$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149374.roa File: AS149374.roa (raw, json) Hash identifier: FU6sQXW4aEDIL3YqSQDuid7tYbeYez++a9EFuqYtSbA= Subject key identifier: 87:8D:31:EE:01:B7:F1:7E:3E:76:7C:37:FC:CF:0C:18:FA:DF:C6:EA Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5797122E5443289836D5F021395B9A42DF6D37D5 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149374.roa Signing time: Mon 25 Mar 2024 03:35:11 +0000 ROA not before: Mon 25 Mar 2024 03:30:11 +0000 ROA not after: Mon 24 Mar 2025 03:35:11 +0000 asID: 149374 IP address blocks: 2001:df3:8440::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 00:20:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:97:12:2e:54:43:28:98:36:d5:f0:21:39:5b:9a:42:df:6d:37:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Mar 25 03:30:11 2024 GMT Not After : Mar 24 03:35:11 2025 GMT Subject: CN=878D31EE01B7F17E3E767C37FCCF0C18FADFC6EA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:6c:b1:1e:e8:9b:ea:f9:c8:32:bf:85:d7:47: b4:f0:4b:8d:0f:87:12:5c:11:ff:df:23:27:d5:6b: e9:b8:63:38:9e:7e:04:be:69:aa:56:4c:a4:76:86: 24:6c:bc:60:e6:5b:22:c3:fe:03:92:5b:46:2c:fd: 6e:b9:b3:fe:68:b3:16:d0:da:1b:d2:50:4e:60:5d: 5a:94:17:9e:00:8b:25:90:b2:05:31:87:40:04:bf: 76:83:fe:79:d4:5a:5d:7f:d0:0c:7b:bf:3b:26:b2: 91:4e:4d:cf:66:f4:87:b5:04:07:22:eb:ef:50:bf: b9:20:f0:fe:e9:f1:8e:79:a7:1f:50:a5:a7:a3:d8: e6:fb:33:4e:a9:2c:af:08:ef:aa:ca:99:f3:89:83: c7:fb:82:ce:6a:27:ef:0c:e6:30:5e:ac:e7:b1:42: cd:54:91:49:fe:f6:60:fc:75:ac:1b:81:d6:69:1a: 20:28:00:53:16:72:1d:c8:fa:82:6b:77:0f:2c:83: 3e:e7:cd:7a:a4:39:05:73:f7:71:f6:a0:19:35:7e: cf:1b:54:83:6d:bc:af:0c:53:12:16:bb:b7:91:77: c2:ec:15:00:05:ed:ba:0c:77:9e:71:1f:f2:8b:87: e2:4e:d5:a8:11:f2:27:58:e5:51:98:8e:e6:7d:00: 37:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:8D:31:EE:01:B7:F1:7E:3E:76:7C:37:FC:CF:0C:18:FA:DF:C6:EA X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149374.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:8440::/48 Signature Algorithm: sha256WithRSAEncryption 19:2d:42:cd:4e:74:f5:ef:1f:56:3b:95:cd:87:54:0e:b4:fa: c9:3a:b0:dc:c7:53:23:bc:7f:80:1d:c2:16:b6:4d:b5:6e:cf: 01:81:ee:ad:d2:12:a7:dc:b5:2c:c5:2b:f7:55:92:c6:36:7e: 2c:fa:d2:b9:92:7d:00:23:07:31:f9:bd:cb:91:47:5c:15:a3: 17:bf:bf:37:5f:a6:ad:98:8a:09:ab:73:ff:d8:b8:da:8b:59: d7:32:41:3e:37:c2:73:c1:e7:cc:b7:e1:62:76:c7:7e:39:f7: 4e:a9:01:80:9f:f7:3a:f4:49:86:30:0d:57:cf:c5:61:7e:07: fc:da:02:51:33:ee:68:1b:5e:76:42:1e:dd:76:c0:a5:2f:ba: 26:dc:ec:98:60:be:cb:30:70:91:00:ef:6d:81:7d:de:50:b4: 38:55:52:c4:fc:3a:bc:64:e9:ba:5e:55:bf:6d:22:9f:b4:7d: 2b:58:d6:81:25:0c:c4:a9:4e:a6:ef:40:86:94:a6:91:e0:19: c5:74:3e:4e:c2:cd:c7:d9:aa:34:99:5a:6a:7f:41:96:85:67: d1:97:d3:b5:a1:ff:fb:b8:a3:f0:e8:0b:2c:62:cc:f2:17:6c: 41:d8:15:81:44:24:41:9e:f0:11:e3:1d:13:77:bc:2c:aa:5f: 49:d7:f8:03 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUV5cSLlRDKJg21fAhOVuaQt9tN9UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDMyNTAzMzAxMVoX DTI1MDMyNDAzMzUxMVowMzExMC8GA1UEAxMoODc4RDMxRUUwMUI3RjE3RTNFNzY3 QzM3RkNDRjBDMThGQURGQzZFQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKpssR7om+r5yDK/hddHtPBLjQ+HElwR/98jJ9Vr6bhjOJ5+BL5pqlZMpHaG JGy8YOZbIsP+A5JbRiz9brmz/mizFtDaG9JQTmBdWpQXngCLJZCyBTGHQAS/doP+ edRaXX/QDHu/OyaykU5Nz2b0h7UEByLr71C/uSDw/unxjnmnH1Clp6PY5vszTqks rwjvqsqZ84mDx/uCzmon7wzmMF6s57FCzVSRSf72YPx1rBuB1mkaICgAUxZyHcj6 gmt3DyyDPufNeqQ5BXP3cfagGTV+zxtUg228rwxTEha7t5F3wuwVAAXtugx3nnEf 8ouH4k7VqBHyJ1jlUZiO5n0ANwkCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBSHjTHu Abfxfj52fDf8zwwY+t/G6jAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTM3NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfOEQDANBgkqhkiG9w0BAQsFAAOCAQEAGS1CzU509e8fVjuV zYdUDrT6yTqw3MdTI7x/gB3CFrZNtW7PAYHurdISp9y1LMUr91WSxjZ+LPrSuZJ9 ACMHMfm9y5FHXBWjF7+/N1+mrZiKCatz/9i42otZ1zJBPjfCc8HnzLfhYnbHfjn3 TqkBgJ/3OvRJhjANV8/FYX4H/NoCUTPuaBtedkIe3XbApS+6JtzsmGC+yzBwkQDv bYF93lC0OFVSxPw6vGTpul5Vv20in7R9K1jWgSUMxKlOpu9AhpSmkeAZxXQ+TsLN x9mqNJlaan9BloVn0ZfTtaH/+7ij8OgLLGLM8hdsQdgVgUQkQZ7wEeMdE3e8LKpf Sdf4Aw== -----END CERTIFICATE-----Generated at Thu May 9 00:29:15 2024 by rpki-client on console-ams.rpki-client.org