$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149400.roa File: AS149400.roa (raw, json) Hash identifier: GYdxTIOh9vYZA9EwVLJ6vCZQKDH5EnWWIOUZ9c1vUiA= Subject key identifier: 0C:4E:68:22:AE:33:85:5F:D2:F2:07:7F:34:52:25:98:01:F7:35:72 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5CF1C491700AF70E257EA51AA6F87C6E9381D2AE Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149400.roa Signing time: Fri 15 Dec 2023 02:14:26 +0000 ROA not before: Fri 15 Dec 2023 02:09:26 +0000 ROA not after: Fri 13 Dec 2024 02:14:26 +0000 asID: 149400 IP address blocks: 202.164.220.0/22 maxlen: 24 2401:15a0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 17:47:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:f1:c4:91:70:0a:f7:0e:25:7e:a5:1a:a6:f8:7c:6e:93:81:d2:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Dec 15 02:09:26 2023 GMT Not After : Dec 13 02:14:26 2024 GMT Subject: CN=0C4E6822AE33855FD2F2077F3452259801F73572 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:49:1e:40:3e:aa:4e:1b:00:c4:05:ea:44:f0: d9:99:04:89:a9:c5:0b:00:70:1e:f1:40:52:9d:ee: 94:90:ac:6f:02:38:74:05:d3:81:34:57:7c:c4:31: fd:69:dd:75:05:82:63:8c:5e:25:d2:e7:3a:d4:af: a1:3e:e0:b9:62:0a:ff:b3:13:5d:73:45:61:fc:5d: aa:9d:fe:33:f2:95:cf:3c:35:14:b4:dc:57:6d:c2: f8:66:3e:88:9f:47:6b:06:7a:16:b3:04:d4:cc:25: c8:2e:ee:cd:db:8b:a6:1d:58:34:f7:40:2d:06:87: 3f:21:e1:da:66:cb:9b:c6:8d:0d:a7:b6:d3:7b:dd: 8e:f2:76:2e:a9:86:fd:83:bf:15:c4:5d:d6:47:02: 4c:53:68:e4:8a:d2:18:55:c9:28:3f:fc:ed:aa:c4: a7:77:43:0c:ce:82:cb:fe:f1:de:f1:a9:c1:56:69: b7:14:01:e3:d0:27:45:1a:b6:8b:bf:0c:24:15:5f: 13:75:59:6f:db:0d:d7:b6:0e:58:fe:f5:c8:65:d5: 81:c3:15:38:fc:d6:4a:78:2f:79:cb:9d:2f:00:2a: f1:a5:ed:8b:95:c4:85:b3:b8:35:d1:e8:64:3e:9a: a0:c4:2c:c4:19:34:fa:10:a1:85:b9:2c:03:01:06: c1:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:4E:68:22:AE:33:85:5F:D2:F2:07:7F:34:52:25:98:01:F7:35:72 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149400.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.164.220.0/22 IPv6: 2401:15a0::/32 Signature Algorithm: sha256WithRSAEncryption 99:f0:17:50:dc:5a:40:e7:86:7f:da:fe:4a:7f:90:7b:56:18: 8f:b3:6d:d9:85:7b:99:6a:07:0e:34:49:85:a9:60:3f:8f:7a: a8:f7:ef:76:e5:d9:4c:90:1c:2b:c0:2b:f1:33:62:56:b0:9b: 11:1b:43:67:32:58:2e:58:05:18:26:75:ec:00:4c:37:e7:5c: 07:a4:da:f7:fc:31:88:d3:ca:b6:3c:ca:0c:57:90:b5:5b:81: 1f:8c:97:06:c2:f4:61:c5:16:e9:a3:1d:0b:bc:e0:3f:36:bb: d9:f5:a0:6b:50:1c:5f:92:40:b2:0d:3e:e6:7c:44:01:8d:24: 6e:ee:ec:59:7b:18:df:59:c8:fd:02:ce:08:51:ce:1a:dc:7e: a8:f1:b1:e9:b2:52:3f:cc:a6:37:ef:67:61:17:b6:7a:36:7e: 49:f8:03:39:86:4e:79:35:02:b4:ac:eb:b0:c4:ab:49:5a:65: a0:83:f9:4d:6f:53:a5:c4:2d:5d:f2:84:b7:48:e5:ba:b3:19: 9f:fe:67:4d:2e:a9:69:49:04:a5:62:ce:58:2c:75:a2:cf:f9: 87:58:87:49:a1:85:88:a1:4b:d8:0d:7f:43:a8:54:eb:94:2c: f5:ed:ca:4e:04:90:e2:02:2c:31:04:5a:8e:48:78:ea:2d:8b: 09:f4:7c:db -----BEGIN CERTIFICATE----- MIIE7DCCA9SgAwIBAgIUXPHEkXAK9w4lfqUapvh8bpOB0q4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMTIxNTAyMDkyNloX DTI0MTIxMzAyMTQyNlowMzExMC8GA1UEAxMoMEM0RTY4MjJBRTMzODU1RkQyRjIw NzdGMzQ1MjI1OTgwMUY3MzU3MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOBJHkA+qk4bAMQF6kTw2ZkEianFCwBwHvFAUp3ulJCsbwI4dAXTgTRXfMQx /WnddQWCY4xeJdLnOtSvoT7guWIK/7MTXXNFYfxdqp3+M/KVzzw1FLTcV23C+GY+ iJ9HawZ6FrME1MwlyC7uzduLph1YNPdALQaHPyHh2mbLm8aNDae203vdjvJ2LqmG /YO/FcRd1kcCTFNo5IrSGFXJKD/87arEp3dDDM6Cy/7x3vGpwVZptxQB49AnRRq2 i78MJBVfE3VZb9sN17YOWP71yGXVgcMVOPzWSngvecudLwAq8aXti5XEhbO4NdHo ZD6aoMQsxBk0+hChhbksAwEGwcMCAwEAAaOCAd8wggHbMB0GA1UdDgQWBBQMTmgi rjOFX9LyB380UiWYAfc1cjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTQwMC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0w DAQCAAEwBgMEAsqk3DANBAIAAjAHAwUAJAEVoDANBgkqhkiG9w0BAQsFAAOCAQEA mfAXUNxaQOeGf9r+Sn+Qe1YYj7Nt2YV7mWoHDjRJhalgP496qPfvduXZTJAcK8Ar 8TNiVrCbERtDZzJYLlgFGCZ17ABMN+dcB6Ta9/wxiNPKtjzKDFeQtVuBH4yXBsL0 YcUW6aMdC7zgPza72fWga1AcX5JAsg0+5nxEAY0kbu7sWXsY31nI/QLOCFHOGtx+ qPGx6bJSP8ymN+9nYRe2ejZ+SfgDOYZOeTUCtKzrsMSrSVploIP5TW9TpcQtXfKE t0jlurMZn/5nTS6paUkEpWLOWCx1os/5h1iHSaGFiKFL2A1/Q6hU65Qs9e3KTgSQ 4gIsMQRajkh46i2LCfR82w== -----END CERTIFICATE-----Generated at Wed May 8 14:59:56 2024 by rpki-client on console-ams.rpki-client.org