBlJVJReBDkYPjVoG+rRi9FC 4Q== -----END CERTIFICATE-----Generated at Mon Apr 7 03:31:43 2025 by rpki-client