$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149754.roa File: AS149754.roa (raw, json) Hash identifier: DZYQZGsiWD+OwX0E5lhUpjYTmBNK2abKyAgf+BshAnc= Subject key identifier: 4C:3F:47:15:1A:0A:70:51:1A:60:A6:61:AE:FC:80:3C:C7:7A:A0:36 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 27D0F28C6F730972ADF28BC6B4C19580F56E1D84 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149754.roa Signing time: Wed 26 Jun 2024 09:00:00 +0000 ROA not before: Wed 26 Jun 2024 08:55:00 +0000 ROA not after: Wed 25 Jun 2025 09:00:00 +0000 asID: 149754 IP address blocks: 103.246.168.0/24 maxlen: 24 2001:df1:9fc0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:d0:f2:8c:6f:73:09:72:ad:f2:8b:c6:b4:c1:95:80:f5:6e:1d:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 26 08:55:00 2024 GMT Not After : Jun 25 09:00:00 2025 GMT Subject: CN=4C3F47151A0A70511A60A661AEFC803CC77AA036 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:d9:17:f7:fc:49:fb:f2:cf:1c:65:8e:b9:23: af:54:27:f5:82:64:12:8d:e8:1b:01:ce:6f:5b:b0: 42:55:20:5d:3b:b8:2f:24:55:89:35:e5:35:ea:b9: be:fe:cb:b7:8a:50:b3:6b:84:09:d7:d2:9c:06:ce: 7e:41:0b:75:96:67:5b:be:21:cc:05:13:27:8a:a4: 3d:37:a4:bb:86:05:38:7a:31:26:68:e8:ea:d4:5d: f6:e5:61:fe:1d:27:df:46:bf:63:f6:8a:e5:9a:96: e5:27:03:fd:eb:54:69:93:6d:ec:55:ed:b2:ad:ae: 7f:52:70:5c:c4:c8:e0:01:0f:f7:d3:f0:71:81:be: df:d3:a0:4d:d2:d5:47:4d:93:45:c9:5d:f6:8f:a2: a8:2e:b3:20:bb:b1:09:9e:10:79:db:09:04:a8:bc: fd:27:55:e3:ff:e0:60:14:99:7b:c5:04:23:f0:32: b4:10:f3:0e:78:f0:4d:f4:dc:99:38:6d:06:5d:1d: d2:e5:3b:4c:c2:a2:2b:2d:a0:07:92:30:7e:31:14: 59:21:25:ef:2c:28:77:e2:6a:30:8e:90:82:51:02: 35:ec:6e:80:1b:6f:af:ac:a6:8e:b4:18:5d:26:15: 36:58:aa:8e:9d:9c:13:2e:8a:3a:59:8b:8a:49:30: 9d:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:3F:47:15:1A:0A:70:51:1A:60:A6:61:AE:FC:80:3C:C7:7A:A0:36 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149754.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.246.168.0/24 IPv6: 2001:df1:9fc0::/48 Signature Algorithm: sha256WithRSAEncryption 02:03:15:fc:a2:3c:ee:ea:4d:6f:4e:f9:cc:8e:8a:fe:90:6f: 73:d7:78:d5:df:bc:59:ee:33:54:8d:74:10:05:63:92:8e:4f: d7:26:ca:99:f8:71:d7:51:5d:d3:3e:64:8f:3d:3e:54:f1:1a: ba:14:1d:f7:de:70:03:f1:09:c8:b2:f8:dc:75:a6:3c:9b:95: 3b:2f:01:6d:7b:b3:c6:ec:57:f8:b6:9f:d8:3c:0e:95:5c:1f: 6c:4e:21:de:e8:09:de:21:f2:67:05:8c:77:9b:30:77:6e:a9: 63:5a:82:7a:2a:95:50:c6:e2:10:ec:3d:f0:dd:1b:0f:fb:90: 3d:07:d7:3a:06:48:c8:3f:ad:ff:57:10:04:fe:d4:61:32:7d: 60:23:4a:65:ac:d0:68:25:9c:f2:d5:a0:24:40:69:6b:80:43: cd:07:30:ce:f6:3c:c4:a3:25:c3:cc:3d:a2:49:33:4a:0c:b8: b0:f4:f6:f4:6f:01:55:d2:c1:d5:49:8d:4e:bc:55:d2:9b:d3: d4:53:f3:3b:d8:d0:a6:dd:9b:71:b1:4e:07:c8:9b:ba:eb:79: 34:d6:0c:78:fc:c0:54:f8:92:bc:c0:08:54:0c:22:76:3e:94: 54:18:c1:a4:60:b8:e9:8d:5f:c4:52:b0:57:ab:01:ec:f8:4b: 27:dc:3c:d7 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUJ9DyjG9zCXKt8ovGtMGVgPVuHYQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDYyNjA4NTUwMFoX DTI1MDYyNTA5MDAwMFowMzExMC8GA1UEAxMoNEMzRjQ3MTUxQTBBNzA1MTFBNjBB NjYxQUVGQzgwM0NDNzdBQTAzNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALzZF/f8Sfvyzxxljrkjr1Qn9YJkEo3oGwHOb1uwQlUgXTu4LyRViTXlNeq5 vv7Lt4pQs2uECdfSnAbOfkELdZZnW74hzAUTJ4qkPTeku4YFOHoxJmjo6tRd9uVh /h0n30a/Y/aK5ZqW5ScD/etUaZNt7FXtsq2uf1JwXMTI4AEP99PwcYG+39OgTdLV R02TRcld9o+iqC6zILuxCZ4QedsJBKi8/SdV4//gYBSZe8UEI/AytBDzDnjwTfTc mThtBl0d0uU7TMKiKy2gB5IwfjEUWSEl7ywod+JqMI6QglECNexugBtvr6ymjrQY XSYVNliqjp2cEy6KOlmLikkwna8CAwEAAaOCAeEwggHdMB0GA1UdDgQWBBRMP0cV GgpwURpgpmGu/IA8x3qgNjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTc1NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAGf2qDAPBAIAAjAJAwcAIAEN8Z/AMA0GCSqGSIb3DQEBCwUAA4IB AQACAxX8ojzu6k1vTvnMjor+kG9z13jV37xZ7jNUjXQQBWOSjk/XJsqZ+HHXUV3T PmSPPT5U8Rq6FB333nAD8QnIsvjcdaY8m5U7LwFte7PG7Ff4tp/YPA6VXB9sTiHe 6AneIfJnBYx3mzB3bqljWoJ6KpVQxuIQ7D3w3RsP+5A9B9c6BkjIP63/VxAE/tRh Mn1gI0plrNBoJZzy1aAkQGlrgEPNBzDO9jzEoyXDzD2iSTNKDLiw9Pb0bwFV0sHV SY1OvFXSm9PUU/M72NCm3ZtxsU4HyJu663k01gx4/MBU+JK8wAhUDCJ2PpRUGMGk YLjpjV/EUrBXqwHs+Esn3DzX -----END CERTIFICATE-----Generated at Mon Nov 25 13:01:56 2024 by rpki-client on console-fra.rpki-client.org