$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149670.roa File: AS149670.roa (raw, json) Hash identifier: O6o8gHs80RDCjlg81aDfF2PvBwphaLfwInhky4IkN+0= Subject key identifier: 10:33:72:92:FE:C4:F5:C0:64:5E:AB:1C:95:2A:58:44:DF:09:DF:34 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 671571BB39E26F301C8BCCAD918E7DC25011CF7F Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149670.roa Signing time: Thu 30 Nov 2023 06:40:57 +0000 ROA not before: Thu 30 Nov 2023 06:35:57 +0000 ROA not after: Thu 28 Nov 2024 06:40:57 +0000 asID: 149670 IP address blocks: 103.184.66.0/23 maxlen: 24 2001:df2:25c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 16:34:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:15:71:bb:39:e2:6f:30:1c:8b:cc:ad:91:8e:7d:c2:50:11:cf:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 30 06:35:57 2023 GMT Not After : Nov 28 06:40:57 2024 GMT Subject: CN=10337292FEC4F5C0645EAB1C952A5844DF09DF34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:be:bd:52:b8:1f:e6:61:9e:6c:a0:13:e8:67: c1:d8:19:22:8c:7e:bc:c7:cf:e5:a5:d3:3b:a8:0a: 15:66:b0:5b:13:ce:5c:9a:1a:73:cf:75:39:64:46: f3:94:36:ad:48:5a:ee:d5:da:69:b2:58:99:fc:30: 63:e4:df:1e:0d:8c:f6:ca:0a:28:e4:d8:55:57:b5: 78:38:7a:f6:a7:f0:1c:57:d4:6d:39:11:02:5d:87: 6b:da:e1:04:8f:03:6b:6c:80:18:b3:d1:8b:aa:5f: f0:b9:ab:65:d5:f0:22:ee:9e:ea:0f:9a:2f:45:0f: 7b:9f:e7:0d:1a:fa:ad:b6:d6:72:5e:b7:17:66:4c: b4:f4:b9:d5:25:9f:8a:fd:f0:44:4f:e8:d1:b6:16: c6:da:3f:61:84:b6:6e:53:47:d4:f1:be:c9:d9:b2: 90:72:2a:de:d1:2b:02:16:96:80:2d:5d:9a:bf:68: b0:2b:88:30:cc:29:56:cc:bb:16:db:11:2c:03:5e: 60:7d:e0:ff:6f:d4:aa:be:a7:ea:62:ba:41:81:86: e4:f7:98:61:49:c4:fd:3a:46:13:a8:de:6e:7f:e3: 44:7b:4f:e8:86:6e:a2:1c:fd:4d:72:05:7d:ad:16: 86:55:f0:bb:57:38:09:54:bd:29:71:d1:bf:96:4e: ee:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:33:72:92:FE:C4:F5:C0:64:5E:AB:1C:95:2A:58:44:DF:09:DF:34 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149670.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.184.66.0/23 IPv6: 2001:df2:25c0::/48 Signature Algorithm: sha256WithRSAEncryption 4d:41:5f:4b:c0:73:d3:ac:0c:fe:ea:86:b6:26:e7:7e:45:7e: c5:42:d1:d2:47:2b:26:0f:74:52:5b:2d:13:af:bc:16:47:4a: fd:2b:51:f4:96:09:ba:32:18:02:47:a6:ef:5a:dd:f8:c3:d9: 14:b3:5e:70:1e:34:14:64:17:71:eb:e8:9a:d6:16:92:d6:0d: 49:c8:60:3f:b4:fe:70:b9:49:29:b3:a8:b5:e5:c2:8c:29:c0: 5d:de:97:90:6f:e4:9c:2d:7d:7c:47:b9:49:be:db:57:0b:18: cb:76:b5:e9:d9:b9:1d:30:53:1b:ca:b5:3d:28:39:48:b3:4b: 40:96:ca:6f:05:47:2e:ef:d6:de:79:d6:72:a9:2e:28:da:b8: 87:3b:f2:dd:06:39:70:4a:56:13:0e:a6:b1:03:81:70:d8:e3: 66:05:de:81:4e:df:12:04:04:70:ab:b7:ea:59:75:22:c9:b4: 78:80:a5:f2:fb:5d:21:b1:c8:19:83:cc:aa:0b:5f:e8:0b:91: 82:21:b7:30:91:65:43:0b:c5:39:8f:91:0f:e0:03:c9:0f:58: ba:23:63:7c:2f:93:e0:1e:3c:24:07:c0:e6:31:ba:d6:e7:a4: 90:51:32:a7:40:b4:e6:d6:94:fa:02:c7:63:c5:2b:ff:6f:d2: 52:c7:68:c4 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUZxVxuznibzAci8ytkY59wlARz38wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMTEzMDA2MzU1N1oX DTI0MTEyODA2NDA1N1owMzExMC8GA1UEAxMoMTAzMzcyOTJGRUM0RjVDMDY0NUVB QjFDOTUyQTU4NDRERjA5REYzNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANa+vVK4H+ZhnmygE+hnwdgZIox+vMfP5aXTO6gKFWawWxPOXJoac891OWRG 85Q2rUha7tXaabJYmfwwY+TfHg2M9soKKOTYVVe1eDh69qfwHFfUbTkRAl2Ha9rh BI8Da2yAGLPRi6pf8LmrZdXwIu6e6g+aL0UPe5/nDRr6rbbWcl63F2ZMtPS51SWf iv3wRE/o0bYWxto/YYS2blNH1PG+ydmykHIq3tErAhaWgC1dmr9osCuIMMwpVsy7 FtsRLANeYH3g/2/Uqr6n6mK6QYGG5PeYYUnE/TpGE6jebn/jRHtP6IZuohz9TXIF fa0WhlXwu1c4CVS9KXHRv5ZO7mkCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBQQM3KS /sT1wGReqxyVKlhE3wnfNDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTY3MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAWe4QjAPBAIAAjAJAwcAIAEN8iXAMA0GCSqGSIb3DQEBCwUAA4IB AQBNQV9LwHPTrAz+6oa2Jud+RX7FQtHSRysmD3RSWy0Tr7wWR0r9K1H0lgm6MhgC R6bvWt34w9kUs15wHjQUZBdx6+ia1haS1g1JyGA/tP5wuUkps6i15cKMKcBd3peQ b+ScLX18R7lJvttXCxjLdrXp2bkdMFMbyrU9KDlIs0tAlspvBUcu79beedZyqS4o 2riHO/LdBjlwSlYTDqaxA4Fw2ONmBd6BTt8SBARwq7fqWXUiybR4gKXy+10hscgZ g8yqC1/oC5GCIbcwkWVDC8U5j5EP4APJD1i6I2N8L5PgHjwkB8DmMbrW56SQUTKn QLTm1pT6AsdjxSv/b9JSx2jE -----END CERTIFICATE-----Generated at Wed May 8 07:45:27 2024 by rpki-client on console-ams.rpki-client.org