$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149749.roa File: AS149749.roa (raw, json) Hash identifier: AWcfEOW0huRa9zL7hzruC1/2dAtcs7NP0/698/1ENqM= Subject key identifier: 4D:1A:4E:9B:A6:6C:BE:3A:48:4F:81:D5:09:26:89:80:0B:8A:76:DC Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2D3F347C3AA698DA25FD9D765B9A092946D9BC61 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149749.roa Signing time: Mon 20 Jan 2025 04:00:00 +0000 ROA not before: Mon 20 Jan 2025 03:55:00 +0000 ROA not after: Mon 19 Jan 2026 04:00:00 +0000 asID: 149749 IP address blocks: 2001:df0:d540::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:3f:34:7c:3a:a6:98:da:25:fd:9d:76:5b:9a:09:29:46:d9:bc:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Jan 20 03:55:00 2025 GMT Not After : Jan 19 04:00:00 2026 GMT Subject: CN=4D1A4E9BA66CBE3A484F81D5092689800B8A76DC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:50:b2:4c:04:34:5c:7c:22:45:36:86:f1:bf: bd:db:31:5e:fc:cd:ae:51:7c:a1:98:06:3f:74:94: 46:14:f3:7a:fe:f8:17:72:df:14:8b:56:8f:b1:b6: b0:7e:3c:60:3c:78:83:c3:5a:c2:42:45:13:87:20: 1a:ac:2d:8a:13:02:91:22:1e:e7:ff:3c:cb:a0:e6: f0:72:2c:6e:e5:15:59:7d:b7:2d:df:84:e0:d8:33: fb:93:b2:07:c2:0d:8f:15:ca:05:e8:cf:e7:63:67: c3:87:98:9f:c2:66:99:2f:68:cc:b6:a1:43:3e:22: 1e:43:a7:d1:6a:05:2d:af:e6:91:37:03:36:45:2d: 74:33:b7:83:a7:07:1d:52:b2:9b:41:42:3e:78:6e: 50:cd:a8:f3:8b:78:2c:6a:01:6e:48:f8:02:6f:b9: 4f:91:97:d7:69:72:49:09:b8:6f:47:b3:bd:0f:29: 3c:25:2d:71:c1:24:33:2f:cc:e3:3f:f5:7e:9a:f8: af:3f:82:09:25:b5:8d:2c:99:0c:d2:a8:82:3b:6b: b9:5b:a0:9a:21:83:ec:7c:fc:99:9e:1d:84:bf:e2: 2c:24:f8:a5:90:5c:bb:b8:0f:52:3c:9b:d5:dc:33: 33:e3:05:a7:a0:87:b9:b3:97:f9:d0:55:3b:fc:de: 6d:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:1A:4E:9B:A6:6C:BE:3A:48:4F:81:D5:09:26:89:80:0B:8A:76:DC X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149749.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df0:d540::/48 Signature Algorithm: sha256WithRSAEncryption 06:d7:dd:df:17:96:0d:4b:d3:57:8d:92:b8:64:76:85:18:db: ef:fe:e3:81:67:bd:0c:9f:df:03:5a:6d:64:98:20:01:73:ac: 4f:a7:49:f2:35:d8:8f:6c:c5:cf:7f:bd:31:d6:48:ad:54:71: 84:03:3a:05:7c:ac:14:39:a8:ae:77:95:35:f9:9f:67:b5:e7: 0c:ce:a8:64:3d:33:35:8f:d6:30:01:7d:71:c2:1e:92:56:ac: aa:76:7b:38:54:42:75:cb:0f:31:25:87:1e:92:9d:c7:88:7f: ad:a4:a5:5f:a1:ed:8a:ec:1e:39:86:5c:18:36:70:6d:61:42: f4:74:fa:4e:1d:54:35:a7:55:5a:d1:9e:58:fd:57:a3:f4:82: 39:e4:2c:a1:0f:ef:5c:65:cb:a2:56:bb:28:e9:19:ed:5a:46: 5d:63:a5:f2:ab:e7:73:d3:aa:8b:27:10:60:0a:58:18:65:10: 57:88:70:c1:84:94:88:73:43:d8:2c:d4:a8:53:45:11:7c:1b: 68:8d:d2:6c:a4:3b:67:82:6e:cc:a2:c1:1f:4c:63:ec:be:91: 1b:36:90:06:53:6a:8b:f3:81:b6:03:ef:3f:2d:00:42:ad:52: fc:8c:68:9b:89:c2:32:84:cf:8e:ae:bd:73:ed:c6:c5:33:70: e5:f0:b8:3e -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIULT80fDqmmNol/Z12W5oJKUbZvGEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDEyMDAzNTUwMFoX DTI2MDExOTA0MDAwMFowMzExMC8GA1UEAxMoNEQxQTRFOUJBNjZDQkUzQTQ4NEY4 MUQ1MDkyNjg5ODAwQjhBNzZEQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJpQskwENFx8IkU2hvG/vdsxXvzNrlF8oZgGP3SURhTzev74F3LfFItWj7G2 sH48YDx4g8NawkJFE4cgGqwtihMCkSIe5/88y6Dm8HIsbuUVWX23Ld+E4Ngz+5Oy B8INjxXKBejP52Nnw4eYn8JmmS9ozLahQz4iHkOn0WoFLa/mkTcDNkUtdDO3g6cH HVKym0FCPnhuUM2o84t4LGoBbkj4Am+5T5GX12lySQm4b0ezvQ8pPCUtccEkMy/M 4z/1fpr4rz+CCSW1jSyZDNKogjtruVugmiGD7Hz8mZ4dhL/iLCT4pZBcu7gPUjyb 1dwzM+MFp6CHubOX+dBVO/zebZ0CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBRNGk6b pmy+OkhPgdUJJomAC4p23DAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTc0OS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfDVQDANBgkqhkiG9w0BAQsFAAOCAQEABtfd3xeWDUvTV42S uGR2hRjb7/7jgWe9DJ/fA1ptZJggAXOsT6dJ8jXYj2zFz3+9MdZIrVRxhAM6BXys FDmorneVNfmfZ7XnDM6oZD0zNY/WMAF9ccIeklasqnZ7OFRCdcsPMSWHHpKdx4h/ raSlX6HtiuweOYZcGDZwbWFC9HT6Th1UNadVWtGeWP1Xo/SCOeQsoQ/vXGXLola7 KOkZ7VpGXWOl8qvnc9OqiycQYApYGGUQV4hwwYSUiHND2CzUqFNFEXwbaI3SbKQ7 Z4JuzKLBH0xj7L6RGzaQBlNqi/OBtgPvPy0AQq1S/Ixom4nCMoTPjq69c+3GxTNw 5fC4Pg== -----END CERTIFICATE-----Generated at Sat Apr 5 06:22:38 2025 by rpki-client