$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149353.roa File: AS149353.roa (raw, json) Hash identifier: RD80NKq46+JL7s4W75GjUuReDi4Oce/1POsQgTtXtAQ= Subject key identifier: AB:6C:F3:7C:69:E1:50:64:42:6C:E0:FB:1E:11:8C:BD:C5:A1:99:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 60C3D0C4C66744C037EEEEB37F5CCB3CC92EC96E Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149353.roa Signing time: Fri 10 Jan 2025 07:00:00 +0000 ROA not before: Fri 10 Jan 2025 06:55:00 +0000 ROA not after: Fri 09 Jan 2026 07:00:00 +0000 asID: 149353 IP address blocks: 2001:df2:1340::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 06:34:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:c3:d0:c4:c6:67:44:c0:37:ee:ee:b3:7f:5c:cb:3c:c9:2e:c9:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Jan 10 06:55:00 2025 GMT Not After : Jan 9 07:00:00 2026 GMT Subject: CN=AB6CF37C69E15064426CE0FB1E118CBDC5A1996B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:b0:0b:64:ee:50:54:66:d7:1c:1c:41:e9:bd: 93:e6:b3:4d:73:9d:29:43:12:e9:c2:f6:02:9f:b8: 5b:5b:89:77:fb:81:89:9b:9e:4c:7f:67:ba:5e:fb: 0d:66:78:cb:c3:a0:1c:10:e7:78:b2:cf:c7:f7:b8: 72:72:3b:0a:5d:84:26:08:8c:03:8e:d4:c7:99:65: 86:70:26:a6:df:26:f9:42:01:77:a0:98:dd:1c:f3: b2:19:8b:48:be:f6:36:e2:23:cf:1d:36:ed:18:3f: fe:9e:fd:53:8b:c4:fc:ec:12:67:1c:5f:ba:02:3b: 08:44:ee:51:44:8d:41:b3:ce:e6:03:15:09:7f:6d: 80:f6:a1:08:a6:89:9f:f3:6a:f9:b7:32:dd:61:9a: 7e:94:91:ac:78:35:b5:39:21:4b:08:a3:78:0e:90: c4:74:aa:f8:9a:9b:46:61:ab:58:91:94:f1:77:13: 68:3d:26:bc:9e:85:f6:77:28:87:be:17:57:62:78: f1:6c:93:0f:11:97:f2:94:c7:bc:1f:36:2c:67:fb: b7:2e:93:4c:5e:35:fb:f0:5d:80:08:0c:b2:2d:ff: 86:2c:56:7b:57:fc:c7:18:37:af:5f:62:8a:55:31: f3:7b:d1:b9:3a:34:82:ce:2a:c0:75:46:69:e6:14: 2c:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:6C:F3:7C:69:E1:50:64:42:6C:E0:FB:1E:11:8C:BD:C5:A1:99:6B X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149353.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:1340::/48 Signature Algorithm: sha256WithRSAEncryption 59:f5:36:a3:d5:4d:05:6a:fe:15:d8:35:5f:0e:78:ec:fe:c3: c9:9f:20:44:75:1d:f5:6a:a0:06:ff:e1:05:e5:ff:9c:c5:c7: 26:35:49:a1:df:27:9d:24:52:27:8c:95:cd:5c:19:ff:d0:b1: 7f:dc:b3:01:7a:1b:a9:df:d4:4d:81:87:77:03:aa:e6:48:fb: e8:dc:ea:76:c2:f5:a8:15:5d:82:2f:b7:c1:2c:05:fc:a0:1c: eb:be:ec:cf:ce:f1:b1:70:ce:f5:a3:f6:df:b7:2a:ac:cf:07: 8e:69:fd:24:d3:b8:3d:97:4c:dd:1e:78:27:48:71:41:38:49: b4:14:57:ba:44:44:01:53:f9:0c:f9:35:f8:a5:7e:cf:28:ca: 61:fd:8f:b5:86:d9:2a:6d:2e:f6:4b:90:6d:3d:72:62:fe:bf: 42:55:3f:61:7b:93:9c:71:1c:13:47:05:f9:19:7a:29:1b:9e: 34:fe:97:16:78:ca:bf:1a:52:73:07:a7:ec:e6:19:ae:37:d0: 58:c2:02:68:71:96:5b:29:e5:d8:c0:df:e3:ff:7d:bd:1a:b3: c4:57:4a:b1:d6:bc:ea:c2:05:5e:65:d6:3f:eb:41:57:06:fa: f0:86:08:04:73:a3:68:b2:ce:46:03:9f:0c:78:3c:02:ec:c5: ad:ae:3d:cb -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUYMPQxMZnRMA37u6zf1zLPMkuyW4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDExMDA2NTUwMFoX DTI2MDEwOTA3MDAwMFowMzExMC8GA1UEAxMoQUI2Q0YzN0M2OUUxNTA2NDQyNkNF MEZCMUUxMThDQkRDNUExOTk2QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMmwC2TuUFRm1xwcQem9k+azTXOdKUMS6cL2Ap+4W1uJd/uBiZueTH9nul77 DWZ4y8OgHBDneLLPx/e4cnI7Cl2EJgiMA47Ux5llhnAmpt8m+UIBd6CY3RzzshmL SL72NuIjzx027Rg//p79U4vE/OwSZxxfugI7CETuUUSNQbPO5gMVCX9tgPahCKaJ n/Nq+bcy3WGafpSRrHg1tTkhSwijeA6QxHSq+JqbRmGrWJGU8XcTaD0mvJ6F9nco h74XV2J48WyTDxGX8pTHvB82LGf7ty6TTF41+/BdgAgMsi3/hixWe1f8xxg3r19i ilUx83vRuTo0gs4qwHVGaeYULC0CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBSrbPN8 aeFQZEJs4PseEYy9xaGZazAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTM1My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfITQDANBgkqhkiG9w0BAQsFAAOCAQEAWfU2o9VNBWr+Fdg1 Xw547P7DyZ8gRHUd9WqgBv/hBeX/nMXHJjVJod8nnSRSJ4yVzVwZ/9Cxf9yzAXob qd/UTYGHdwOq5kj76NzqdsL1qBVdgi+3wSwF/KAc677sz87xsXDO9aP237cqrM8H jmn9JNO4PZdM3R54J0hxQThJtBRXukREAVP5DPk1+KV+zyjKYf2PtYbZKm0u9kuQ bT1yYv6/QlU/YXuTnHEcE0cF+Rl6KRueNP6XFnjKvxpScwen7OYZrjfQWMICaHGW Wynl2MDf4/99vRqzxFdKsda86sIFXmXWP+tBVwb68IYIBHOjaLLORgOfDHg8AuzF ra49yw== -----END CERTIFICATE-----Generated at Sun Feb 16 20:46:06 2025 by rpki-client