$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149400.roa File: AS149400.roa (raw, json) Hash identifier: ealE01KXiyovVMpkbcj5Vwj6/zr9MZGoLNw99roDjzk= Subject key identifier: 3B:F4:EB:50:4D:30:DB:ED:DE:77:6A:B9:D0:65:EA:93:9B:85:25:FE Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 73D41FCFF3A956A0B37AF38973EAFB5A56147672 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149400.roa Signing time: Fri 28 Jun 2024 07:30:47 +0000 ROA not before: Fri 28 Jun 2024 07:25:47 +0000 ROA not after: Fri 27 Jun 2025 07:30:47 +0000 asID: 149400 IP address blocks: 103.70.94.0/23 maxlen: 24 202.164.220.0/22 maxlen: 24 2401:15a0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:d4:1f:cf:f3:a9:56:a0:b3:7a:f3:89:73:ea:fb:5a:56:14:76:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 28 07:25:47 2024 GMT Not After : Jun 27 07:30:47 2025 GMT Subject: CN=3BF4EB504D30DBEDDE776AB9D065EA939B8525FE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:62:65:a3:ec:fd:12:b7:af:5c:78:7f:62:0f: 9e:51:e4:34:a0:df:4e:e4:cc:40:cb:c5:b2:da:b9: 0e:cf:ea:76:c3:6a:00:41:87:2b:ee:79:94:48:95: 8a:fd:00:e8:9d:31:3f:4c:c4:17:60:7f:b5:8c:0e: 81:aa:ed:ea:28:a0:33:5b:6b:5f:ab:ad:c9:e1:f3: 42:d9:10:4d:bd:1c:44:b0:00:6b:28:23:25:65:d5: da:f3:49:88:39:55:42:d6:bc:37:ac:36:34:0a:16: 16:34:ef:f2:bd:d2:09:36:3c:d4:c8:bb:e9:28:96: aa:eb:46:89:35:9e:54:8f:54:7e:1f:7f:7f:f3:ec: 9e:39:1a:76:44:52:67:0d:ce:63:84:a2:12:83:47: cd:dd:1f:d2:a4:f3:26:f6:15:ad:d7:25:52:4b:2b: 9b:58:02:20:0a:20:03:3f:5d:46:bc:2e:9d:f2:73: 5e:d1:29:85:c2:aa:43:b8:3e:bb:31:58:a8:9b:aa: 9f:7f:80:0d:36:d8:1a:51:9c:25:6d:cc:11:72:8a: 81:6f:b3:69:ca:bc:a5:98:7e:98:59:1e:a1:2c:75: 57:dc:50:db:17:37:af:ea:a3:e1:1c:ba:32:54:42: 71:96:fb:a7:7e:4f:88:16:d4:6e:49:b8:c9:30:49: bc:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:F4:EB:50:4D:30:DB:ED:DE:77:6A:B9:D0:65:EA:93:9B:85:25:FE X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149400.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.70.94.0/23 202.164.220.0/22 IPv6: 2401:15a0::/32 Signature Algorithm: sha256WithRSAEncryption 55:ab:8f:b5:02:c2:3b:59:be:e5:e4:61:7e:d7:de:ac:32:85: 9b:a2:db:cf:ae:66:fb:a2:d5:83:bc:2c:0a:7b:9f:bd:26:9d: 76:da:f8:16:a8:21:bc:f2:11:b3:6f:5c:f8:62:d5:0f:8a:61: c5:d0:46:96:29:f1:8d:7a:c7:ec:46:e8:27:b8:a0:96:a1:d2: b4:78:3a:c5:87:06:f3:3e:af:9e:a6:2a:f9:ed:4b:b8:8a:ca: 8e:f2:12:bf:e8:c1:1c:b0:6a:82:a9:95:5f:67:1a:e0:4d:80: 82:4b:7c:93:46:a6:ba:77:ef:52:0d:e4:07:5c:52:a7:39:a1: da:b1:2c:92:43:87:98:67:a4:f0:89:48:23:bd:17:9e:9c:8b: d3:1e:cb:fd:d2:ee:e1:57:05:92:5c:49:4e:ef:0e:50:b1:8d: 0b:7b:66:e8:b6:fa:5d:7c:f9:38:f2:f4:90:b0:16:5a:51:be: 1b:00:a5:dc:65:43:43:88:f3:43:a2:00:6e:39:82:6c:39:25: 44:27:ca:35:4e:f9:f4:4b:57:02:49:f3:16:ef:1b:bc:eb:1d: c0:ed:84:0c:28:e2:cf:c8:f2:4f:a4:32:08:e7:84:ba:97:8a: e3:5a:0f:bf:cf:a9:17:dc:f4:94:ad:da:bc:fd:4f:73:83:bb: be:97:16:e0 -----BEGIN CERTIFICATE----- MIIE8jCCA9qgAwIBAgIUc9Qfz/OpVqCzevOJc+r7WlYUdnIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDYyODA3MjU0N1oX DTI1MDYyNzA3MzA0N1owMzExMC8GA1UEAxMoM0JGNEVCNTA0RDMwREJFRERFNzc2 QUI5RDA2NUVBOTM5Qjg1MjVGRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALZiZaPs/RK3r1x4f2IPnlHkNKDfTuTMQMvFstq5Ds/qdsNqAEGHK+55lEiV iv0A6J0xP0zEF2B/tYwOgart6iigM1trX6utyeHzQtkQTb0cRLAAaygjJWXV2vNJ iDlVQta8N6w2NAoWFjTv8r3SCTY81Mi76SiWqutGiTWeVI9Ufh9/f/PsnjkadkRS Zw3OY4SiEoNHzd0f0qTzJvYVrdclUksrm1gCIAogAz9dRrwunfJzXtEphcKqQ7g+ uzFYqJuqn3+ADTbYGlGcJW3MEXKKgW+zacq8pZh+mFkeoSx1V9xQ2xc3r+qj4Ry6 MlRCcZb7p35PiBbUbkm4yTBJvBsCAwEAAaOCAeUwggHhMB0GA1UdDgQWBBQ79OtQ TTDb7d53arnQZeqTm4Ul/jAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTQwMC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMw EgQCAAEwDAMEAWdGXgMEAsqk3DANBAIAAjAHAwUAJAEVoDANBgkqhkiG9w0BAQsF AAOCAQEAVauPtQLCO1m+5eRhftferDKFm6Lbz65m+6LVg7wsCnufvSaddtr4Fqgh vPIRs29c+GLVD4phxdBGlinxjXrH7EboJ7iglqHStHg6xYcG8z6vnqYq+e1LuIrK jvISv+jBHLBqgqmVX2ca4E2Agkt8k0amunfvUg3kB1xSpzmh2rEskkOHmGek8IlI I70XnpyL0x7L/dLu4VcFklxJTu8OULGNC3tm6Lb6XXz5OPL0kLAWWlG+GwCl3GVD Q4jzQ6IAbjmCbDklRCfKNU759EtXAknzFu8bvOsdwO2EDCjiz8jyT6QyCOeEupeK 41oPv8+pF9z0lK3avP1Pc4O7vpcW4A== -----END CERTIFICATE-----Generated at Mon Nov 25 13:01:56 2024 by rpki-client on console-fra.rpki-client.org