$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149697.roa File: AS149697.roa (raw, json) Hash identifier: GkGr9NsvZRM1FsZQsoP4/4VRtD2tYnrox+XSGUhQF3k= Subject key identifier: 22:E4:9B:8B:7A:82:7D:BB:B9:75:55:5F:86:BD:67:BE:BA:69:38:B3 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2D59F3D5B82270E944CD7470CF2D3228010168CB Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149697.roa Signing time: Fri 16 May 2025 04:02:02 +0000 ROA not before: Fri 16 May 2025 03:57:02 +0000 ROA not after: Fri 15 May 2026 04:02:02 +0000 asID: 149697 IP address blocks: 2401:f60::/32 maxlen: 48 2401:f60:1::/48 maxlen: 48 2401:f60:2::/48 maxlen: 48 2401:f60:92::/48 maxlen: 48 2401:f60:93::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:41:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:59:f3:d5:b8:22:70:e9:44:cd:74:70:cf:2d:32:28:01:01:68:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 16 03:57:02 2025 GMT Not After : May 15 04:02:02 2026 GMT Subject: CN=22E49B8B7A827DBBB975555F86BD67BEBA6938B3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:8e:92:c5:31:f1:74:f2:a8:39:4e:d0:e5:17: 30:c3:92:92:94:66:e6:49:e7:03:8b:16:03:dd:5c: f6:fe:60:67:fe:83:32:ef:9a:b7:37:a1:68:01:31: ef:3e:fa:60:6a:af:a9:9b:9b:de:69:2d:6c:b4:c2: 9e:3e:df:f9:56:4d:e5:c9:ac:95:de:0e:c0:eb:8f: 2d:c3:d8:3c:62:dd:8e:86:70:3a:64:e4:78:8b:bc: 3b:ca:cc:86:98:fb:77:e4:61:79:56:7a:53:03:e3: ed:88:0e:fb:db:bd:ab:b8:bd:ab:00:2a:9e:20:f3: 9a:74:54:14:53:74:d6:77:d2:51:f6:9e:d5:ef:b1: 3c:91:61:8d:32:b6:a6:1d:1a:14:66:88:35:e3:6f: 68:84:56:dd:3b:54:3d:4d:d2:ff:d2:ba:a5:fb:ed: 0b:ed:be:94:46:3f:71:20:15:92:c6:93:3c:88:36: cc:ad:cf:c8:24:fd:96:bc:19:53:74:db:5f:5c:92: 9b:ba:f8:f5:61:26:d2:ea:1e:e9:b3:cf:93:89:a0: e6:9c:05:b8:d0:19:32:58:e0:5d:77:5f:0e:4b:6e: 69:78:ba:76:f8:17:28:c5:43:46:e4:70:bc:73:f0: 8f:c6:e0:c6:8f:f4:ca:08:9e:e6:01:fb:b0:8f:ac: cf:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:E4:9B:8B:7A:82:7D:BB:B9:75:55:5F:86:BD:67:BE:BA:69:38:B3 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149697.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:f60::/32 Signature Algorithm: sha256WithRSAEncryption 1a:2d:c9:25:01:9a:e0:67:65:70:5c:09:98:8c:1f:9e:b6:5a: ef:47:b6:56:b6:25:6d:59:1e:9c:c6:bc:5f:44:66:10:94:ca: a5:d3:37:f8:6a:e8:df:87:ec:26:e3:df:9b:e8:ee:2f:54:e7: df:b9:dc:b7:31:c4:cb:8d:a0:db:49:6d:66:15:2c:24:f7:91: 1b:24:0f:01:44:36:ef:aa:60:f5:7e:b1:a6:92:f2:99:67:a4: fc:ab:62:02:28:15:11:2c:ec:f2:3a:90:8f:b4:ce:89:ad:0d: d1:76:8c:1f:86:ac:71:1d:1c:d8:8e:c4:f7:62:62:9e:2d:c3: e5:17:c9:8d:cf:20:7f:bc:af:2c:41:c2:54:f4:db:7b:15:cc: 07:0f:c6:60:af:9c:67:ae:cf:1b:b0:cc:ce:e6:ab:74:86:6b: ff:66:48:09:0e:73:29:5a:7d:2a:f5:eb:49:2a:13:d2:4d:30: 12:ed:44:3c:4f:5d:c0:56:1d:aa:1b:cf:14:f0:9a:10:c0:3e: 4d:8f:23:f1:ef:62:cb:74:50:10:6e:8b:77:fd:f4:7f:70:44: 1f:0b:6c:df:1e:ce:87:3a:cc:08:7e:3b:28:35:28:3c:92:6a: 08:04:0b:23:16:34:4d:2d:48:c6:2f:32:8d:c7:cb:81:8f:57: a6:36:b5:ca -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIULVnz1bgicOlEzXRwzy0yKAEBaMswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUxNjAzNTcwMloX DTI2MDUxNTA0MDIwMlowMzExMC8GA1UEAxMoMjJFNDlCOEI3QTgyN0RCQkI5NzU1 NTVGODZCRDY3QkVCQTY5MzhCMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANKOksUx8XTyqDlO0OUXMMOSkpRm5knnA4sWA91c9v5gZ/6DMu+atzehaAEx 7z76YGqvqZub3mktbLTCnj7f+VZN5cmsld4OwOuPLcPYPGLdjoZwOmTkeIu8O8rM hpj7d+RheVZ6UwPj7YgO+9u9q7i9qwAqniDzmnRUFFN01nfSUfae1e+xPJFhjTK2 ph0aFGaINeNvaIRW3TtUPU3S/9K6pfvtC+2+lEY/cSAVksaTPIg2zK3PyCT9lrwZ U3TbX1ySm7r49WEm0uoe6bPPk4mg5pwFuNAZMljgXXdfDktuaXi6dvgXKMVDRuRw vHPwj8bgxo/0ygie5gH7sI+sz3kCAwEAAaOCAdEwggHNMB0GA1UdDgQWBBQi5JuL eoJ9u7l1VV+GvWe+umk4szAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTY5Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQBD2AwDQYJKoZIhvcNAQELBQADggEBABotySUBmuBnZXBcCZiM H562Wu9Htla2JW1ZHpzGvF9EZhCUyqXTN/hq6N+H7Cbj35vo7i9U59+53LcxxMuN oNtJbWYVLCT3kRskDwFENu+qYPV+saaS8plnpPyrYgIoFREs7PI6kI+0zomtDdF2 jB+GrHEdHNiOxPdiYp4tw+UXyY3PIH+8ryxBwlT023sVzAcPxmCvnGeuzxuwzM7m q3SGa/9mSAkOcylafSr160kqE9JNMBLtRDxPXcBWHaobzxTwmhDAPk2PI/HvYst0 UBBui3f99H9wRB8LbN8ezoc6zAh+Oyg1KDySaggECyMWNE0tSMYvMo3Hy4GPV6Y2 tco= -----END CERTIFICATE-----Generated at Tue Jun 3 23:10:12 2025 by rpki-client