$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149705.roa File: AS149705.roa (raw, json) Hash identifier: Pr6+mQ5769PS/g08hmqdmkA/xsGoCvrk6XCnRTPV0ME= Subject key identifier: C9:D3:DF:AF:22:0E:C4:15:A4:39:2B:A2:2C:DA:34:43:25:27:E1:68 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: CCAC9A1B533B392C2FEED2D10CC441047156F7 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149705.roa Signing time: Fri 04 Oct 2024 02:20:52 +0000 ROA not before: Fri 04 Oct 2024 02:15:52 +0000 ROA not after: Fri 03 Oct 2025 02:20:52 +0000 asID: 149705 IP address blocks: 2001:df2:1b40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: cc:ac:9a:1b:53:3b:39:2c:2f:ee:d2:d1:0c:c4:41:04:71:56:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Oct 4 02:15:52 2024 GMT Not After : Oct 3 02:20:52 2025 GMT Subject: CN=C9D3DFAF220EC415A4392BA22CDA34432527E168 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:e9:f1:d9:17:0b:cd:23:35:09:a8:39:5f:1e: 87:53:f1:9d:35:95:7f:6d:78:df:5d:34:74:72:ec: 51:9f:8b:bf:5d:fb:61:28:3f:91:eb:0c:63:92:69: 47:ce:5d:7b:ea:62:dc:e9:54:f9:8a:b8:52:39:98: a5:b1:21:1a:51:fa:d7:dd:a9:f4:83:93:ea:62:60: 5b:1a:8a:fd:53:ad:70:7f:64:20:d1:ae:62:f3:00: 72:e0:41:c7:4b:f8:ae:db:68:e4:ac:8b:b5:e2:e5: b8:39:f7:ac:60:b8:14:db:be:0c:81:4f:cf:61:70: a2:e2:9b:0d:b4:d1:f9:9b:fb:2d:f8:22:56:bc:ea: 18:e7:97:59:8c:12:a5:63:93:1a:1c:5e:a9:14:b7: 28:2c:d1:91:3f:e5:6c:dc:03:27:87:aa:65:f8:27: c9:12:07:87:61:1a:5a:42:89:7f:87:c8:ae:58:de: 59:47:5c:22:be:a2:8d:91:86:77:15:3b:e2:3c:1f: 8e:95:95:d8:40:f1:b4:19:52:97:2c:94:b9:40:fd: e0:6b:92:05:07:9b:4e:a8:3b:7c:ce:5b:40:4a:2b: 44:66:b9:9e:bc:fa:c0:9a:37:7a:f8:4a:23:1c:19: e7:d4:de:85:66:cd:a6:f1:3d:6a:14:2c:33:d6:c8: 00:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:D3:DF:AF:22:0E:C4:15:A4:39:2B:A2:2C:DA:34:43:25:27:E1:68 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149705.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:1b40::/48 Signature Algorithm: sha256WithRSAEncryption 21:40:21:79:85:e2:7f:48:74:b6:ab:a8:ff:35:2f:87:e9:c3: e2:23:10:48:3e:da:07:b1:d4:69:41:53:a7:7a:3b:21:74:3f: 8a:2a:db:e3:90:d6:2e:57:8f:d3:8c:a9:b5:15:c0:c0:82:65: f0:6f:80:62:92:2f:f9:70:c7:24:57:8a:01:4b:f3:95:04:a4: 5c:61:b7:b9:62:20:68:2f:3c:b4:57:db:d7:42:69:bb:6a:4e: 8f:51:e1:a4:ae:1b:39:a4:df:bf:41:14:87:4e:e2:65:f9:4d: b4:a7:04:d9:a0:78:70:bb:8e:99:aa:6c:07:f3:08:4b:22:88: 11:27:3d:17:a9:e4:8c:4b:77:49:49:63:c0:df:90:04:91:a0: 19:91:cb:53:17:b8:72:10:4f:74:9b:48:af:63:96:35:13:ce: f3:09:f8:32:f2:c1:95:02:ec:d7:f0:b3:9a:7a:71:88:bd:70: 6f:fa:82:40:de:f3:58:0e:6f:a2:16:3b:e2:3f:d3:80:ca:c0: c2:3d:45:36:27:85:32:e1:b5:fc:64:52:9d:6a:c8:80:71:0c: fd:bc:d0:f8:5a:ba:6d:85:d5:8e:64:3e:9c:8d:1b:73:83:70: 91:ee:e5:55:10:b1:2b:74:4b:0e:8b:a2:47:20:41:77:e6:61: 9e:54:54:26 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUAMysmhtTOzksL+7S0QzEQQRxVvcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTAwNDAyMTU1MloX DTI1MTAwMzAyMjA1MlowMzExMC8GA1UEAxMoQzlEM0RGQUYyMjBFQzQxNUE0Mzky QkEyMkNEQTM0NDMyNTI3RTE2ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMHp8dkXC80jNQmoOV8eh1PxnTWVf2143100dHLsUZ+Lv137YSg/kesMY5Jp R85de+pi3OlU+Yq4UjmYpbEhGlH6192p9IOT6mJgWxqK/VOtcH9kINGuYvMAcuBB x0v4rtto5KyLteLluDn3rGC4FNu+DIFPz2FwouKbDbTR+Zv7LfgiVrzqGOeXWYwS pWOTGhxeqRS3KCzRkT/lbNwDJ4eqZfgnyRIHh2EaWkKJf4fIrljeWUdcIr6ijZGG dxU74jwfjpWV2EDxtBlSlyyUuUD94GuSBQebTqg7fM5bQEorRGa5nrz6wJo3evhK IxwZ59TehWbNpvE9ahQsM9bIAKcCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBTJ09+v Ig7EFaQ5K6Is2jRDJSfhaDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTcwNS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfIbQDANBgkqhkiG9w0BAQsFAAOCAQEAIUAheYXif0h0tquo /zUvh+nD4iMQSD7aB7HUaUFTp3o7IXQ/iirb45DWLleP04yptRXAwIJl8G+AYpIv +XDHJFeKAUvzlQSkXGG3uWIgaC88tFfb10Jpu2pOj1HhpK4bOaTfv0EUh07iZflN tKcE2aB4cLuOmapsB/MISyKIESc9F6nkjEt3SUljwN+QBJGgGZHLUxe4chBPdJtI r2OWNRPO8wn4MvLBlQLs1/CzmnpxiL1wb/qCQN7zWA5vohY74j/TgMrAwj1FNieF MuG1/GRSnWrIgHEM/bzQ+Fq6bYXVjmQ+nI0bc4Nwke7lVRCxK3RLDouiRyBBd+Zh nlRUJg== -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:26 2024 by rpki-client on console-fra.rpki-client.org