$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149333.roa File: AS149333.roa (raw, json) Hash identifier: kiATKZHNAJvQRRsxokfP0ntZnAsdPNbwZXGWnbn2HnE= Subject key identifier: 88:A4:E0:2C:5D:24:6E:20:C1:8B:D5:49:E9:4E:FF:6A:4F:8F:ED:F9 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3ABCBF90C453B5A0934D4096AB04BE80CECE38F5 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149333.roa Signing time: Fri 05 Jul 2024 05:00:00 +0000 ROA not before: Fri 05 Jul 2024 04:55:00 +0000 ROA not after: Fri 04 Jul 2025 05:00:00 +0000 asID: 149333 IP address blocks: 2400:a360::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:bc:bf:90:c4:53:b5:a0:93:4d:40:96:ab:04:be:80:ce:ce:38:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 5 04:55:00 2024 GMT Not After : Jul 4 05:00:00 2025 GMT Subject: CN=88A4E02C5D246E20C18BD549E94EFF6A4F8FEDF9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fb:c4:e8:22:30:e4:c9:c5:03:e3:c4:70:c2:7a: a2:79:24:0f:10:e0:07:0f:ae:b7:6d:3a:9e:6a:1c: 9d:61:7d:e5:82:67:91:17:80:0b:2b:01:89:d8:c0: 48:65:f3:ea:e2:da:34:80:45:06:7e:6d:9b:87:9d: d3:bd:dc:65:ff:f1:f0:fb:db:39:30:f7:42:64:a4: 4f:f0:da:01:45:c6:e1:46:9a:ef:60:15:0a:de:dd: 6b:b3:42:29:d2:50:b6:98:57:30:da:10:0e:ee:0f: 0c:c4:f6:7f:90:99:13:a5:99:ea:3d:0d:c0:d5:72: 3b:f3:8c:f4:c4:29:d6:ed:f3:1a:23:1b:5f:f4:95: bd:cc:f6:58:6c:ab:96:0a:be:7c:51:12:76:f5:cd: d8:65:9e:37:01:4e:d5:92:f8:07:0e:66:6c:8c:cf: 76:78:00:72:13:7e:0f:f1:ef:2c:84:7f:04:96:0d: 8d:e8:8f:8d:ed:d7:d9:80:a8:56:13:41:9c:bf:b5: eb:a8:d7:f2:42:e1:9b:d8:ad:00:1e:c8:7a:49:3c: 70:eb:bb:c6:c4:e4:da:85:e4:a1:76:7a:05:d6:18: 8a:6a:ed:b8:57:11:96:c8:df:9e:14:f6:90:76:da: 67:b9:b0:ac:36:9a:c6:a0:e0:f3:09:81:31:2f:12: 62:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:A4:E0:2C:5D:24:6E:20:C1:8B:D5:49:E9:4E:FF:6A:4F:8F:ED:F9 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149333.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:a360::/32 Signature Algorithm: sha256WithRSAEncryption 91:44:c7:83:66:cb:4a:46:dd:80:93:48:23:c5:b6:a6:46:8d: ba:18:bc:29:f4:08:6f:58:fc:7e:c7:b7:82:b6:24:a4:03:50: 89:de:98:8d:96:ce:1d:fd:00:f8:f7:a9:c8:72:8f:0c:17:3f: ab:5d:b2:f5:19:8a:8c:37:74:17:aa:31:58:a0:3b:c3:ae:14: 88:26:c8:b0:f6:88:dd:c8:23:5e:7c:3b:8a:8f:08:9c:3e:5c: e5:63:30:7d:1f:68:9a:90:79:11:c5:d2:e7:1b:a7:aa:2d:7c: 97:fd:95:40:32:cf:5f:a3:6a:ef:ef:d0:e0:b4:ef:5c:52:55: 30:23:64:5f:da:d4:33:3f:09:0a:69:d1:ea:a5:8b:0c:6d:ea: ae:cd:8b:49:ef:ed:80:3a:5c:0d:e8:1e:43:54:44:f6:2c:8b: 33:63:f9:ee:79:a3:c2:81:2b:a9:b0:37:f2:6d:20:dd:75:b5: a6:ed:0a:0f:69:cc:28:a7:44:c2:ae:6b:f3:d6:bf:c8:6b:4b: 11:b7:79:51:03:09:76:50:6f:cf:bb:3a:46:03:e9:fd:22:0e: e8:5d:c7:b6:f1:02:76:43:92:8c:4b:47:d0:5a:0a:bf:86:5a: b2:91:18:6f:a1:df:c6:4c:86:4f:46:25:77:99:80:34:a7:f5: b3:ef:5b:88 -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIUOry/kMRTtaCTTUCWqwS+gM7OOPUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDcwNTA0NTUwMFoX DTI1MDcwNDA1MDAwMFowMzExMC8GA1UEAxMoODhBNEUwMkM1RDI0NkUyMEMxOEJE NTQ5RTk0RUZGNkE0RjhGRURGOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPvE6CIw5MnFA+PEcMJ6onkkDxDgBw+ut206nmocnWF95YJnkReACysBidjA SGXz6uLaNIBFBn5tm4ed073cZf/x8PvbOTD3QmSkT/DaAUXG4Uaa72AVCt7da7NC KdJQtphXMNoQDu4PDMT2f5CZE6WZ6j0NwNVyO/OM9MQp1u3zGiMbX/SVvcz2WGyr lgq+fFESdvXN2GWeNwFO1ZL4Bw5mbIzPdngAchN+D/HvLIR/BJYNjeiPje3X2YCo VhNBnL+166jX8kLhm9itAB7Iekk8cOu7xsTk2oXkoXZ6BdYYimrtuFcRlsjfnhT2 kHbaZ7mwrDaaxqDg8wmBMS8SYmkCAwEAAaOCAdEwggHNMB0GA1UdDgQWBBSIpOAs XSRuIMGL1UnpTv9qT4/t+TAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTMzMy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQAo2AwDQYJKoZIhvcNAQELBQADggEBAJFEx4Nmy0pG3YCTSCPF tqZGjboYvCn0CG9Y/H7Ht4K2JKQDUInemI2Wzh39APj3qchyjwwXP6tdsvUZiow3 dBeqMVigO8OuFIgmyLD2iN3II158O4qPCJw+XOVjMH0faJqQeRHF0ucbp6otfJf9 lUAyz1+jau/v0OC071xSVTAjZF/a1DM/CQpp0eqliwxt6q7Ni0nv7YA6XA3oHkNU RPYsizNj+e55o8KBK6mwN/JtIN11tabtCg9pzCinRMKua/PWv8hrSxG3eVEDCXZQ b8+7OkYD6f0iDuhdx7bxAnZDkoxLR9BaCr+GWrKRGG+h38ZMhk9GJXeZgDSn9bPv W4g= -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:48 2024 by rpki-client on console-ams.rpki-client.org