$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149324.roa File: AS149324.roa (raw, json) Hash identifier: rkl7sied/CCyLH3MlRJJGdFIzLwaO751GoKnd5qChY4= Subject key identifier: 67:C4:36:C0:F5:EC:46:CF:0C:E4:E5:19:B5:8E:1D:A9:9A:3E:C7:E9 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1FE83CEED833200C9F1D477822ECB52DA5ECE297 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149324.roa Signing time: Wed 24 Apr 2024 04:14:36 +0000 ROA not before: Wed 24 Apr 2024 04:09:36 +0000 ROA not after: Wed 23 Apr 2025 04:14:36 +0000 asID: 149324 IP address blocks: 2001:df0:5dc0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 00:20:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:e8:3c:ee:d8:33:20:0c:9f:1d:47:78:22:ec:b5:2d:a5:ec:e2:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Apr 24 04:09:36 2024 GMT Not After : Apr 23 04:14:36 2025 GMT Subject: CN=67C436C0F5EC46CF0CE4E519B58E1DA99A3EC7E9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:fa:25:c7:e3:68:31:ab:ea:da:df:b5:75:46: 6b:6c:f2:8b:50:7d:f0:be:a2:d3:e8:43:24:46:b5: fc:1d:09:35:99:d3:a6:2e:c4:66:f2:72:28:46:08: 15:98:c1:be:cc:05:40:54:92:4f:66:db:67:16:7f: 4b:12:b1:9f:6f:ed:5d:08:40:25:46:fb:bb:1a:eb: 68:6a:b7:41:44:bc:8f:61:6a:fc:12:be:d2:a5:5c: 3b:d1:78:29:46:08:55:36:34:2f:cf:26:ed:39:43: df:0b:54:af:03:40:09:3a:8f:0b:cd:14:ba:7b:84: c5:86:44:d4:8e:20:c1:18:15:c3:c5:f8:d1:15:d2: cc:a6:6a:2a:53:16:1f:93:5f:eb:fa:6b:dc:dd:f9: ee:c9:40:75:30:0f:7e:6c:52:ee:45:2c:ae:a2:5a: 29:ae:6b:58:ee:34:9b:ab:a7:be:a4:84:fe:6e:a0: c2:84:20:36:ff:09:5a:6b:98:63:ad:16:b7:61:41: 8f:b2:11:f8:23:7f:31:5d:af:4b:55:83:72:cb:9d: a4:8b:8b:c6:75:bd:40:73:d9:b1:54:d4:28:73:e5: b2:89:b0:10:df:09:8c:86:09:b6:ad:4f:e9:7b:41: 65:a8:ef:6f:ac:5a:c6:fb:ac:cb:db:4c:ed:8b:47: f8:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:C4:36:C0:F5:EC:46:CF:0C:E4:E5:19:B5:8E:1D:A9:9A:3E:C7:E9 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149324.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df0:5dc0::/48 Signature Algorithm: sha256WithRSAEncryption 22:30:1b:96:1d:1f:f6:c0:b1:23:7a:61:b5:d9:41:0f:d8:8a: 31:45:02:80:18:76:cd:b8:23:b8:4d:22:07:b6:e4:03:20:43: b8:a7:5b:8a:69:2b:8a:0c:0f:c3:b1:9a:42:12:e0:b0:0d:91: 46:d8:1b:54:5f:06:81:50:e1:f3:83:d5:0b:ae:d6:a7:e2:1c: cf:da:c2:f5:c7:01:9e:b5:a1:40:aa:5c:37:de:ef:66:e2:69: 48:95:94:39:e8:a9:3e:7b:fd:b3:6d:c9:be:58:82:bd:f8:f6: da:55:31:6d:25:45:db:5b:cb:8c:4c:da:82:36:49:94:45:50: 6a:93:7d:df:9d:86:b9:ca:6c:f4:ba:08:cd:5c:7a:e7:8c:42: 76:a5:62:e7:bd:2a:c8:4c:4c:16:eb:b6:eb:b1:56:d6:18:ac: 7f:c3:09:7d:1c:bc:77:de:b3:32:13:d6:e7:7a:c4:32:c8:27: 97:65:9a:83:b3:dc:ff:3d:18:b9:9a:aa:71:5f:55:8d:d0:85: 85:40:ed:66:cf:f2:36:cd:3e:c1:aa:1b:45:3e:45:cd:c5:3a: 3c:f1:f1:ca:9c:a1:86:9a:65:eb:85:73:7f:5e:9a:e6:69:31: 9d:3f:23:f9:55:5e:f6:a0:28:b8:0e:e5:45:14:1b:7f:8e:1d: 7d:37:0c:c6 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUH+g87tgzIAyfHUd4Iuy1LaXs4pcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDQyNDA0MDkzNloX DTI1MDQyMzA0MTQzNlowMzExMC8GA1UEAxMoNjdDNDM2QzBGNUVDNDZDRjBDRTRF NTE5QjU4RTFEQTk5QTNFQzdFOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJz6JcfjaDGr6trftXVGa2zyi1B98L6i0+hDJEa1/B0JNZnTpi7EZvJyKEYI FZjBvswFQFSST2bbZxZ/SxKxn2/tXQhAJUb7uxrraGq3QUS8j2Fq/BK+0qVcO9F4 KUYIVTY0L88m7TlD3wtUrwNACTqPC80UunuExYZE1I4gwRgVw8X40RXSzKZqKlMW H5Nf6/pr3N357slAdTAPfmxS7kUsrqJaKa5rWO40m6unvqSE/m6gwoQgNv8JWmuY Y60Wt2FBj7IR+CN/MV2vS1WDcsudpIuLxnW9QHPZsVTUKHPlsomwEN8JjIYJtq1P 6XtBZajvb6xaxvusy9tM7YtH+J0CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBRnxDbA 9exGzwzk5Rm1jh2pmj7H6TAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTMyNC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfBdwDANBgkqhkiG9w0BAQsFAAOCAQEAIjAblh0f9sCxI3ph tdlBD9iKMUUCgBh2zbgjuE0iB7bkAyBDuKdbimkrigwPw7GaQhLgsA2RRtgbVF8G gVDh84PVC67Wp+Icz9rC9ccBnrWhQKpcN97vZuJpSJWUOeipPnv9s23JvliCvfj2 2lUxbSVF21vLjEzagjZJlEVQapN9352Gucps9LoIzVx654xCdqVi570qyExMFuu2 67FW1hisf8MJfRy8d96zMhPW53rEMsgnl2Wag7Pc/z0YuZqqcV9VjdCFhUDtZs/y Ns0+waobRT5FzcU6PPHxypyhhppl64Vzf16a5mkxnT8j+VVe9qAouA7lRRQbf44d fTcMxg== -----END CERTIFICATE-----Generated at Thu May 9 00:37:06 2024 by rpki-client on console-fra.rpki-client.org