$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149670.roa File: AS149670.roa (raw, json) Hash identifier: YH1XCu8wfyckQWF80R8CLsV9dVYhisQqQG6lCzbUGtE= Subject key identifier: 47:DE:FA:63:81:E2:DA:1B:8C:2D:17:A9:93:6E:B0:91:D0:07:0D:35 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2BC62328C9087F5CB83E33DA4C07FAEE05EF98EF Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149670.roa Signing time: Thu 31 Oct 2024 07:00:00 +0000 ROA not before: Thu 31 Oct 2024 06:55:00 +0000 ROA not after: Thu 30 Oct 2025 07:00:00 +0000 asID: 149670 IP address blocks: 103.184.66.0/23 maxlen: 24 2001:df2:25c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:c6:23:28:c9:08:7f:5c:b8:3e:33:da:4c:07:fa:ee:05:ef:98:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Oct 31 06:55:00 2024 GMT Not After : Oct 30 07:00:00 2025 GMT Subject: CN=47DEFA6381E2DA1B8C2D17A9936EB091D0070D35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:a6:07:44:1c:16:d6:74:50:19:b3:95:49:fe: 20:51:bc:d2:4e:97:20:e9:47:39:9e:3a:d6:cc:aa: 8a:5c:ba:e7:75:3d:6a:55:6f:3e:a4:83:a2:72:c8: fa:d4:17:9a:1b:a6:00:5a:e1:b2:4d:f3:b8:d2:90: 63:8b:c3:7f:9c:3a:dc:cd:a4:19:3b:07:f7:54:44: 97:2a:7f:2b:03:66:2f:34:c0:e2:72:9e:c5:62:89: c3:dd:ad:77:c4:8f:35:25:f3:49:85:21:16:94:dd: 3c:6b:23:f2:e7:da:05:e8:f9:5d:1a:96:dd:db:f4: 13:fd:17:25:2a:eb:83:12:17:8b:73:af:d0:5d:19: f2:7e:79:f2:ac:59:1d:53:b0:dc:f2:43:c9:17:da: 7b:0a:ca:f2:0b:15:26:59:ff:b2:27:57:e6:3d:d9: 40:cf:e4:9d:1b:d8:4f:16:59:9a:33:73:9c:c5:78: b2:78:84:57:8b:37:37:7c:a3:73:48:b1:b9:8e:46: 89:cc:cd:e4:0f:82:f0:44:35:e5:27:30:42:c0:be: 34:fe:e8:6f:9b:ef:43:29:d1:b2:b7:87:6f:34:b4: c1:64:22:a2:8c:d4:5c:ae:e5:11:7f:3c:34:e8:ec: 66:72:83:8f:9c:87:5f:29:52:af:c2:9c:c4:60:d1: 98:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:DE:FA:63:81:E2:DA:1B:8C:2D:17:A9:93:6E:B0:91:D0:07:0D:35 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149670.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.184.66.0/23 IPv6: 2001:df2:25c0::/48 Signature Algorithm: sha256WithRSAEncryption 33:64:9e:51:05:1f:df:a4:a1:33:e0:aa:85:4c:5b:f1:a3:76: 52:dc:57:1d:d8:db:d3:46:01:f7:7d:08:59:1a:dc:26:af:24: 70:2c:ea:e6:08:d8:af:e5:45:ca:21:b3:a7:8c:27:fc:3a:60: 06:c6:77:ab:5a:4b:a8:94:e4:e0:93:33:d5:b6:5f:35:04:9e: fc:99:03:20:f3:d1:58:bd:27:3a:40:4f:91:6e:95:13:5b:aa: ff:30:d3:cb:41:64:b7:d1:dd:69:4d:cb:04:a2:e7:28:bd:b0: eb:cb:4d:2b:e3:fd:71:4e:b3:99:c0:a3:21:ea:73:64:ff:4f: a4:11:a3:70:b2:ad:96:79:7f:88:90:f0:56:d1:e9:19:a2:b5: ce:3e:51:ab:32:8d:fa:82:83:77:da:7f:1a:6b:9b:c8:52:37: e1:fe:46:87:6f:1c:ea:5e:79:28:56:d4:57:af:8d:9f:2a:d1: 57:47:c1:9d:be:90:5c:22:50:00:7f:5b:fc:d0:f8:4f:4a:c9: 7e:8e:e9:e0:36:7b:80:20:1c:5d:80:7b:f1:a0:b6:48:9d:43: 78:34:dd:0a:06:cb:15:9f:60:93:e5:64:78:87:7e:42:dc:a1: 31:11:0e:58:6f:ff:16:38:93:77:07:86:1f:fc:22:60:57:e7: 1e:b1:f6:9b -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUK8YjKMkIf1y4PjPaTAf67gXvmO8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTAzMTA2NTUwMFoX DTI1MTAzMDA3MDAwMFowMzExMC8GA1UEAxMoNDdERUZBNjM4MUUyREExQjhDMkQx N0E5OTM2RUIwOTFEMDA3MEQzNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL6mB0QcFtZ0UBmzlUn+IFG80k6XIOlHOZ461syqily653U9alVvPqSDonLI +tQXmhumAFrhsk3zuNKQY4vDf5w63M2kGTsH91RElyp/KwNmLzTA4nKexWKJw92t d8SPNSXzSYUhFpTdPGsj8ufaBej5XRqW3dv0E/0XJSrrgxIXi3Ov0F0Z8n558qxZ HVOw3PJDyRfaewrK8gsVJln/sidX5j3ZQM/knRvYTxZZmjNznMV4sniEV4s3N3yj c0ixuY5GiczN5A+C8EQ15ScwQsC+NP7ob5vvQynRsreHbzS0wWQioozUXK7lEX88 NOjsZnKDj5yHXylSr8KcxGDRmNUCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBRH3vpj geLaG4wtF6mTbrCR0AcNNTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTY3MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAWe4QjAPBAIAAjAJAwcAIAEN8iXAMA0GCSqGSIb3DQEBCwUAA4IB AQAzZJ5RBR/fpKEz4KqFTFvxo3ZS3Fcd2NvTRgH3fQhZGtwmryRwLOrmCNiv5UXK IbOnjCf8OmAGxnerWkuolOTgkzPVtl81BJ78mQMg89FYvSc6QE+RbpUTW6r/MNPL QWS30d1pTcsEoucovbDry00r4/1xTrOZwKMh6nNk/0+kEaNwsq2WeX+IkPBW0ekZ orXOPlGrMo36goN32n8aa5vIUjfh/kaHbxzqXnkoVtRXr42fKtFXR8GdvpBcIlAA f1v80PhPSsl+jungNnuAIBxdgHvxoLZInUN4NN0KBssVn2CT5WR4h35C3KExEQ5Y b/8WOJN3B4Yf/CJgV+cesfab -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:26 2024 by rpki-client on console-fra.rpki-client.org