$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149696.roa File: AS149696.roa (raw, json) Hash identifier: EDI1T67IWjSyheFMiFSdM407BIe4t6Dkic/2dp6gxcM= Subject key identifier: FD:6B:E8:2B:0B:D8:89:15:62:5C:E4:58:31:0D:A9:EB:4E:59:43:1A Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4606E104D55EF8FC0A96F990CEDA68041D2D7E14 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149696.roa Signing time: Fri 09 Jun 2023 09:00:00 +0000 ROA not before: Fri 09 Jun 2023 08:55:00 +0000 ROA not after: Fri 07 Jun 2024 09:00:00 +0000 asID: 149696 IP address blocks: 103.186.98.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 17:47:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:06:e1:04:d5:5e:f8:fc:0a:96:f9:90:ce:da:68:04:1d:2d:7e:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 9 08:55:00 2023 GMT Not After : Jun 7 09:00:00 2024 GMT Subject: CN=FD6BE82B0BD88915625CE458310DA9EB4E59431A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:da:c8:28:b0:23:ab:76:eb:7f:e0:7a:c1:f0: ea:ee:72:83:8b:74:84:ae:57:6e:07:de:2f:60:17: a4:bc:7a:3f:41:67:bf:d5:73:ed:38:df:0e:19:8a: a8:a7:35:8a:a8:71:ae:a3:6e:92:d9:a9:e5:e6:20: 08:0a:40:f2:c7:19:c7:6a:54:2e:78:e4:b5:c1:75: c2:c8:91:8f:cd:6b:e7:65:fb:ca:8a:b8:7d:ae:aa: 85:97:0d:e2:10:d0:01:2c:c3:8e:2c:a1:ca:6c:d2: 94:3a:19:62:bf:a2:e5:6c:1d:30:40:cc:14:1e:2e: 1d:eb:1d:3c:24:ce:ed:51:b0:c9:53:31:e8:74:c7: a6:7c:8b:59:35:db:65:a5:7f:36:59:5c:1b:c1:36: 52:11:3e:f5:49:de:f9:7e:e5:d1:e3:e0:6c:0e:68: f1:b1:40:d0:ec:90:68:fc:c3:a9:bd:8e:be:56:3c: 96:a7:71:17:dd:f3:b0:21:91:61:62:03:25:be:e5: 85:ae:18:60:c5:2a:5e:e3:b7:b8:f2:39:79:03:d6: 0d:f0:c1:17:ba:e3:00:0d:94:56:fd:ab:77:2e:45: dd:28:af:4c:09:63:ac:9b:71:90:31:49:40:a5:10: 4b:0e:5a:1c:0e:01:7f:e9:93:b6:29:6b:42:e7:ac: 62:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:6B:E8:2B:0B:D8:89:15:62:5C:E4:58:31:0D:A9:EB:4E:59:43:1A X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149696.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.186.98.0/23 Signature Algorithm: sha256WithRSAEncryption 28:bc:a2:52:f3:97:0c:9a:f1:78:76:e4:9e:a0:21:cc:23:ba: 3a:06:ba:37:c7:5e:d0:21:f9:fb:e8:45:7a:b2:3e:3d:69:2b: 68:15:ab:4d:2e:6f:9a:1a:52:b7:18:f1:24:ff:db:ec:34:9f: b4:8b:68:80:03:76:b4:f2:e2:64:58:a6:ff:42:f4:65:e7:30: 78:6c:cb:db:8f:c6:c3:d6:1f:a9:d1:ee:69:e7:40:30:63:93: 89:f4:11:fe:0f:d5:56:13:6f:ab:4f:db:07:6d:f4:27:4d:48: a8:bf:dd:1b:2a:31:b5:db:99:2c:de:c8:ed:fc:04:55:16:d4: c8:7f:cf:a0:ec:1e:d5:ed:79:4b:d5:36:4a:d6:65:c1:d9:ea: 5b:e5:2d:88:1c:61:e5:f2:c2:37:cc:84:da:60:72:c3:dc:c7: b2:00:03:81:ff:5f:f4:5e:04:37:43:52:3c:39:43:5a:e5:e6: 0f:c4:42:f0:03:1a:80:ac:42:f1:fa:16:d6:17:2f:9b:27:64: c5:e8:72:29:e9:cd:09:b4:65:c1:9c:6f:87:f8:aa:60:fb:e0: 21:d2:c2:7c:44:4c:cc:55:3a:0a:7c:86:4a:f1:3c:cc:1a:b2: 75:b3:a7:e1:7a:28:d1:c7:2d:0d:41:d0:ce:dc:41:d9:e9:2a: 5f:cc:1a:59 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIURgbhBNVe+PwKlvmQztpoBB0tfhQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDYwOTA4NTUwMFoX DTI0MDYwNzA5MDAwMFowMzExMC8GA1UEAxMoRkQ2QkU4MkIwQkQ4ODkxNTYyNUNF NDU4MzEwREE5RUI0RTU5NDMxQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN/ayCiwI6t263/gesHw6u5yg4t0hK5XbgfeL2AXpLx6P0Fnv9Vz7TjfDhmK qKc1iqhxrqNuktmp5eYgCApA8scZx2pULnjktcF1wsiRj81r52X7yoq4fa6qhZcN 4hDQASzDjiyhymzSlDoZYr+i5WwdMEDMFB4uHesdPCTO7VGwyVMx6HTHpnyLWTXb ZaV/NllcG8E2UhE+9Une+X7l0ePgbA5o8bFA0OyQaPzDqb2OvlY8lqdxF93zsCGR YWIDJb7lha4YYMUqXuO3uPI5eQPWDfDBF7rjAA2UVv2rdy5F3SivTAljrJtxkDFJ QKUQSw5aHA4Bf+mTtilrQuesYrECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBT9a+gr C9iJFWJc5FgxDanrTllDGjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTY5Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWe6YjANBgkqhkiG9w0BAQsFAAOCAQEAKLyiUvOXDJrxeHbknqAh zCO6Oga6N8de0CH5++hFerI+PWkraBWrTS5vmhpStxjxJP/b7DSftItogAN2tPLi ZFim/0L0ZecweGzL24/Gw9YfqdHuaedAMGOTifQR/g/VVhNvq0/bB230J01IqL/d GyoxtduZLN7I7fwEVRbUyH/PoOwe1e15S9U2StZlwdnqW+UtiBxh5fLCN8yE2mBy w9zHsgADgf9f9F4EN0NSPDlDWuXmD8RC8AMagKxC8foW1hcvmydkxehyKenNCbRl wZxvh/iqYPvgIdLCfERMzFU6CnyGSvE8zBqydbOn4Xoo0cctDUHQztxB2ekqX8wa WQ== -----END CERTIFICATE-----Generated at Wed May 8 14:59:56 2024 by rpki-client on console-ams.rpki-client.org