$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149375.roa File: AS149375.roa (raw, json) Hash identifier: 69/XTEsz4To2Eu7/m57o+PZEwhGXC4E7VooEtYxQBpk= Subject key identifier: 28:4D:42:9C:E2:86:EC:D9:B9:4B:6C:85:34:FC:4B:58:B8:C6:D5:B8 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1A3EC0BB4A7E939CA755E3F0726E03E06CC959E4 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149375.roa Signing time: Tue 09 Jan 2024 04:00:10 +0000 ROA not before: Tue 09 Jan 2024 03:55:10 +0000 ROA not after: Tue 07 Jan 2025 04:00:10 +0000 asID: 149375 IP address blocks: 2001:df0:6b40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 10:29:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:3e:c0:bb:4a:7e:93:9c:a7:55:e3:f0:72:6e:03:e0:6c:c9:59:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:10 2024 GMT Not After : Jan 7 04:00:10 2025 GMT Subject: CN=284D429CE286ECD9B94B6C8534FC4B58B8C6D5B8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:c3:b7:d9:53:64:4f:6e:d9:10:e0:00:cb:1f: 55:72:da:bd:d4:7b:64:cc:ba:3e:79:d3:f0:f1:2a: 6f:ad:3c:9f:d0:5d:cb:ee:91:22:54:ee:78:5e:73: c1:2f:5c:9a:6d:c7:5a:95:19:26:9c:a7:a3:43:00: 3c:c0:99:c1:56:84:16:b3:99:95:16:f3:29:c3:23: 2d:3e:9b:4f:2a:37:a7:0d:89:a5:b3:a5:c2:d6:24: c2:f8:7c:bb:e2:f0:ba:47:d0:de:9d:52:76:2b:2f: 8f:ed:81:09:59:e6:ed:1f:d4:f1:0f:b8:9e:a7:b5: 3d:c1:f9:a1:9e:49:45:12:bf:47:f2:d9:f6:d4:96: f4:46:bf:7a:40:14:ca:ef:c6:4e:37:a5:62:27:12: 47:ee:28:9d:78:08:b4:42:74:b7:05:21:14:07:33: 95:e6:4f:2a:2a:97:8b:df:9a:2d:7b:c2:df:34:bc: ce:ac:d0:13:06:4d:5b:91:cb:fa:a3:33:0e:4b:fc: d7:91:75:38:e0:e9:cf:56:3a:71:ae:89:3a:48:0c: 64:81:60:58:c6:41:ea:01:70:02:08:bf:8a:99:d9: d0:78:f5:05:e3:bb:41:e7:6c:dd:73:58:f6:9d:9d: 73:6f:fb:e1:b9:95:37:e5:d0:00:64:65:a9:00:08: 0a:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:4D:42:9C:E2:86:EC:D9:B9:4B:6C:85:34:FC:4B:58:B8:C6:D5:B8 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149375.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df0:6b40::/48 Signature Algorithm: sha256WithRSAEncryption 29:d7:e0:de:a4:39:5d:32:c0:5e:e4:30:1d:c3:a9:f6:a2:2d: dc:87:9c:e1:5e:31:70:1b:2a:d9:16:3a:5c:37:88:05:82:28: 8b:4e:db:92:5d:89:68:e7:1c:af:33:44:18:f1:45:5b:db:01: c8:f5:1e:00:46:23:05:6f:a4:99:75:01:82:7c:32:59:c4:5d: 03:c2:a3:05:e7:f9:d8:ff:e3:37:ed:a5:d1:03:5d:55:7f:29: bc:37:98:1e:ce:f3:04:1b:f1:4b:24:77:4c:fb:39:9d:96:c7: 35:f0:f1:ff:aa:9b:a0:52:8e:2d:a8:c0:05:4f:dd:a2:1d:fb: 25:80:90:5d:d4:2e:e6:22:d7:79:66:34:fc:7f:f8:e1:fc:b2: 32:49:8e:53:c0:22:3d:42:0c:4c:a5:5a:14:5c:d8:dd:56:10: df:be:79:e2:c3:73:c2:69:19:8c:b8:b2:12:d2:88:f8:c3:22: 1c:73:d5:a4:6a:bd:00:dc:db:41:70:d5:d9:02:e7:47:15:7a: b7:19:12:9a:52:b0:2f:ca:e8:e0:73:ef:3e:fd:20:49:07:b7: 53:f8:3d:13:9d:42:88:8b:88:21:1f:89:a7:94:7b:b6:d4:52: 90:81:ef:24:cd:56:65:e5:50:95:d4:0f:f1:62:26:fd:5b:cc: c0:bd:c8:64 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUGj7Au0p+k5ynVePwcm4D4GzJWeQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUxMFoX DTI1MDEwNzA0MDAxMFowMzExMC8GA1UEAxMoMjg0RDQyOUNFMjg2RUNEOUI5NEI2 Qzg1MzRGQzRCNThCOEM2RDVCODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOrDt9lTZE9u2RDgAMsfVXLavdR7ZMy6PnnT8PEqb608n9Bdy+6RIlTueF5z wS9cmm3HWpUZJpyno0MAPMCZwVaEFrOZlRbzKcMjLT6bTyo3pw2JpbOlwtYkwvh8 u+LwukfQ3p1Sdisvj+2BCVnm7R/U8Q+4nqe1PcH5oZ5JRRK/R/LZ9tSW9Ea/ekAU yu/GTjelYicSR+4onXgItEJ0twUhFAczleZPKiqXi9+aLXvC3zS8zqzQEwZNW5HL +qMzDkv815F1OODpz1Y6ca6JOkgMZIFgWMZB6gFwAgi/ipnZ0Hj1BeO7Qeds3XNY 9p2dc2/74bmVN+XQAGRlqQAICkkCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQoTUKc 4obs2blLbIU0/EtYuMbVuDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTM3NS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfBrQDANBgkqhkiG9w0BAQsFAAOCAQEAKdfg3qQ5XTLAXuQw HcOp9qIt3Iec4V4xcBsq2RY6XDeIBYIoi07bkl2JaOccrzNEGPFFW9sByPUeAEYj BW+kmXUBgnwyWcRdA8KjBef52P/jN+2l0QNdVX8pvDeYHs7zBBvxSyR3TPs5nZbH NfDx/6qboFKOLajABU/doh37JYCQXdQu5iLXeWY0/H/44fyyMkmOU8AiPUIMTKVa FFzY3VYQ37554sNzwmkZjLiyEtKI+MMiHHPVpGq9ANzbQXDV2QLnRxV6txkSmlKw L8ro4HPvPv0gSQe3U/g9E51CiIuIIR+Jp5R7ttRSkIHvJM1WZeVQldQP8WIm/VvM wL3IZA== -----END CERTIFICATE-----Generated at Wed May 8 04:37:57 2024 by rpki-client on console-fra.rpki-client.org