$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149697.roa File: AS149697.roa (raw, json) Hash identifier: S5ECg7Zw/+J3tfFMkh+JdVJa68QRCOmyIxML1mAV5l8= Subject key identifier: E2:91:F3:E0:3B:19:8B:8A:C8:51:0F:6C:C6:B1:76:50:31:50:E5:85 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2E73A89C88EB566A2628905F3EEF6EFD59F5FC43 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149697.roa Signing time: Fri 14 Jul 2023 03:20:18 +0000 ROA not before: Fri 14 Jul 2023 03:15:18 +0000 ROA not after: Fri 12 Jul 2024 03:20:18 +0000 asID: 149697 IP address blocks: 2401:f60::/32 maxlen: 48 2401:f60:1::/48 maxlen: 48 2401:f60:2::/48 maxlen: 48 2401:f60:92::/48 maxlen: 48 2401:f60:93::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 13:23:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:73:a8:9c:88:eb:56:6a:26:28:90:5f:3e:ef:6e:fd:59:f5:fc:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 14 03:15:18 2023 GMT Not After : Jul 12 03:20:18 2024 GMT Subject: CN=E291F3E03B198B8AC8510F6CC6B176503150E585 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:14:5c:ca:b7:2f:75:ef:63:86:f1:56:9e:43: 18:47:e7:09:de:29:7d:fd:6a:ef:cc:c3:cc:d6:68: 08:9c:8a:3a:e1:6a:c1:c5:63:15:6c:24:1a:2a:3e: bc:52:38:f5:d4:77:94:0c:11:09:26:59:b8:1b:15: e1:22:1a:39:9c:77:de:77:fa:b8:25:7e:e4:e1:99: a4:b2:5c:8d:0d:e9:f8:3d:b4:c2:06:f8:52:f4:ce: 5c:3c:e3:53:fd:8e:dd:e3:9c:30:8d:86:91:2d:ef: e7:ae:51:86:67:3f:05:1e:eb:ab:b5:07:04:71:90: 89:a9:fc:ec:08:54:09:95:aa:9e:c9:3c:85:22:9e: f0:e0:1c:c0:08:a3:1a:b9:3d:6f:d7:66:78:5e:78: b5:26:d9:56:42:30:cc:13:cf:a1:6b:7a:26:66:b2: af:5e:43:57:dc:c6:78:e0:14:6b:d5:0a:98:9d:85: 25:55:5e:02:5f:c1:9a:e7:fc:cf:a9:d6:25:d0:9b: 69:40:ae:9b:ec:51:8c:3a:7e:7b:cd:af:2b:fd:fe: cd:08:92:be:a6:54:1b:80:59:3d:50:ab:fc:a7:d0: dd:c0:94:d4:ca:0d:29:c2:b6:60:d3:53:34:c4:77: 52:b6:8e:eb:55:15:7a:84:0c:b2:e8:07:08:24:6f: 61:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:91:F3:E0:3B:19:8B:8A:C8:51:0F:6C:C6:B1:76:50:31:50:E5:85 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149697.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:f60::/32 Signature Algorithm: sha256WithRSAEncryption 7d:77:26:3b:7e:a8:db:ac:5a:5e:68:bf:03:77:39:0e:95:f5: 7c:1c:82:19:74:fe:10:9f:55:d0:f4:5b:32:1e:f4:25:e2:d8: b8:f1:72:a6:2c:59:02:b5:6f:48:5d:51:55:4a:7c:00:1f:c0: 45:9c:4c:82:f7:74:5b:f6:99:77:ac:de:f8:dc:5b:fd:71:51: d2:af:91:fb:0e:b8:0d:9c:77:60:c3:2d:53:3d:8b:76:37:08: 5d:ba:90:47:b5:09:8d:49:7e:40:11:4e:d6:55:16:4f:39:39: 92:94:d0:4d:33:10:80:a8:d5:fd:a5:9b:ac:54:a0:68:cd:55: 72:34:8a:7f:92:95:00:b8:f1:a6:28:c5:ec:97:8e:1d:86:ac: e2:4a:d9:9e:a9:b5:ee:a8:8a:42:0f:8e:8b:fa:2e:6c:44:de: 15:17:e1:73:ad:4d:4f:d2:dd:f8:86:6c:84:e4:d5:8a:ec:8f: e1:8f:41:65:65:42:0d:58:ea:89:9b:f6:ea:66:aa:c0:21:3d: 10:30:7e:ae:ae:c3:ca:a5:d8:c9:f6:44:c6:b8:a9:35:97:d3: 02:2e:d2:ff:c1:f7:d0:67:3f:95:82:36:ef:4d:85:a4:30:9e: 02:f5:10:f7:3d:05:92:d4:b6:0d:23:0e:3a:88:b9:df:35:1f: ef:3b:4f:85 -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIULnOonIjrVmomKJBfPu9u/Vn1/EMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDcxNDAzMTUxOFoX DTI0MDcxMjAzMjAxOFowMzExMC8GA1UEAxMoRTI5MUYzRTAzQjE5OEI4QUM4NTEw RjZDQzZCMTc2NTAzMTUwRTU4NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOgUXMq3L3XvY4bxVp5DGEfnCd4pff1q78zDzNZoCJyKOuFqwcVjFWwkGio+ vFI49dR3lAwRCSZZuBsV4SIaOZx33nf6uCV+5OGZpLJcjQ3p+D20wgb4UvTOXDzj U/2O3eOcMI2GkS3v565Rhmc/BR7rq7UHBHGQian87AhUCZWqnsk8hSKe8OAcwAij Grk9b9dmeF54tSbZVkIwzBPPoWt6Jmayr15DV9zGeOAUa9UKmJ2FJVVeAl/Bmuf8 z6nWJdCbaUCum+xRjDp+e82vK/3+zQiSvqZUG4BZPVCr/KfQ3cCU1MoNKcK2YNNT NMR3UraO61UVeoQMsugHCCRvYYkCAwEAAaOCAdEwggHNMB0GA1UdDgQWBBTikfPg OxmLishRD2zGsXZQMVDlhTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTY5Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQBD2AwDQYJKoZIhvcNAQELBQADggEBAH13Jjt+qNusWl5ovwN3 OQ6V9Xwcghl0/hCfVdD0WzIe9CXi2LjxcqYsWQK1b0hdUVVKfAAfwEWcTIL3dFv2 mXes3vjcW/1xUdKvkfsOuA2cd2DDLVM9i3Y3CF26kEe1CY1JfkARTtZVFk85OZKU 0E0zEICo1f2lm6xUoGjNVXI0in+SlQC48aYoxeyXjh2GrOJK2Z6pte6oikIPjov6 LmxE3hUX4XOtTU/S3fiGbITk1Yrsj+GPQWVlQg1Y6omb9upmqsAhPRAwfq6uw8ql 2Mn2RMa4qTWX0wIu0v/B99BnP5WCNu9NhaQwngL1EPc9BZLUtg0jDjqIud81H+87 T4U= -----END CERTIFICATE-----Generated at Wed May 8 10:06:54 2024 by rpki-client on console-ams.rpki-client.org