$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149344.roa File: AS149344.roa (raw, json) Hash identifier: hRGjW412qRTEvkh9z9IqgySZWHWM/BnXAQK2oA+Qglw= Subject key identifier: 97:A8:0B:91:F5:50:79:14:D8:07:A3:10:EC:0D:43:20:1B:CA:95:F9 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3621E40BB64E5BE1161085E68784B3D43E69E0FF Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149344.roa Signing time: Tue 15 Oct 2024 05:00:00 +0000 ROA not before: Tue 15 Oct 2024 04:55:00 +0000 ROA not after: Tue 14 Oct 2025 05:00:00 +0000 asID: 149344 IP address blocks: 2001:df0:d240::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 06:34:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:21:e4:0b:b6:4e:5b:e1:16:10:85:e6:87:84:b3:d4:3e:69:e0:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Oct 15 04:55:00 2024 GMT Not After : Oct 14 05:00:00 2025 GMT Subject: CN=97A80B91F5507914D807A310EC0D43201BCA95F9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:bd:47:75:af:ed:7a:27:c6:29:c3:ea:d7:df: 83:2c:c4:d8:2a:fb:b0:fa:d9:67:f9:cd:ad:49:24: 4f:37:3d:52:85:b9:2a:9f:aa:a8:96:7a:eb:e6:d5: 94:f5:ee:55:50:a3:67:2d:47:f1:74:9e:ca:7c:79: 42:2d:98:66:75:b4:14:30:36:c3:d6:88:36:29:06: 09:51:8e:ed:34:d7:bd:6c:08:f3:17:b9:71:ac:4c: 4f:68:47:ef:e5:82:e0:25:ae:c3:94:2e:e4:8e:1d: 89:28:1d:7c:f7:eb:07:bb:35:62:4e:62:04:35:cb: 60:a3:ee:fc:30:b0:44:f3:a2:2e:2b:16:dd:79:ac: b9:0b:52:24:02:be:89:bc:08:06:c7:87:13:7b:37: ef:29:c2:cf:0f:63:e8:19:6b:be:29:51:39:af:71: 97:74:45:e4:25:1a:f0:e4:14:74:ea:91:4f:89:40: 6e:06:80:ca:b9:b2:ab:c1:3a:c1:0e:f7:72:49:8c: 27:e8:11:2f:ca:3e:e5:4c:a8:ec:9c:61:4c:4c:5e: b4:6f:00:74:23:8c:96:d4:71:fa:a9:90:f7:18:20: be:6d:b1:36:e9:42:d6:54:f8:c4:ab:a7:52:91:ae: 42:9e:97:70:01:41:fe:e3:ee:1d:8f:15:14:1a:28: 4b:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:A8:0B:91:F5:50:79:14:D8:07:A3:10:EC:0D:43:20:1B:CA:95:F9 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149344.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df0:d240::/48 Signature Algorithm: sha256WithRSAEncryption 34:26:c2:7f:7c:6d:0d:1b:95:c6:1c:3e:cc:5c:e8:dc:d4:bf: fb:25:cc:7a:95:3e:7f:9b:d3:44:26:91:bd:c6:29:a0:2d:64: 79:31:e5:5d:55:99:93:00:aa:85:1c:48:06:ad:03:3e:a4:ff: 9b:3b:93:29:12:f0:34:20:ce:96:da:68:1e:c4:42:2e:c8:d1: a0:16:6c:72:1a:44:20:da:00:4f:da:b5:78:5a:9b:48:d8:9a: d8:f5:dc:7c:9a:e1:5e:5b:33:14:e0:39:37:15:53:95:a8:b4: 71:11:4e:70:21:8b:8e:3c:11:e8:79:60:9c:d1:49:80:79:53: a8:db:ee:fa:1b:ce:fb:bc:23:3e:9f:f4:3c:76:0c:e7:27:42: 5c:08:2a:73:c8:3d:bf:cf:bb:70:de:b1:0f:eb:f1:87:fd:bf: d2:9a:b4:71:9f:0f:3b:cd:84:ac:0b:96:9b:aa:f3:7a:33:3f: f1:5e:8c:39:34:ca:f7:84:10:ec:b0:d8:28:64:0b:2a:1d:9c: b2:71:a6:65:67:14:1e:5d:d6:db:84:75:e8:a3:9a:01:45:92: de:6c:3a:1e:0d:6d:99:d6:1e:fb:2d:76:65:1d:3b:90:64:20: f2:cb:99:8b:29:c1:65:7c:39:e2:19:d8:cb:33:81:12:65:2b: da:47:6e:98 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUNiHkC7ZOW+EWEIXmh4Sz1D5p4P8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTAxNTA0NTUwMFoX DTI1MTAxNDA1MDAwMFowMzExMC8GA1UEAxMoOTdBODBCOTFGNTUwNzkxNEQ4MDdB MzEwRUMwRDQzMjAxQkNBOTVGOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALi9R3Wv7XonxinD6tffgyzE2Cr7sPrZZ/nNrUkkTzc9UoW5Kp+qqJZ66+bV lPXuVVCjZy1H8XSeynx5Qi2YZnW0FDA2w9aINikGCVGO7TTXvWwI8xe5caxMT2hH 7+WC4CWuw5Qu5I4diSgdfPfrB7s1Yk5iBDXLYKPu/DCwRPOiLisW3XmsuQtSJAK+ ibwIBseHE3s37ynCzw9j6BlrvilROa9xl3RF5CUa8OQUdOqRT4lAbgaAyrmyq8E6 wQ73ckmMJ+gRL8o+5Uyo7JxhTExetG8AdCOMltRx+qmQ9xggvm2xNulC1lT4xKun UpGuQp6XcAFB/uPuHY8VFBooS5kCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBSXqAuR 9VB5FNgHoxDsDUMgG8qV+TAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTM0NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfDSQDANBgkqhkiG9w0BAQsFAAOCAQEANCbCf3xtDRuVxhw+ zFzo3NS/+yXMepU+f5vTRCaRvcYpoC1keTHlXVWZkwCqhRxIBq0DPqT/mzuTKRLw NCDOltpoHsRCLsjRoBZschpEINoAT9q1eFqbSNia2PXcfJrhXlszFOA5NxVTlai0 cRFOcCGLjjwR6HlgnNFJgHlTqNvu+hvO+7wjPp/0PHYM5ydCXAgqc8g9v8+7cN6x D+vxh/2/0pq0cZ8PO82ErAuWm6rzejM/8V6MOTTK94QQ7LDYKGQLKh2csnGmZWcU Hl3W24R16KOaAUWS3mw6Hg1tmdYe+y12ZR07kGQg8suZiynBZXw54hnYyzOBEmUr 2kdumA== -----END CERTIFICATE-----Generated at Sun Feb 16 21:02:01 2025 by rpki-client