$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149366.roa File: AS149366.roa (raw, json) Hash identifier: TARTJXaylbiMa5Eg8ePfUZ30e3PfsGwShEJjrrosHP8= Subject key identifier: 2F:CA:9C:1C:CD:1E:D2:28:79:88:9B:E4:1C:8D:C1:EF:52:7E:5B:38 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 428FD733D76594974D10F8A152BB217A6C17E359 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149366.roa Signing time: Fri 26 Jan 2024 05:00:00 +0000 ROA not before: Fri 26 Jan 2024 04:55:00 +0000 ROA not after: Fri 24 Jan 2025 05:00:00 +0000 asID: 149366 IP address blocks: 103.180.189.0/24 maxlen: 24 2001:df0:6140::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:8f:d7:33:d7:65:94:97:4d:10:f8:a1:52:bb:21:7a:6c:17:e3:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 26 04:55:00 2024 GMT Not After : Jan 24 05:00:00 2025 GMT Subject: CN=2FCA9C1CCD1ED22879889BE41C8DC1EF527E5B38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:0d:aa:a2:26:c6:96:46:5c:b0:8c:c7:41:f6: b0:a8:e7:28:a9:af:ca:ac:95:4b:ef:94:65:52:b9: 08:97:b4:16:b6:09:93:82:26:67:19:34:b8:3d:9b: 0c:86:ca:57:16:b5:db:cf:83:da:ff:f9:75:ef:8f: 36:3c:b5:50:06:63:fb:12:a0:06:65:59:d0:b9:e1: 1d:0f:02:e1:33:c6:ae:10:8f:59:12:fb:55:d5:1e: ff:13:be:75:17:b1:14:82:18:db:eb:be:f9:01:f5: ca:c6:00:6d:cd:16:5b:e2:c5:19:a0:21:07:2a:69: ea:37:fb:c8:d5:e5:3f:45:54:77:ba:1b:61:9c:19: f7:26:ea:dc:99:74:fa:40:cc:b4:d0:ff:2a:91:c7: 96:0a:de:b1:ca:dc:b6:b0:b6:6c:bf:91:9a:dd:de: d0:ba:dc:44:29:b0:11:b9:4e:f5:3e:d0:18:32:cc: 03:cf:ca:bd:b3:ce:80:ee:54:9e:46:a5:1d:bc:3c: 0d:c8:49:9f:fa:22:bb:43:d8:9d:c6:27:b6:3b:b0: de:7e:62:37:71:11:e6:20:e5:ea:23:84:cd:fe:60: ea:e0:52:05:0b:ab:57:67:fa:05:c8:be:2c:65:56: f8:8d:21:7c:00:41:28:3d:71:c4:e4:4a:cd:d6:90: eb:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:CA:9C:1C:CD:1E:D2:28:79:88:9B:E4:1C:8D:C1:EF:52:7E:5B:38 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149366.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.180.189.0/24 IPv6: 2001:df0:6140::/48 Signature Algorithm: sha256WithRSAEncryption 2b:be:b0:c2:aa:5e:99:d2:c4:f6:86:1f:36:d5:16:9e:22:28: 80:2d:17:cd:9c:5f:fc:46:db:52:36:75:13:da:b6:8f:3d:1d: 07:d4:56:25:63:36:96:e4:84:6e:b9:40:36:eb:8b:cd:83:90: 95:27:94:ea:0c:d6:3a:64:44:bb:b6:5f:28:7c:bd:7b:53:22: cd:46:fb:e3:5e:ff:4a:4e:d1:8a:83:54:89:35:b0:ac:96:03: 06:3d:2b:ad:9c:0c:eb:b3:23:91:21:27:10:09:23:d9:61:66: 53:99:68:af:31:bb:77:48:9a:80:2f:be:44:8d:bc:41:f4:ed: d7:a8:ec:f8:5d:9f:35:b7:87:74:44:15:8d:42:8b:69:d2:64: f6:1e:c7:75:7d:6f:58:84:82:6a:3e:7d:8f:23:b8:3d:3a:9c: 95:28:e2:cf:c5:11:85:2c:ae:21:25:7c:2e:f9:33:d9:b8:7a: b9:8d:b9:b8:7d:b1:75:59:17:38:4d:5b:2e:4d:a1:52:32:4a: df:0a:41:d4:ea:7b:eb:ec:2c:8a:f8:97:c5:b1:99:f6:1c:71: 35:36:04:c0:42:f4:40:b4:65:72:67:a0:ab:62:bf:ac:30:c3: cb:b1:cc:70:e0:24:13:0e:f2:e2:20:f8:d4:c6:6d:5f:58:65: f4:17:8f:a2 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUQo/XM9dllJdNEPihUrshemwX41kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEyNjA0NTUwMFoX DTI1MDEyNDA1MDAwMFowMzExMC8GA1UEAxMoMkZDQTlDMUNDRDFFRDIyODc5ODg5 QkU0MUM4REMxRUY1MjdFNUIzODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN0NqqImxpZGXLCMx0H2sKjnKKmvyqyVS++UZVK5CJe0FrYJk4ImZxk0uD2b DIbKVxa128+D2v/5de+PNjy1UAZj+xKgBmVZ0LnhHQ8C4TPGrhCPWRL7VdUe/xO+ dRexFIIY2+u++QH1ysYAbc0WW+LFGaAhBypp6jf7yNXlP0VUd7obYZwZ9ybq3Jl0 +kDMtND/KpHHlgrescrctrC2bL+Rmt3e0LrcRCmwEblO9T7QGDLMA8/KvbPOgO5U nkalHbw8DchJn/oiu0PYncYntjuw3n5iN3ER5iDl6iOEzf5g6uBSBQurV2f6Bci+ LGVW+I0hfABBKD1xxORKzdaQ63ECAwEAAaOCAeEwggHdMB0GA1UdDgQWBBQvypwc zR7SKHmIm+QcjcHvUn5bODAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTM2Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAGe0vTAPBAIAAjAJAwcAIAEN8GFAMA0GCSqGSIb3DQEBCwUAA4IB AQArvrDCql6Z0sT2hh821RaeIiiALRfNnF/8RttSNnUT2raPPR0H1FYlYzaW5IRu uUA264vNg5CVJ5TqDNY6ZES7tl8ofL17UyLNRvvjXv9KTtGKg1SJNbCslgMGPSut nAzrsyORIScQCSPZYWZTmWivMbt3SJqAL75EjbxB9O3XqOz4XZ81t4d0RBWNQotp 0mT2Hsd1fW9YhIJqPn2PI7g9OpyVKOLPxRGFLK4hJXwu+TPZuHq5jbm4fbF1WRc4 TVsuTaFSMkrfCkHU6nvr7CyK+JfFsZn2HHE1NgTAQvRAtGVyZ6CrYr+sMMPLscxw 4CQTDvLiIPjUxm1fWGX0F4+i -----END CERTIFICATE-----Generated at Mon Nov 25 13:01:56 2024 by rpki-client on console-fra.rpki-client.org