$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149667.roa File: AS149667.roa (raw, json) Hash identifier: dM2yUmBU1QaANjEAGeTgzVNHeH40ckBpjPJHpmdlhMU= Subject key identifier: E0:AE:F2:00:AB:83:4F:98:5F:1B:62:E9:1E:3E:9C:70:D5:E7:F2:E7 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 74F2DEDCB370CB5AB8BA493AFEC715459D9E60DA Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149667.roa Signing time: Wed 13 Dec 2023 03:43:17 +0000 ROA not before: Wed 13 Dec 2023 03:38:17 +0000 ROA not after: Wed 11 Dec 2024 03:43:17 +0000 asID: 149667 IP address blocks: 103.156.221.0/24 maxlen: 24 2401:da0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 03:34:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:f2:de:dc:b3:70:cb:5a:b8:ba:49:3a:fe:c7:15:45:9d:9e:60:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Dec 13 03:38:17 2023 GMT Not After : Dec 11 03:43:17 2024 GMT Subject: CN=E0AEF200AB834F985F1B62E91E3E9C70D5E7F2E7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:7d:a2:59:3a:ef:a2:d6:e0:83:c0:0c:7d:96: 65:7e:b4:f0:51:aa:b5:54:56:9b:32:a3:aa:81:6c: 94:b9:2d:10:04:c8:2d:02:27:e6:91:4f:77:b3:84: e2:5c:2b:c2:14:70:46:92:92:bf:39:f5:b2:ec:bf: 6c:08:75:83:8a:22:84:ba:bd:96:79:f1:a6:59:91: 18:16:ca:cc:1e:42:96:c0:7e:af:21:d8:bc:57:c0: 5f:ed:0e:67:a7:70:20:af:e9:fa:0a:ab:2d:c6:a7: 0b:1c:b8:bc:a6:63:b3:8f:df:b9:6f:1b:41:2c:cf: d9:bc:6d:c0:19:70:1c:a6:c3:27:c1:9d:77:b3:13: 37:e4:4b:49:bd:dc:87:c8:76:2f:80:09:55:ce:8f: f9:05:ae:b5:e0:47:ad:0f:84:6d:70:99:3d:60:81: e7:de:e3:76:18:b1:52:f1:aa:52:5e:eb:72:e5:c1: 10:e2:a4:03:1e:09:05:40:65:89:fa:8c:58:ce:fd: 69:50:7f:29:09:c4:17:bb:e3:d7:76:79:0b:f4:cc: c0:8d:b5:43:89:9a:58:29:b9:2e:41:4c:c4:f6:fe: 9c:90:6c:3b:bd:fd:48:22:13:5e:43:a1:52:06:4f: 1d:5a:95:a5:22:69:a1:2f:61:14:5b:9a:a7:44:40: 73:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:AE:F2:00:AB:83:4F:98:5F:1B:62:E9:1E:3E:9C:70:D5:E7:F2:E7 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149667.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.156.221.0/24 IPv6: 2401:da0::/32 Signature Algorithm: sha256WithRSAEncryption 8a:21:2d:24:32:e6:1b:3d:ca:12:be:1e:35:e3:17:0e:f1:50: d9:fa:35:07:64:2b:2b:67:34:92:fb:c2:c4:cc:2f:18:38:32: 09:98:7e:23:b3:5a:72:fe:aa:2f:88:21:98:1d:3b:95:cc:ea: 97:12:1c:17:ab:51:c9:a3:ea:f5:4e:d5:76:4c:07:0b:34:e5: e6:29:18:4b:8d:92:f4:fe:12:4d:fc:a1:5e:36:20:64:2b:d7: 68:bb:6c:a8:d9:fe:c8:3f:fd:ae:cd:c7:3b:f3:be:d6:25:4b: 59:0d:45:0a:9d:31:d8:dd:f4:0e:da:b7:af:9a:20:b0:41:c8: dc:cf:41:27:cd:1b:72:de:5e:ea:82:74:28:4f:27:4d:04:c1: e2:4b:76:f0:86:c5:f7:88:29:fd:57:7b:43:b3:98:35:9d:42: 2a:79:63:7a:b1:36:9e:28:d7:25:d2:18:40:9f:df:1d:d5:bd: c6:8a:8f:28:b5:70:cc:f3:02:04:2d:20:a1:d2:03:8a:8c:33: 30:84:ff:2b:78:a1:cf:9a:19:1a:bd:d4:ef:34:9f:21:1d:aa: 22:cc:23:b2:1b:74:76:b2:00:61:8c:59:0b:92:2b:5f:37:ac: 8d:80:cb:2e:8b:bf:41:61:49:fc:b1:1c:7c:49:f6:59:48:09: 23:d0:96:3d -----BEGIN CERTIFICATE----- MIIE7DCCA9SgAwIBAgIUdPLe3LNwy1q4ukk6/scVRZ2eYNowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMTIxMzAzMzgxN1oX DTI0MTIxMTAzNDMxN1owMzExMC8GA1UEAxMoRTBBRUYyMDBBQjgzNEY5ODVGMUI2 MkU5MUUzRTlDNzBENUU3RjJFNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKx9olk676LW4IPADH2WZX608FGqtVRWmzKjqoFslLktEATILQIn5pFPd7OE 4lwrwhRwRpKSvzn1suy/bAh1g4oihLq9lnnxplmRGBbKzB5ClsB+ryHYvFfAX+0O Z6dwIK/p+gqrLcanCxy4vKZjs4/fuW8bQSzP2bxtwBlwHKbDJ8Gdd7MTN+RLSb3c h8h2L4AJVc6P+QWuteBHrQ+EbXCZPWCB597jdhixUvGqUl7rcuXBEOKkAx4JBUBl ifqMWM79aVB/KQnEF7vj13Z5C/TMwI21Q4maWCm5LkFMxPb+nJBsO739SCITXkOh UgZPHVqVpSJpoS9hFFuap0RAc2cCAwEAAaOCAd8wggHbMB0GA1UdDgQWBBTgrvIA q4NPmF8bYukePpxw1efy5zAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTY2Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0w DAQCAAEwBgMEAGec3TANBAIAAjAHAwUAJAENoDANBgkqhkiG9w0BAQsFAAOCAQEA iiEtJDLmGz3KEr4eNeMXDvFQ2fo1B2QrK2c0kvvCxMwvGDgyCZh+I7Nacv6qL4gh mB07lczqlxIcF6tRyaPq9U7VdkwHCzTl5ikYS42S9P4STfyhXjYgZCvXaLtsqNn+ yD/9rs3HO/O+1iVLWQ1FCp0x2N30Dtq3r5ogsEHI3M9BJ80bct5e6oJ0KE8nTQTB 4kt28IbF94gp/Vd7Q7OYNZ1CKnljerE2nijXJdIYQJ/fHdW9xoqPKLVwzPMCBC0g odIDiowzMIT/K3ihz5oZGr3U7zSfIR2qIswjsht0drIAYYxZC5IrXzesjYDLLou/ QWFJ/LEcfEn2WUgJI9CWPQ== -----END CERTIFICATE-----Generated at Wed May 8 22:46:43 2024 by rpki-client on console-ams.rpki-client.org