$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149749.roa File: AS149749.roa (raw, json) Hash identifier: F+r64++l8kGXpZybLBJUxXbHm6ESoYwLt9qL/zjmsGA= Subject key identifier: 37:A1:A7:B6:DE:FA:B9:3F:D5:21:88:F8:40:76:23:1D:37:05:53:AD Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 0B435E049F3803707526F0152F93B170088ECB41 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149749.roa Signing time: Mon 19 Feb 2024 03:18:42 +0000 ROA not before: Mon 19 Feb 2024 03:13:42 +0000 ROA not after: Mon 17 Feb 2025 03:18:42 +0000 asID: 149749 IP address blocks: 2001:df0:d540::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 18:02:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:43:5e:04:9f:38:03:70:75:26:f0:15:2f:93:b1:70:08:8e:cb:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Feb 19 03:13:42 2024 GMT Not After : Feb 17 03:18:42 2025 GMT Subject: CN=37A1A7B6DEFAB93FD52188F84076231D370553AD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:5d:9f:7a:0d:ba:fb:aa:47:32:0e:b9:c5:a1: 2b:e0:03:95:38:c5:eb:f4:3d:d5:c4:80:19:ce:6f: 60:2d:cd:b3:9f:1e:04:f8:ba:3c:b1:ee:21:ae:97: 69:74:bb:af:3f:7e:a3:b0:a8:2a:b2:90:fb:e6:6a: 73:6e:f3:7b:b9:91:15:34:f7:61:08:c5:a2:c0:d7: d4:45:38:e7:b6:34:5b:05:0d:c6:f6:37:93:6c:ac: 20:31:09:a1:bf:3c:d4:a2:ba:2e:bf:6c:3a:7e:c1: e3:ca:c2:7a:fc:3e:08:ee:b8:d0:2d:59:26:36:d7: e4:00:27:39:0d:12:9a:81:05:7e:7e:6b:12:d6:57: dc:50:cc:0c:fb:29:fe:0c:c8:7f:4d:3d:72:4b:89: 09:e6:3d:03:69:96:e6:c4:b4:06:27:86:c1:95:7f: 64:11:ac:d7:5e:c5:3b:13:f2:6b:5e:2f:3a:91:9f: 9b:fd:c3:75:53:b1:c6:1b:b6:02:1d:6e:81:1d:05: 8e:71:4f:f3:9b:5e:2d:f2:a0:87:d8:28:a3:a6:f6: c7:cc:bd:4d:47:a3:da:6b:85:d4:f8:3f:8a:bd:e9: 95:ee:09:11:7a:9b:ef:20:3f:d6:c8:ce:95:95:ba: b0:d8:3b:92:73:68:10:5b:cc:9f:16:cb:fa:eb:17: 51:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:A1:A7:B6:DE:FA:B9:3F:D5:21:88:F8:40:76:23:1D:37:05:53:AD X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149749.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df0:d540::/48 Signature Algorithm: sha256WithRSAEncryption 8d:cd:eb:eb:6f:c2:2f:14:fd:eb:3f:13:01:75:fb:96:39:a6: b7:93:f0:5b:6b:0e:47:a5:99:8c:26:67:02:f3:c8:82:fc:17: 7d:6b:e2:ad:ac:6c:b6:07:4f:2f:0f:0c:d5:d0:c3:4c:16:12: 2d:b2:d5:b6:24:85:9a:39:16:18:19:b0:68:b9:0a:3c:bf:81: 57:39:22:5a:7b:26:fb:7d:ac:d6:ee:c1:e2:98:56:b0:ca:c7: dd:81:7f:a9:d4:49:b4:f2:56:9a:1c:35:89:60:5c:1d:4b:eb: 5e:69:e5:7d:7e:d5:99:bc:69:f5:61:51:31:67:e2:1c:57:96: dd:0b:a2:a2:d0:1c:96:da:1b:3e:d9:1a:8e:04:7c:2a:e0:52: 03:95:a8:5b:0d:7e:bb:4c:25:6f:84:8b:2e:00:47:6f:bf:d3: 8d:cb:1c:87:e3:8c:e3:1a:6e:2e:30:99:cf:9b:cd:80:f4:b9: ba:ec:0b:d9:81:c3:67:88:34:d3:7d:ea:92:c5:ad:48:2a:58: d6:6d:10:64:85:3c:0a:82:f2:26:ed:f3:65:9f:42:2d:cc:58: e2:7d:33:e6:19:9e:b5:31:b2:cd:15:7e:70:cd:14:c6:00:ff: 8c:85:ce:f3:89:ca:b6:02:b0:03:ea:e4:93:98:9d:3b:7e:9b: 84:64:df:75 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUC0NeBJ84A3B1JvAVL5OxcAiOy0EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDIxOTAzMTM0MloX DTI1MDIxNzAzMTg0MlowMzExMC8GA1UEAxMoMzdBMUE3QjZERUZBQjkzRkQ1MjE4 OEY4NDA3NjIzMUQzNzA1NTNBRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALxdn3oNuvuqRzIOucWhK+ADlTjF6/Q91cSAGc5vYC3Ns58eBPi6PLHuIa6X aXS7rz9+o7CoKrKQ++Zqc27ze7mRFTT3YQjFosDX1EU457Y0WwUNxvY3k2ysIDEJ ob881KK6Lr9sOn7B48rCevw+CO640C1ZJjbX5AAnOQ0SmoEFfn5rEtZX3FDMDPsp /gzIf009ckuJCeY9A2mW5sS0BieGwZV/ZBGs117FOxPya14vOpGfm/3DdVOxxhu2 Ah1ugR0FjnFP85teLfKgh9goo6b2x8y9TUej2muF1Pg/ir3ple4JEXqb7yA/1sjO lZW6sNg7knNoEFvMnxbL+usXUSkCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQ3oae2 3vq5P9UhiPhAdiMdNwVTrTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTc0OS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfDVQDANBgkqhkiG9w0BAQsFAAOCAQEAjc3r62/CLxT96z8T AXX7ljmmt5PwW2sOR6WZjCZnAvPIgvwXfWviraxstgdPLw8M1dDDTBYSLbLVtiSF mjkWGBmwaLkKPL+BVzkiWnsm+32s1u7B4phWsMrH3YF/qdRJtPJWmhw1iWBcHUvr XmnlfX7Vmbxp9WFRMWfiHFeW3QuiotAcltobPtkajgR8KuBSA5WoWw1+u0wlb4SL LgBHb7/Tjcsch+OM4xpuLjCZz5vNgPS5uuwL2YHDZ4g0033qksWtSCpY1m0QZIU8 CoLyJu3zZZ9CLcxY4n0z5hmetTGyzRV+cM0UxgD/jIXO84nKtgKwA+rkk5idO36b hGTfdQ== -----END CERTIFICATE-----Generated at Wed May 8 17:45:23 2024 by rpki-client on console-ams.rpki-client.org