$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149690.roa File: AS149690.roa (raw, json) Hash identifier: iFZkk5uKeF2rY4Fv1RGD7YxFYElf8aL2V1lmKtGHAu8= Subject key identifier: 59:08:88:44:09:BD:60:0E:D9:30:1B:64:A6:C4:39:FC:D8:0E:A4:F5 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 561E1C1654C676E8E54FCD7621554D05588DAFFE Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149690.roa Signing time: Tue 04 Jul 2023 04:00:00 +0000 ROA not before: Tue 04 Jul 2023 03:55:00 +0000 ROA not after: Tue 02 Jul 2024 04:00:00 +0000 asID: 149690 IP address blocks: 2001:df1:1340::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 03:34:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:1e:1c:16:54:c6:76:e8:e5:4f:cd:76:21:55:4d:05:58:8d:af:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 4 03:55:00 2023 GMT Not After : Jul 2 04:00:00 2024 GMT Subject: CN=5908884409BD600ED9301B64A6C439FCD80EA4F5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:be:0d:79:e8:c9:28:86:ae:78:c9:15:e0:8b: 09:cc:80:e3:0f:9d:b5:ef:6f:b0:53:1e:00:d1:82: b1:43:c6:bb:46:a7:2c:60:29:43:da:39:40:62:fd: 65:68:6f:1a:9a:e8:30:60:8e:53:f3:61:a9:89:bc: 98:d8:f5:37:7c:7d:89:bf:c7:e0:0a:30:a1:91:3c: 3c:4c:7b:dc:84:6a:67:c8:5b:eb:0a:bf:39:1c:3c: dd:70:09:2e:39:3f:3e:8f:22:c2:22:ad:44:96:e5: 4a:97:2a:7b:01:19:e1:a0:68:32:a2:13:15:60:71: b7:ea:81:90:2a:72:3b:6e:b5:b7:cb:68:9e:c0:54: 41:0d:51:9d:71:50:96:9c:9c:20:ac:48:70:6b:be: 07:97:fb:25:e8:ac:cc:f0:88:b9:e9:88:ba:8c:8c: 96:31:ae:84:ca:af:5a:2f:e6:1c:4f:cf:3e:58:22: c8:82:13:71:d9:27:8c:fb:8e:78:af:b4:56:68:59: 1f:0e:6d:db:4d:4c:e8:cd:48:6f:51:46:23:b6:e9: 17:4b:c2:db:1a:3d:79:b5:8b:71:46:ad:a0:a4:ec: 93:30:e4:8f:93:59:1e:9b:2b:8f:5a:d3:fe:cd:a4: e8:87:73:14:56:e7:6e:a1:23:0b:89:62:61:ee:8e: 18:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:08:88:44:09:BD:60:0E:D9:30:1B:64:A6:C4:39:FC:D8:0E:A4:F5 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149690.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:1340::/48 Signature Algorithm: sha256WithRSAEncryption 43:a9:c9:e1:4e:3e:03:77:4a:70:e2:d6:3f:5b:44:01:57:c5: 03:9b:0c:83:61:5a:a4:a7:e7:72:e7:97:07:73:59:25:1a:8c: 51:c4:c1:4d:8e:f9:01:bf:0a:df:bc:9f:71:d5:d7:b0:72:ae: ec:88:a1:d8:65:e2:81:7d:11:8b:4f:c4:71:1d:35:c4:3b:98: 3d:4a:3b:2f:d2:37:59:32:0e:fa:4f:ff:b8:21:27:27:9b:5a: a5:52:cf:27:df:ec:6a:c8:d4:29:1c:97:9e:b5:fd:d3:09:ed: 7d:8d:71:a8:f4:e7:8a:17:38:33:4e:3b:a0:df:ce:6d:d1:e2: bc:42:e9:ad:4d:ab:29:70:5c:ef:8d:42:43:5b:58:b6:b8:b7: ad:f0:ee:e5:60:cf:dd:d1:53:00:93:85:02:cc:ac:29:c9:48: 1e:0f:2f:41:a5:5f:df:66:b6:05:3a:35:c9:a2:d1:63:09:68: 1c:87:d6:a7:14:bc:dd:1f:7f:f6:63:1b:cd:d4:de:72:a2:15: af:82:f1:73:49:08:7b:3d:ee:76:c5:4a:9b:a4:4d:90:e5:f6: 38:f9:59:c5:0e:ee:4b:dc:34:ba:a5:2d:ba:e5:d3:e5:ee:8d: 4e:38:b4:c3:4f:42:cf:40:ab:13:a2:57:98:3f:da:d5:10:ab: ab:21:e8:dd -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUVh4cFlTGdujlT812IVVNBViNr/4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDcwNDAzNTUwMFoX DTI0MDcwMjA0MDAwMFowMzExMC8GA1UEAxMoNTkwODg4NDQwOUJENjAwRUQ5MzAx QjY0QTZDNDM5RkNEODBFQTRGNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALm+DXnoySiGrnjJFeCLCcyA4w+dte9vsFMeANGCsUPGu0anLGApQ9o5QGL9 ZWhvGproMGCOU/NhqYm8mNj1N3x9ib/H4AowoZE8PEx73IRqZ8hb6wq/ORw83XAJ Ljk/Po8iwiKtRJblSpcqewEZ4aBoMqITFWBxt+qBkCpyO261t8tonsBUQQ1RnXFQ lpycIKxIcGu+B5f7JeiszPCIuemIuoyMljGuhMqvWi/mHE/PPlgiyIITcdknjPuO eK+0VmhZHw5t201M6M1Ib1FGI7bpF0vC2xo9ebWLcUatoKTskzDkj5NZHpsrj1rT /s2k6IdzFFbnbqEjC4liYe6OGAMCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBRZCIhE Cb1gDtkwG2SmxDn82A6k9TAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTY5MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfETQDANBgkqhkiG9w0BAQsFAAOCAQEAQ6nJ4U4+A3dKcOLW P1tEAVfFA5sMg2FapKfncueXB3NZJRqMUcTBTY75Ab8K37yfcdXXsHKu7Iih2GXi gX0Ri0/EcR01xDuYPUo7L9I3WTIO+k//uCEnJ5tapVLPJ9/sasjUKRyXnrX90wnt fY1xqPTnihc4M047oN/ObdHivELprU2rKXBc741CQ1tYtri3rfDu5WDP3dFTAJOF AsysKclIHg8vQaVf32a2BTo1yaLRYwloHIfWpxS83R9/9mMbzdTecqIVr4Lxc0kI ez3udsVKm6RNkOX2OPlZxQ7uS9w0uqUtuuXT5e6NTji0w09Cz0CrE6JXmD/a1RCr qyHo3Q== -----END CERTIFICATE-----Generated at Wed May 8 21:02:23 2024 by rpki-client on console-fra.rpki-client.org