$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149344.roa File: AS149344.roa (raw, json) Hash identifier: WMhdV8t4U5p1/7//O9xPqjIqD8YdCrFwWW68OJ14L48= Subject key identifier: 99:33:35:6D:74:EE:C5:8E:4E:99:C7:8D:E5:02:D5:37:45:36:BE:79 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 30BA7C4CB2C31D24E3C185233628A4B7A4FC9494 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149344.roa Signing time: Tue 14 Nov 2023 05:00:00 +0000 ROA not before: Tue 14 Nov 2023 04:55:00 +0000 ROA not after: Tue 12 Nov 2024 05:00:00 +0000 asID: 149344 IP address blocks: 2001:df0:d240::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 00:20:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:ba:7c:4c:b2:c3:1d:24:e3:c1:85:23:36:28:a4:b7:a4:fc:94:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 14 04:55:00 2023 GMT Not After : Nov 12 05:00:00 2024 GMT Subject: CN=9933356D74EEC58E4E99C78DE502D5374536BE79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:0e:47:8b:cf:32:21:b5:4e:7e:76:ac:92:04: db:4e:34:05:e3:8f:33:af:52:a9:1d:de:dc:18:77: 71:1d:6e:bc:bf:f3:d4:61:e2:e2:e8:11:d1:93:66: ed:61:73:00:aa:26:c5:1c:80:f3:42:9b:32:26:31: 93:8e:e5:b0:ce:cf:6e:52:e1:0b:5a:87:5e:35:7a: 1c:6b:cd:99:d8:17:7f:55:ad:56:38:37:67:6d:d9: 2e:8d:39:70:cc:8b:10:9d:64:dc:b6:65:42:d2:cd: f3:57:20:82:08:78:54:2a:d4:00:6d:50:8b:91:66: f6:9f:cb:6e:b9:c9:b8:98:a9:69:0b:c5:1c:66:c9: 1a:32:60:0e:90:0d:6a:29:36:e3:c0:b8:91:19:f1: bc:84:11:5f:31:3d:be:85:ed:2f:87:d3:18:28:8e: 81:92:5a:47:ae:61:b0:7d:9d:cc:aa:bf:25:3b:9e: 07:53:1a:d3:98:08:4a:9c:db:89:39:10:44:ac:61: 2f:12:22:7a:fe:7e:59:33:69:b6:a0:96:fd:05:da: 5d:55:e1:c5:25:f5:bb:c5:32:26:a9:c7:39:09:22: 08:10:80:55:e9:84:75:58:65:c5:d8:bf:7d:ae:1b: a0:fe:64:82:b2:ad:c4:ee:65:a1:c9:53:6b:e7:f2: 73:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:33:35:6D:74:EE:C5:8E:4E:99:C7:8D:E5:02:D5:37:45:36:BE:79 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149344.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df0:d240::/48 Signature Algorithm: sha256WithRSAEncryption 34:77:9e:3f:aa:20:e8:4d:8e:68:70:7f:12:2d:b5:75:41:62: bd:a3:fc:42:71:f8:40:d3:88:57:4b:2e:70:cd:34:25:64:39: 20:5c:b1:dd:f1:e0:59:99:35:a3:82:0e:dc:ef:ac:d4:f6:8c: 10:00:e7:30:66:db:67:93:f3:b6:dc:f1:1d:b1:79:d6:0a:b1: bf:5d:12:06:d0:ee:48:c8:27:d3:aa:28:e4:2f:de:c6:64:cf: bc:2c:45:77:61:bd:c8:35:d0:34:1a:f9:fa:08:21:d1:3b:6f: 21:ec:2d:c0:cc:39:f4:3c:70:d8:f8:28:ba:de:19:71:5c:f4: 0d:cf:32:9a:8e:f7:b9:d4:54:a9:d1:fd:7c:d4:35:9e:2b:9b: ee:67:c2:78:bb:fc:8b:a0:51:af:98:5b:ac:5a:e7:5a:f2:84: f3:b2:6d:de:4b:45:5a:4f:69:39:c2:cf:0b:d0:ad:a5:a8:21: 05:b9:02:5e:63:14:28:c7:a0:d8:b2:ed:5d:7e:0e:13:f4:18: 2f:d0:93:75:55:5f:c7:41:80:5d:67:43:80:05:a4:da:e4:3e: c2:39:22:ca:ea:7a:ef:8f:c0:e6:83:e2:2e:07:71:35:6a:ba: 67:5c:ff:5e:7a:28:29:ff:5e:67:73:27:d6:69:fb:57:3a:df: 9a:62:75:dc -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUMLp8TLLDHSTjwYUjNiikt6T8lJQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMTExNDA0NTUwMFoX DTI0MTExMjA1MDAwMFowMzExMC8GA1UEAxMoOTkzMzM1NkQ3NEVFQzU4RTRFOTlD NzhERTUwMkQ1Mzc0NTM2QkU3OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM8OR4vPMiG1Tn52rJIE2040BeOPM69SqR3e3Bh3cR1uvL/z1GHi4ugR0ZNm 7WFzAKomxRyA80KbMiYxk47lsM7PblLhC1qHXjV6HGvNmdgXf1WtVjg3Z23ZLo05 cMyLEJ1k3LZlQtLN81cgggh4VCrUAG1Qi5Fm9p/LbrnJuJipaQvFHGbJGjJgDpAN aik248C4kRnxvIQRXzE9voXtL4fTGCiOgZJaR65hsH2dzKq/JTueB1Ma05gISpzb iTkQRKxhLxIiev5+WTNptqCW/QXaXVXhxSX1u8UyJqnHOQkiCBCAVemEdVhlxdi/ fa4boP5kgrKtxO5loclTa+fyc8ECAwEAAaOCAdMwggHPMB0GA1UdDgQWBBSZMzVt dO7Fjk6Zx43lAtU3RTa+eTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTM0NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfDSQDANBgkqhkiG9w0BAQsFAAOCAQEANHeeP6og6E2OaHB/ Ei21dUFivaP8QnH4QNOIV0sucM00JWQ5IFyx3fHgWZk1o4IO3O+s1PaMEADnMGbb Z5PzttzxHbF51gqxv10SBtDuSMgn06oo5C/exmTPvCxFd2G9yDXQNBr5+ggh0Ttv IewtwMw59Dxw2Pgout4ZcVz0Dc8ymo73udRUqdH9fNQ1niub7mfCeLv8i6BRr5hb rFrnWvKE87Jt3ktFWk9pOcLPC9CtpaghBbkCXmMUKMeg2LLtXX4OE/QYL9CTdVVf x0GAXWdDgAWk2uQ+wjkiyup674/A5oPiLgdxNWq6Z1z/XnooKf9eZ3Mn1mn7Vzrf mmJ13A== -----END CERTIFICATE-----Generated at Thu May 9 00:37:06 2024 by rpki-client on console-fra.rpki-client.org