$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149325.roa File: AS149325.roa (raw, json) Hash identifier: 4srkyCDLtaRo01+BNfOy6jBPvJPDKoZLhjiTjpA2hlM= Subject key identifier: 69:33:BA:11:F6:B2:4F:26:F3:C2:C3:39:E8:5F:20:1B:C0:6B:80:AF Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4338E758C4E6FCA6489823DEF675B9BBB4320094 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149325.roa Signing time: Thu 08 Feb 2024 03:00:00 +0000 ROA not before: Thu 08 Feb 2024 02:55:00 +0000 ROA not after: Thu 06 Feb 2025 03:00:00 +0000 asID: 149325 IP address blocks: 103.178.172.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 13:23:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:38:e7:58:c4:e6:fc:a6:48:98:23:de:f6:75:b9:bb:b4:32:00:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Feb 8 02:55:00 2024 GMT Not After : Feb 6 03:00:00 2025 GMT Subject: CN=6933BA11F6B24F26F3C2C339E85F201BC06B80AF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:d6:bc:36:c9:39:81:f0:c1:85:80:1a:73:c1: e8:4b:de:b1:7c:b1:7e:28:08:54:25:8f:08:e6:a0: 2e:71:bb:b7:d7:fb:f9:8a:40:8f:b8:30:1d:6f:09: 0f:94:24:b3:be:6b:54:16:6d:bd:f8:5b:ea:5b:a5: fa:4d:0a:01:39:f6:58:28:e9:b5:3c:d7:94:07:3f: 30:ab:dc:e5:f8:f3:02:51:1f:20:ef:23:6d:59:81: 6c:21:09:5c:8b:89:be:80:aa:a5:7b:38:34:52:20: 4f:c0:6e:84:c1:7e:91:e9:3b:f1:8c:ed:2c:52:ec: 44:3c:1e:01:72:8d:5c:e1:76:cd:dd:f4:c3:30:68: 6e:8c:4a:16:02:f6:7a:d1:a9:0b:4a:e1:8c:ac:44: 1d:65:96:57:b3:43:00:cd:30:f6:ed:8d:68:64:46: 4d:61:a1:75:02:ac:5f:cb:24:ed:dc:ed:ce:5b:95: 3a:2d:f6:e1:73:2c:ef:bb:b9:89:2e:63:49:bd:03: 73:0e:4f:39:3c:dc:86:0a:0f:29:f8:e6:a1:5b:96: 33:17:cb:09:74:06:28:8a:d2:34:18:ef:bb:80:49: b5:a4:f2:c8:d0:ec:af:d0:22:48:21:17:81:60:05: fe:85:d7:ac:da:cd:e0:93:2f:16:23:cc:74:20:26: ed:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:33:BA:11:F6:B2:4F:26:F3:C2:C3:39:E8:5F:20:1B:C0:6B:80:AF X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149325.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.178.172.0/23 Signature Algorithm: sha256WithRSAEncryption 1c:cc:1d:eb:a7:00:cf:36:0b:e3:9a:c1:36:59:9b:f4:f9:d4: fc:44:c5:cb:15:64:2f:6c:64:9a:e1:f5:fb:ea:7f:eb:3f:64: 92:7b:9d:2e:11:65:68:7f:6e:32:cc:6d:20:72:cd:e4:b9:7f: 6c:18:49:e6:e4:1d:0e:e8:68:78:74:cb:24:f7:03:cf:60:d7: ca:2f:ff:c3:1c:b7:ac:58:e7:69:d5:c8:15:34:d2:6c:15:01: 14:1c:4c:11:10:d1:cd:86:3d:4c:fe:98:16:42:55:85:6a:96: a9:01:ca:e5:39:f4:29:f2:a6:f4:f9:4a:42:26:9e:d3:6f:7f: 44:98:0e:7a:ec:95:2b:b3:28:a1:9e:32:2e:64:8d:d5:40:bc: 1c:56:5a:e0:88:49:c4:0c:35:90:42:5b:80:36:a7:6a:03:06: 83:54:2a:47:57:23:08:fd:50:8a:e0:37:0c:82:2c:36:c0:78: c9:98:22:ff:91:09:04:af:5a:b4:0b:88:47:ee:38:22:48:f1: cc:23:54:63:2b:59:d3:96:c8:ca:cc:f6:4d:03:5d:5b:ed:f6: 00:ee:d1:3c:bc:06:6d:cc:24:3e:aa:ac:4b:e0:72:19:dc:83: 1b:47:04:2a:9c:9c:13:a7:c9:18:b5:de:36:00:1d:12:aa:f0: 70:10:ac:36 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUQzjnWMTm/KZImCPe9nW5u7QyAJQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDIwODAyNTUwMFoX DTI1MDIwNjAzMDAwMFowMzExMC8GA1UEAxMoNjkzM0JBMTFGNkIyNEYyNkYzQzJD MzM5RTg1RjIwMUJDMDZCODBBRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANbWvDbJOYHwwYWAGnPB6EvesXyxfigIVCWPCOagLnG7t9f7+YpAj7gwHW8J D5Qks75rVBZtvfhb6lul+k0KATn2WCjptTzXlAc/MKvc5fjzAlEfIO8jbVmBbCEJ XIuJvoCqpXs4NFIgT8BuhMF+kek78YztLFLsRDweAXKNXOF2zd30wzBoboxKFgL2 etGpC0rhjKxEHWWWV7NDAM0w9u2NaGRGTWGhdQKsX8sk7dztzluVOi324XMs77u5 iS5jSb0Dcw5POTzchgoPKfjmoVuWMxfLCXQGKIrSNBjvu4BJtaTyyNDsr9AiSCEX gWAF/oXXrNrN4JMvFiPMdCAm7b0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRpM7oR 9rJPJvPCwznoXyAbwGuArzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTMyNS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWeyrDANBgkqhkiG9w0BAQsFAAOCAQEAHMwd66cAzzYL45rBNlmb 9PnU/ETFyxVkL2xkmuH1++p/6z9kknudLhFlaH9uMsxtIHLN5Ll/bBhJ5uQdDuho eHTLJPcDz2DXyi//wxy3rFjnadXIFTTSbBUBFBxMERDRzYY9TP6YFkJVhWqWqQHK 5Tn0KfKm9PlKQiae029/RJgOeuyVK7MooZ4yLmSN1UC8HFZa4IhJxAw1kEJbgDan agMGg1QqR1cjCP1QiuA3DIIsNsB4yZgi/5EJBK9atAuIR+44IkjxzCNUYytZ05bI ysz2TQNdW+32AO7RPLwGbcwkPqqsS+ByGdyDG0cEKpycE6fJGLXeNgAdEqrwcBCs Ng== -----END CERTIFICATE-----Generated at Wed May 8 09:50:38 2024 by rpki-client on console-fra.rpki-client.org