$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149715.roa File: AS149715.roa (raw, json) Hash identifier: ipt2I3PSUmb8j/kQnRQIRjRxtzjRibUQnQJH6PS1o0k= Subject key identifier: 21:B4:69:86:61:30:8D:5A:B8:88:DD:B6:A9:96:72:F6:A2:84:E0:8D Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 631F68DA61E633834E616A12CC8EF8C97B25A91E Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149715.roa Signing time: Thu 17 Aug 2023 05:00:00 +0000 ROA not before: Thu 17 Aug 2023 04:55:00 +0000 ROA not after: Thu 15 Aug 2024 05:00:00 +0000 asID: 149715 IP address blocks: 2001:df1:1140::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 10:29:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:1f:68:da:61:e6:33:83:4e:61:6a:12:cc:8e:f8:c9:7b:25:a9:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Aug 17 04:55:00 2023 GMT Not After : Aug 15 05:00:00 2024 GMT Subject: CN=21B4698661308D5AB888DDB6A99672F6A284E08D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:25:63:8f:12:61:9e:30:f0:24:63:58:d7:f7: 4e:4b:1e:47:61:dd:ce:96:6b:8c:42:68:e0:26:6d: 28:62:28:7f:58:83:09:2c:dc:d7:47:3c:b1:ac:4a: 72:6d:7e:a6:c6:35:ca:33:0c:8a:5f:11:c7:9e:18: 71:20:5f:15:80:1e:11:78:c0:40:15:11:9f:db:18: b5:fb:9d:26:8f:2d:fc:84:d9:8b:ad:5f:9f:e0:f7: 01:3f:4b:e3:5f:2d:4a:30:b0:ed:1e:1d:ae:9a:95: 65:e8:25:5c:96:8d:ba:30:81:3a:59:35:20:25:51: 17:1a:79:51:94:cf:a1:8c:f2:50:67:5d:1e:9d:16: 56:df:c6:00:de:5e:d3:a4:ae:7d:90:bf:7d:a8:e0: e0:38:32:2e:4b:64:9e:28:2a:82:6f:e7:09:b6:02: 35:06:d9:85:fe:22:1d:1c:04:72:81:6b:42:73:7b: 84:61:a7:6e:d8:4f:a5:9b:55:7a:2c:be:61:19:96: 41:90:29:80:4b:bb:e7:0c:38:09:e5:01:8f:5e:84: 8d:ed:e9:01:c7:63:c2:e7:71:3d:b4:82:46:da:0d: 1a:4b:d9:9e:7a:ad:c7:15:2a:7f:41:e1:61:be:f5: 37:f2:ed:24:8b:e4:ef:b7:e2:57:c8:2a:1e:71:27: e6:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:B4:69:86:61:30:8D:5A:B8:88:DD:B6:A9:96:72:F6:A2:84:E0:8D X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149715.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:1140::/48 Signature Algorithm: sha256WithRSAEncryption 2d:ca:b4:f0:e1:0d:84:9c:6d:4a:34:63:81:36:b2:19:9e:7d: aa:09:00:c3:a1:42:41:45:26:8f:c9:eb:4b:87:49:1e:97:f7: de:88:04:bb:0d:99:d4:49:8e:f9:2f:6f:d7:41:2f:de:77:3f: d2:e4:3f:22:e3:42:80:65:cf:0f:aa:b1:e4:db:49:41:1b:1f: c0:96:fd:b3:8b:af:9e:ed:35:81:91:4d:03:40:86:e2:1d:14: af:b1:75:3d:02:fc:12:cc:47:e0:71:62:f1:ac:c1:93:78:26: bd:88:6f:0b:2b:00:1e:b6:98:d7:9b:f3:3a:7c:ca:84:af:66: fc:7e:32:27:b2:40:c1:cb:86:ff:89:89:f2:11:0c:21:24:cf: d8:d7:d7:62:94:19:a1:b0:eb:46:6e:c1:68:f7:52:60:2a:46: 33:d1:4e:5e:a8:fc:51:43:cf:4c:3e:09:f9:2e:98:d2:31:fb: ee:87:3d:9c:79:42:76:85:ae:97:7b:c0:77:6b:88:82:b2:77: 4c:02:fe:64:38:98:a7:83:71:44:43:37:49:9a:c5:d6:9b:79: a9:4d:8f:19:a1:5f:5c:76:d1:49:ec:bc:18:ce:00:6a:f8:7c: 88:d8:37:f2:9a:b3:8c:5a:e7:2a:8b:40:68:d8:c5:de:07:f1: f1:fa:8e:ee -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUYx9o2mHmM4NOYWoSzI74yXslqR4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDgxNzA0NTUwMFoX DTI0MDgxNTA1MDAwMFowMzExMC8GA1UEAxMoMjFCNDY5ODY2MTMwOEQ1QUI4ODhE REI2QTk5NjcyRjZBMjg0RTA4RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMQlY48SYZ4w8CRjWNf3TkseR2HdzpZrjEJo4CZtKGIof1iDCSzc10c8saxK cm1+psY1yjMMil8Rx54YcSBfFYAeEXjAQBURn9sYtfudJo8t/ITZi61fn+D3AT9L 418tSjCw7R4drpqVZeglXJaNujCBOlk1ICVRFxp5UZTPoYzyUGddHp0WVt/GAN5e 06SufZC/fajg4DgyLktknigqgm/nCbYCNQbZhf4iHRwEcoFrQnN7hGGnbthPpZtV eiy+YRmWQZApgEu75ww4CeUBj16Eje3pAcdjwudxPbSCRtoNGkvZnnqtxxUqf0Hh Yb71N/LtJIvk77fiV8gqHnEn5ucCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQhtGmG YTCNWriI3baplnL2ooTgjTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTcxNS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfERQDANBgkqhkiG9w0BAQsFAAOCAQEALcq08OENhJxtSjRj gTayGZ59qgkAw6FCQUUmj8nrS4dJHpf33ogEuw2Z1EmO+S9v10Ev3nc/0uQ/IuNC gGXPD6qx5NtJQRsfwJb9s4uvnu01gZFNA0CG4h0Ur7F1PQL8EsxH4HFi8azBk3gm vYhvCysAHraY15vzOnzKhK9m/H4yJ7JAwcuG/4mJ8hEMISTP2NfXYpQZobDrRm7B aPdSYCpGM9FOXqj8UUPPTD4J+S6Y0jH77oc9nHlCdoWul3vAd2uIgrJ3TAL+ZDiY p4NxREM3SZrF1pt5qU2PGaFfXHbRSey8GM4Aavh8iNg38pqzjFrnKotAaNjF3gfx 8fqO7g== -----END CERTIFICATE-----Generated at Wed May 8 04:37:57 2024 by rpki-client on console-fra.rpki-client.org