$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149324.roa File: AS149324.roa (raw, json) Hash identifier: 8Rzii7J2VH/Uuk4bO53PxntN0C8T331e+n48nLJpqvw= Subject key identifier: 43:25:7A:24:CE:09:88:03:C3:8F:AB:09:49:D3:98:DA:32:AD:B5:9C Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 490812576B230857D7510172C8FA85CA3EF40702 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149324.roa Signing time: Wed 26 Mar 2025 05:00:00 +0000 ROA not before: Wed 26 Mar 2025 04:55:00 +0000 ROA not after: Wed 25 Mar 2026 05:00:00 +0000 asID: 149324 IP address blocks: 2001:df0:5dc0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:08:12:57:6b:23:08:57:d7:51:01:72:c8:fa:85:ca:3e:f4:07:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Mar 26 04:55:00 2025 GMT Not After : Mar 25 05:00:00 2026 GMT Subject: CN=43257A24CE098803C38FAB0949D398DA32ADB59C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:f9:1f:d2:14:5d:ed:13:3e:11:2c:ad:6d:6a: a8:2d:9e:34:38:f1:68:33:5e:23:e4:23:f8:de:e8: 50:e4:23:51:86:80:2f:36:f9:eb:e1:5a:53:b4:b5: d8:2e:c4:a3:b0:94:26:d4:64:86:8e:c7:54:18:29: 41:4e:2a:d8:cf:ce:27:01:06:89:7d:63:26:63:38: e6:70:4e:ef:19:20:3c:49:d3:71:a5:6e:a3:09:de: bf:9b:1f:07:da:cc:a4:b9:94:ae:85:79:a8:49:9d: d7:3d:6a:1b:49:04:0e:9f:0e:d4:c1:4a:d1:79:02: fe:64:1f:9c:f7:fe:d7:f6:14:74:d5:16:47:60:9a: 6a:f4:18:6a:fc:8a:a8:99:a6:cc:a8:c9:64:fe:27: b9:7d:3d:e8:99:77:44:e9:f7:b3:76:a7:ec:4f:ba: 1d:f9:35:bc:9a:8d:b6:11:70:b2:6c:05:41:61:54: 90:bd:cd:7e:1f:e6:f2:0c:cd:0f:af:6f:ec:8c:27: b5:f4:9f:29:5e:75:f7:06:3e:ba:02:86:cd:3c:3f: 4a:0f:72:fd:e7:b5:cc:37:a4:d1:0b:aa:2a:83:60: 72:15:f7:13:b5:ff:87:6e:3a:70:be:22:11:9a:3c: db:20:11:8c:8c:70:39:67:8c:6c:1b:d2:85:68:a9: e3:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:25:7A:24:CE:09:88:03:C3:8F:AB:09:49:D3:98:DA:32:AD:B5:9C X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149324.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df0:5dc0::/48 Signature Algorithm: sha256WithRSAEncryption 29:6a:07:93:d9:91:ea:c9:85:c7:72:8b:dd:dc:50:33:50:55: b9:02:15:3c:88:c2:d5:64:c2:13:21:e6:d7:f9:5e:12:25:3a: e5:cd:e1:2e:0a:27:70:f1:88:e3:c0:b4:c4:09:ff:26:09:08: 6d:e7:c3:fb:3d:90:1f:d9:a0:0e:04:66:f4:87:97:05:26:84: b8:82:14:a9:4d:46:14:9f:a3:dd:86:58:b2:ec:5a:a4:e9:73: ac:a7:73:83:7d:3e:19:7a:61:66:8c:ce:87:b6:61:89:8b:c5: ff:ca:bd:7f:f3:64:3c:d7:4d:eb:68:7f:4d:49:32:10:b6:f0: ae:30:8e:94:04:5f:3e:b5:d7:b4:d4:48:4b:f0:02:cd:98:0e: cf:15:00:00:34:f1:7e:f2:f4:0d:2b:a0:58:fb:15:ff:22:2c: 51:7a:36:74:4c:6c:50:7d:01:44:3c:94:3c:38:c7:2d:c0:06: bd:aa:9f:4d:0e:cb:9e:4e:ba:b8:c7:e1:2a:95:23:5d:2f:9a: 86:42:f5:38:51:ad:74:46:72:a8:ce:3d:36:ea:ac:5a:84:9d: eb:0a:dc:02:60:29:7c:0c:17:b5:f4:35:66:7a:16:d9:d0:4d: ce:77:1b:ca:ec:1c:c3:8a:46:85:dc:bb:cf:77:78:97:8f:93: e8:95:7d:22 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUSQgSV2sjCFfXUQFyyPqFyj70BwIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDMyNjA0NTUwMFoX DTI2MDMyNTA1MDAwMFowMzExMC8GA1UEAxMoNDMyNTdBMjRDRTA5ODgwM0MzOEZB QjA5NDlEMzk4REEzMkFEQjU5QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMX5H9IUXe0TPhEsrW1qqC2eNDjxaDNeI+Qj+N7oUOQjUYaALzb56+FaU7S1 2C7Eo7CUJtRkho7HVBgpQU4q2M/OJwEGiX1jJmM45nBO7xkgPEnTcaVuownev5sf B9rMpLmUroV5qEmd1z1qG0kEDp8O1MFK0XkC/mQfnPf+1/YUdNUWR2CaavQYavyK qJmmzKjJZP4nuX096Jl3ROn3s3an7E+6Hfk1vJqNthFwsmwFQWFUkL3Nfh/m8gzN D69v7IwntfSfKV519wY+ugKGzTw/Sg9y/ee1zDek0QuqKoNgchX3E7X/h246cL4i EZo82yARjIxwOWeMbBvShWip49MCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBRDJXok zgmIA8OPqwlJ05jaMq21nDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTMyNC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfBdwDANBgkqhkiG9w0BAQsFAAOCAQEAKWoHk9mR6smFx3KL 3dxQM1BVuQIVPIjC1WTCEyHm1/leEiU65c3hLgoncPGI48C0xAn/JgkIbefD+z2Q H9mgDgRm9IeXBSaEuIIUqU1GFJ+j3YZYsuxapOlzrKdzg30+GXphZozOh7ZhiYvF /8q9f/NkPNdN62h/TUkyELbwrjCOlARfPrXXtNRIS/ACzZgOzxUAADTxfvL0DSug WPsV/yIsUXo2dExsUH0BRDyUPDjHLcAGvaqfTQ7Lnk66uMfhKpUjXS+ahkL1OFGt dEZyqM49NuqsWoSd6wrcAmApfAwXtfQ1ZnoW2dBNzncbyuwcw4pGhdy7z3d4l4+T 6JV9Ig== -----END CERTIFICATE-----Generated at Sat Apr 5 06:23:55 2025 by rpki-client