$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149707.roa File: AS149707.roa (raw, json) Hash identifier: yjFNMmsDk+Y50i8eSPAuc78+PhvWv/6BHZF+D4Iefdk= Subject key identifier: FA:3D:39:65:55:1C:D0:E1:0C:8F:38:E3:15:99:9D:BF:60:88:D0:53 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 29D9989C95416A1825D2B3DD348B2C66E0A64B99 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149707.roa Signing time: Mon 22 Jul 2024 04:00:00 +0000 ROA not before: Mon 22 Jul 2024 03:55:00 +0000 ROA not after: Mon 21 Jul 2025 04:00:00 +0000 asID: 149707 IP address blocks: 2001:df1:ee40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:d9:98:9c:95:41:6a:18:25:d2:b3:dd:34:8b:2c:66:e0:a6:4b:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 22 03:55:00 2024 GMT Not After : Jul 21 04:00:00 2025 GMT Subject: CN=FA3D3965551CD0E10C8F38E315999DBF6088D053 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:2f:b5:b0:24:6d:ac:95:11:5c:d1:ff:9a:51: 9e:c4:d8:90:bc:f9:22:5e:d5:2b:45:e5:e5:9b:aa: bf:f8:2a:5c:62:82:22:bb:aa:c3:7f:64:e4:a7:52: 64:77:01:62:cc:e7:92:e7:70:a1:a1:d8:ea:51:1a: d0:3c:73:cb:b3:5f:e7:f5:bf:13:62:95:ce:e4:03: d8:0a:51:2b:56:0a:62:a8:a4:fd:14:03:60:41:28: d0:cb:cf:44:a0:f9:85:e2:9d:03:87:47:dd:72:d3: e9:f9:f0:c7:b6:11:86:d2:84:da:3a:2b:6a:32:b6: c7:84:80:46:af:d3:03:d9:ae:74:e8:90:79:dc:df: 31:d0:87:53:cf:71:fb:1f:e3:45:d0:23:c5:2a:82: 02:9e:0d:be:24:05:e5:28:1f:8e:cd:73:c2:74:09: 56:71:4e:63:7e:fd:7d:0f:6b:3c:82:c7:56:5c:42: 23:23:35:70:4d:6f:68:58:18:d6:15:5c:f9:da:66: 14:a8:47:e2:6d:75:f1:c6:b9:f2:16:b4:af:e6:67: 4d:b5:fd:3a:61:76:e7:26:cf:8d:bc:55:04:10:d1: 63:cb:75:21:d3:30:0d:22:80:ac:9b:78:db:bf:75: d4:b0:69:df:65:60:52:25:d1:0a:b2:75:8a:cd:8f: 39:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:3D:39:65:55:1C:D0:E1:0C:8F:38:E3:15:99:9D:BF:60:88:D0:53 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149707.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:ee40::/48 Signature Algorithm: sha256WithRSAEncryption 30:50:ad:ae:2e:af:c3:2d:38:76:dc:2e:fc:5a:79:fe:49:d9: 21:da:77:8a:4d:f9:0d:19:8c:c3:47:65:13:1b:b1:ed:b4:d5: 46:37:e4:0e:aa:61:8a:cc:a2:eb:7b:d4:55:0b:2e:19:58:f4: ac:2b:6e:2a:75:ab:e9:89:10:5e:05:d3:7f:14:d7:ae:82:0d: 2c:ec:2e:49:08:4f:d2:12:42:f9:31:d4:d2:4e:ec:4b:0b:22: cb:81:39:f8:1d:36:25:84:10:50:9c:72:a9:82:46:62:d9:e7: d4:45:b9:43:1c:fc:94:80:08:c4:04:5c:d9:3a:c4:40:d4:a6: 23:c1:24:15:5a:46:8a:33:04:a4:8f:b9:18:c0:ec:b6:a6:c9: a1:30:a3:18:a2:a4:4a:c8:a4:a6:e4:71:16:7e:ae:7b:dd:13: 16:70:7f:1e:92:9c:26:4c:56:40:71:7e:68:3b:f4:ad:be:83: be:c1:c9:d2:ed:67:ab:50:2c:f6:a8:05:98:11:7f:b1:0d:82: 75:03:45:46:29:80:dd:7f:a4:09:e5:4f:00:82:62:c0:8b:6d: c7:03:d9:29:f7:08:d8:88:cc:ac:8f:e8:9e:30:26:b2:63:7e: e3:8b:90:f8:a5:8e:91:8a:e5:fe:e5:77:95:96:e9:c8:28:ab: 5a:f7:29:57 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUKdmYnJVBahgl0rPdNIssZuCmS5kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDcyMjAzNTUwMFoX DTI1MDcyMTA0MDAwMFowMzExMC8GA1UEAxMoRkEzRDM5NjU1NTFDRDBFMTBDOEYz OEUzMTU5OTlEQkY2MDg4RDA1MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOIvtbAkbayVEVzR/5pRnsTYkLz5Il7VK0Xl5Zuqv/gqXGKCIruqw39k5KdS ZHcBYsznkudwoaHY6lEa0Dxzy7Nf5/W/E2KVzuQD2ApRK1YKYqik/RQDYEEo0MvP RKD5heKdA4dH3XLT6fnwx7YRhtKE2jorajK2x4SARq/TA9mudOiQedzfMdCHU89x +x/jRdAjxSqCAp4NviQF5Sgfjs1zwnQJVnFOY379fQ9rPILHVlxCIyM1cE1vaFgY 1hVc+dpmFKhH4m118ca58ha0r+ZnTbX9OmF25ybPjbxVBBDRY8t1IdMwDSKArJt4 27911LBp32VgUiXRCrJ1is2POeUCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBT6PTll VRzQ4QyPOOMVmZ2/YIjQUzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTcwNy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfHuQDANBgkqhkiG9w0BAQsFAAOCAQEAMFCtri6vwy04dtwu /Fp5/knZIdp3ik35DRmMw0dlExux7bTVRjfkDqphisyi63vUVQsuGVj0rCtuKnWr 6YkQXgXTfxTXroINLOwuSQhP0hJC+THU0k7sSwsiy4E5+B02JYQQUJxyqYJGYtnn 1EW5Qxz8lIAIxARc2TrEQNSmI8EkFVpGijMEpI+5GMDstqbJoTCjGKKkSsikpuRx Fn6ue90TFnB/HpKcJkxWQHF+aDv0rb6DvsHJ0u1nq1As9qgFmBF/sQ2CdQNFRimA 3X+kCeVPAIJiwIttxwPZKfcI2IjMrI/onjAmsmN+44uQ+KWOkYrl/uV3lZbpyCir WvcpVw== -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:48 2024 by rpki-client on console-ams.rpki-client.org