$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149696.roa File: AS149696.roa (raw, json) Hash identifier: kr4RBVlP1OZG4hJxAUsjWF1jjcT9An6ZOvHcD6RuN5M= Subject key identifier: CA:15:C6:06:BF:64:71:23:28:17:1E:BF:F1:37:7A:27:D8:D5:88:40 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 0CA7FBEC10F95B97592ADD463087A4B1F20CC475 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149696.roa Signing time: Fri 10 May 2024 09:00:00 +0000 ROA not before: Fri 10 May 2024 08:55:00 +0000 ROA not after: Fri 09 May 2025 09:00:00 +0000 asID: 149696 IP address blocks: 103.186.98.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:a7:fb:ec:10:f9:5b:97:59:2a:dd:46:30:87:a4:b1:f2:0c:c4:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 10 08:55:00 2024 GMT Not After : May 9 09:00:00 2025 GMT Subject: CN=CA15C606BF64712328171EBFF1377A27D8D58840 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:0d:bc:76:d4:df:9c:96:61:07:92:8a:51:dc: 58:f6:b3:25:7f:06:f0:a9:df:97:64:66:73:af:fb: 13:13:61:70:43:2b:c7:be:d6:48:9e:15:18:97:2f: e1:a8:d7:8c:a9:d3:f4:47:9a:0d:b5:b9:72:d9:d8: 67:da:01:22:06:5a:2f:a3:4b:fa:3d:14:7b:b9:d9: b1:3d:ff:53:bf:20:18:9b:f5:e4:f2:f5:10:cf:5b: b2:29:11:30:fb:57:79:0e:b8:fa:f4:6e:22:1f:dd: ff:cd:6c:87:6a:27:a8:4d:65:a5:2d:5b:f2:04:52: 08:a5:10:e1:6c:75:63:b6:bf:23:0c:88:c6:04:08: 04:e1:ea:9a:81:0e:6a:9c:db:0a:c2:14:34:29:2c: 04:8a:82:e5:01:05:0f:fe:7d:77:e4:84:de:a8:9b: 6e:cf:cc:e1:68:44:33:5c:0e:ab:e3:5d:2e:d0:6d: d9:05:ec:7d:17:b7:f6:54:e3:02:52:5a:ff:18:e5: 93:81:82:1b:50:63:0e:3c:67:24:23:55:92:ec:1d: 28:98:69:b1:90:f2:18:b7:f1:e1:42:20:25:6a:e2: e8:19:6f:38:08:63:1f:7a:77:00:64:36:84:89:56: 27:b3:a7:31:93:83:61:3f:a1:da:1d:6e:6f:53:a1: fe:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:15:C6:06:BF:64:71:23:28:17:1E:BF:F1:37:7A:27:D8:D5:88:40 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149696.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.186.98.0/23 Signature Algorithm: sha256WithRSAEncryption 75:5c:cf:5b:09:cf:54:36:0e:ba:34:4b:7c:c9:d8:5a:a6:f4: a7:c0:eb:82:52:9d:89:68:d3:7b:99:f3:83:d0:6b:1c:8f:25: 0c:1d:02:3f:17:97:96:05:d2:15:c5:98:27:99:22:95:86:80: c5:09:b1:5e:74:ee:aa:ed:c9:13:44:7d:86:39:91:83:0b:f7: dc:49:e2:62:47:d9:a3:94:7c:82:94:a8:4d:6e:5c:37:ca:17: cf:23:dc:d4:6a:c0:20:82:65:19:af:a1:09:11:49:d6:4c:81: 5f:19:2b:6c:60:cb:86:cc:f2:59:6d:6f:69:94:ef:34:54:78: aa:e3:62:16:8b:06:77:83:63:13:83:3f:ff:19:27:59:15:7c: cb:32:b2:96:5d:67:8b:50:ae:00:a6:cd:4c:5d:c1:75:a6:00: 0a:30:fd:a7:0f:60:7b:ad:90:d4:f6:4d:a1:59:a8:fe:27:13: 92:58:61:28:b3:a4:02:f3:ff:f5:47:1b:53:e1:5a:bb:7b:44: 4c:0a:6c:40:7b:99:d3:e5:a4:81:8a:1a:c8:cd:af:a6:2a:a4: c0:6a:65:8c:40:10:14:0f:5e:e7:c5:d2:67:78:41:b8:2b:9b: cb:33:34:c7:3f:45:e8:5b:a8:cf:d0:ce:6a:73:1d:a0:94:41: fa:a9:70:8a -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUDKf77BD5W5dZKt1GMIeksfIMxHUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDUxMDA4NTUwMFoX DTI1MDUwOTA5MDAwMFowMzExMC8GA1UEAxMoQ0ExNUM2MDZCRjY0NzEyMzI4MTcx RUJGRjEzNzdBMjdEOEQ1ODg0MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMoNvHbU35yWYQeSilHcWPazJX8G8Knfl2Rmc6/7ExNhcEMrx77WSJ4VGJcv 4ajXjKnT9EeaDbW5ctnYZ9oBIgZaL6NL+j0Ue7nZsT3/U78gGJv15PL1EM9bsikR MPtXeQ64+vRuIh/d/81sh2onqE1lpS1b8gRSCKUQ4Wx1Y7a/IwyIxgQIBOHqmoEO apzbCsIUNCksBIqC5QEFD/59d+SE3qibbs/M4WhEM1wOq+NdLtBt2QXsfRe39lTj AlJa/xjlk4GCG1BjDjxnJCNVkuwdKJhpsZDyGLfx4UIgJWri6BlvOAhjH3p3AGQ2 hIlWJ7OnMZODYT+h2h1ub1Oh/kUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTKFcYG v2RxIygXHr/xN3on2NWIQDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTY5Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWe6YjANBgkqhkiG9w0BAQsFAAOCAQEAdVzPWwnPVDYOujRLfMnY Wqb0p8DrglKdiWjTe5nzg9BrHI8lDB0CPxeXlgXSFcWYJ5kilYaAxQmxXnTuqu3J E0R9hjmRgwv33EniYkfZo5R8gpSoTW5cN8oXzyPc1GrAIIJlGa+hCRFJ1kyBXxkr bGDLhszyWW1vaZTvNFR4quNiFosGd4NjE4M//xknWRV8yzKyll1ni1CuAKbNTF3B daYACjD9pw9ge62Q1PZNoVmo/icTklhhKLOkAvP/9UcbU+Fau3tETApsQHuZ0+Wk gYoayM2vpiqkwGpljEAQFA9e58XSZ3hBuCubyzM0xz9F6Fuoz9DOanMdoJRB+qlw ig== -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:26 2024 by rpki-client on console-fra.rpki-client.org