$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149667.roa File: AS149667.roa (raw, json) Hash identifier: EC31dh2VT8O8dugGlnvoumFi59Y5QNG8P3YJhAufg68= Subject key identifier: 00:3D:03:56:5E:EC:5E:6D:6B:37:20:8B:E2:AC:D5:D3:36:9A:98:A9 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 0FA7735927EF99A389F14829C35AE512B73366DC Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149667.roa Signing time: Wed 13 Nov 2024 04:00:00 +0000 ROA not before: Wed 13 Nov 2024 03:55:00 +0000 ROA not after: Wed 12 Nov 2025 04:00:00 +0000 asID: 149667 IP address blocks: 103.156.221.0/24 maxlen: 24 2401:da0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:a7:73:59:27:ef:99:a3:89:f1:48:29:c3:5a:e5:12:b7:33:66:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 13 03:55:00 2024 GMT Not After : Nov 12 04:00:00 2025 GMT Subject: CN=003D03565EEC5E6D6B37208BE2ACD5D3369A98A9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:b4:9a:da:61:7b:2b:8d:1c:d7:18:a8:55:5f: 89:41:ef:c5:0d:90:0a:38:3d:a6:e4:bf:97:5c:65: 14:86:36:a1:5a:57:76:e9:f6:3e:a2:23:6c:7b:ff: 17:d2:a0:65:a9:8c:aa:ea:64:c8:71:a0:6d:19:51: c7:63:0b:d4:25:00:1a:16:94:f4:81:4e:a7:c2:9b: 01:f0:7f:b9:03:e0:2e:0f:39:00:f3:8f:d6:a4:0b: 5b:fb:55:e9:f5:b7:81:17:4f:2b:0b:eb:e4:62:c3: 87:e7:37:59:a2:26:63:cb:17:62:f2:9b:98:03:18: a7:95:8e:0f:da:69:f6:c4:cf:8f:39:d4:8c:db:92: ae:14:f4:92:24:8a:d4:c6:75:0a:3b:1c:31:95:7d: 92:9b:85:d9:e9:1b:cb:de:5d:40:7d:1a:6c:e9:76: f0:80:e8:21:2e:92:8e:63:af:76:73:1b:87:42:7d: 93:d9:95:88:3b:96:33:8b:7f:26:36:89:f8:c7:b7: ee:c3:b7:d6:51:09:ad:40:2e:7a:7d:04:eb:1f:38: 8b:57:5e:01:a4:06:71:21:37:95:f4:20:b3:d0:8c: 32:2e:2e:2b:25:36:74:a8:94:ec:62:a3:33:6a:fd: 08:8b:e2:48:94:ce:7c:01:e7:a9:b2:c5:23:b9:37: a0:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:3D:03:56:5E:EC:5E:6D:6B:37:20:8B:E2:AC:D5:D3:36:9A:98:A9 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149667.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.156.221.0/24 IPv6: 2401:da0::/32 Signature Algorithm: sha256WithRSAEncryption 8f:29:c3:6a:05:bd:3e:55:6b:93:b6:0d:48:50:f3:e5:df:c6: b0:72:fe:b8:8e:05:0d:79:7c:d5:6b:04:c8:f7:9d:df:0b:d9: 74:60:d4:b6:9e:e1:8c:bb:75:7a:85:49:ef:39:3b:a5:53:72: 7b:9e:84:59:69:3b:f7:88:85:18:ee:39:fc:b5:02:20:b9:70: 52:13:31:3d:24:2c:2f:90:9f:27:93:dc:df:c6:c4:a9:f7:ef: 73:1d:1a:8e:ba:7b:d8:dd:d0:b1:b0:b9:4a:0f:95:d7:80:c4: 3e:1b:af:a2:48:16:77:cc:02:dd:50:63:67:0e:a7:91:c9:07: 8b:4f:73:26:d1:ff:8c:03:e2:e3:ce:67:a9:19:4e:6d:ac:90: 14:e1:37:ad:7e:45:a9:85:a7:29:94:03:64:8f:08:eb:c6:60: 0f:5d:67:cb:7b:d0:a6:7a:51:cb:25:b6:3e:54:9d:ac:fb:8d: 3b:14:48:08:8a:0e:3b:7c:33:c4:1b:a2:61:dd:3c:28:c5:99: fa:a2:e5:68:94:eb:57:d1:f0:7a:1b:fc:ac:bc:97:c3:2c:90: 4d:8a:59:ff:9a:7b:b1:a1:2f:e1:5d:f4:f1:3d:bd:b4:1a:e4: bf:49:35:63:da:87:be:9a:bc:6b:a7:2a:d1:dd:ba:d2:54:77: 76:23:34:66 -----BEGIN CERTIFICATE----- MIIE7DCCA9SgAwIBAgIUD6dzWSfvmaOJ8Ugpw1rlErczZtwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTExMzAzNTUwMFoX DTI1MTExMjA0MDAwMFowMzExMC8GA1UEAxMoMDAzRDAzNTY1RUVDNUU2RDZCMzcy MDhCRTJBQ0Q1RDMzNjlBOThBOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALO0mtpheyuNHNcYqFVfiUHvxQ2QCjg9puS/l1xlFIY2oVpXdun2PqIjbHv/ F9KgZamMqupkyHGgbRlRx2ML1CUAGhaU9IFOp8KbAfB/uQPgLg85APOP1qQLW/tV 6fW3gRdPKwvr5GLDh+c3WaImY8sXYvKbmAMYp5WOD9pp9sTPjznUjNuSrhT0kiSK 1MZ1CjscMZV9kpuF2ekby95dQH0abOl28IDoIS6SjmOvdnMbh0J9k9mViDuWM4t/ JjaJ+Me37sO31lEJrUAuen0E6x84i1deAaQGcSE3lfQgs9CMMi4uKyU2dKiU7GKj M2r9CIviSJTOfAHnqbLFI7k3oHECAwEAAaOCAd8wggHbMB0GA1UdDgQWBBQAPQNW XuxebWs3IIvirNXTNpqYqTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTY2Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0w DAQCAAEwBgMEAGec3TANBAIAAjAHAwUAJAENoDANBgkqhkiG9w0BAQsFAAOCAQEA jynDagW9PlVrk7YNSFDz5d/GsHL+uI4FDXl81WsEyPed3wvZdGDUtp7hjLt1eoVJ 7zk7pVNye56EWWk794iFGO45/LUCILlwUhMxPSQsL5CfJ5Pc38bEqffvcx0ajrp7 2N3QsbC5Sg+V14DEPhuvokgWd8wC3VBjZw6nkckHi09zJtH/jAPi485nqRlObayQ FOE3rX5FqYWnKZQDZI8I68ZgD11ny3vQpnpRyyW2PlSdrPuNOxRICIoOO3wzxBui Yd08KMWZ+qLlaJTrV9Hwehv8rLyXwyyQTYpZ/5p7saEv4V308T29tBrkv0k1Y9qH vpq8a6cq0d260lR3diM0Zg== -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:26 2024 by rpki-client on console-fra.rpki-client.org