$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149880.roa File: AS149880.roa (raw, json) Hash identifier: q92RTJUQfXObH/mPZu4TqXgtwff0sFbaIDrCH+kOyFk= Subject key identifier: AD:8E:81:40:DE:43:80:7C:0C:DD:84:F8:11:27:13:C8:49:AE:7B:25 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 6FBC41A890F17193DBD41058478B68D17550FBE6 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149880.roa Signing time: Fri 16 Aug 2024 10:00:00 +0000 ROA not before: Fri 16 Aug 2024 09:55:00 +0000 ROA not after: Fri 15 Aug 2025 10:00:00 +0000 asID: 149880 IP address blocks: 2001:df2:eac0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:bc:41:a8:90:f1:71:93:db:d4:10:58:47:8b:68:d1:75:50:fb:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Aug 16 09:55:00 2024 GMT Not After : Aug 15 10:00:00 2025 GMT Subject: CN=AD8E8140DE43807C0CDD84F8112713C849AE7B25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:d8:5b:c3:ce:5f:64:ba:71:d7:d8:d9:60:75: 30:32:1c:25:40:83:f1:33:e8:ab:5c:24:c9:1b:e3: 77:9a:1e:77:bd:59:22:da:9e:5e:45:fc:a7:5f:09: af:00:6d:c1:74:e2:a8:7e:5d:af:7d:79:c0:ed:40: 18:86:bc:f6:da:02:3d:5f:3a:93:b0:38:5a:03:c5: cc:cb:9b:8e:02:3c:52:8a:67:39:e7:f5:60:2d:d7: 7d:4b:0e:42:14:26:58:1e:f9:56:b6:14:c5:e8:1e: e3:c4:64:9c:a5:ef:d6:24:bf:7c:58:4d:44:0f:e9: 56:44:1f:34:f1:8a:d9:87:9c:0e:7f:25:a7:18:2b: 18:c2:06:8a:ba:7f:3f:ab:b9:75:99:34:2f:98:e6: 47:53:bb:ea:67:91:14:82:8a:41:f9:d4:ce:c7:91: 56:ee:e9:82:4b:cb:bf:31:5e:07:52:84:37:e8:60: da:89:52:27:6a:07:69:25:d6:fe:ac:b5:cf:ba:c4: df:dd:b0:ff:f4:eb:63:f1:1a:6e:77:29:51:18:ac: 6e:58:d9:21:c9:0b:bc:f5:99:7a:e2:73:00:20:b5: 70:79:a4:23:f8:51:14:10:66:85:52:ff:e6:35:4f: d4:ff:73:9f:1a:12:54:dd:0f:51:c5:a7:8f:41:db: e2:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:8E:81:40:DE:43:80:7C:0C:DD:84:F8:11:27:13:C8:49:AE:7B:25 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149880.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:eac0::/48 Signature Algorithm: sha256WithRSAEncryption 30:07:8e:f9:f3:fc:f7:a8:16:8f:95:35:0c:74:73:86:1f:b9: 6e:38:42:9d:c0:a6:38:d0:a9:2b:63:6f:f3:e8:02:4d:a8:11: 31:d2:65:f5:49:7c:f7:20:c3:44:05:65:c7:f0:bc:5b:f9:54: e0:0c:3b:c1:52:c0:32:9d:08:b5:5d:17:82:e2:7f:07:b6:8e: 49:02:15:0a:e4:4e:18:b1:50:65:4d:40:5e:e3:d7:da:60:3f: 97:6b:3c:c4:5d:e1:b0:92:99:19:17:f6:d7:3c:84:78:c1:95: 1b:f6:f1:87:30:79:cd:1c:fc:08:58:b1:23:b2:d4:00:91:cf: d7:9c:0f:98:23:de:65:63:f4:36:20:12:2b:31:f3:c6:92:49: 99:24:83:77:23:b1:6b:6a:7c:ab:36:a5:52:82:04:a4:22:92: ab:0f:d1:e6:f3:a3:60:27:a2:f3:1a:5b:25:f9:c1:95:d7:34: 30:81:6a:71:82:48:34:9d:19:ec:ae:c6:78:5b:46:56:42:d4: ef:34:43:0d:c6:ac:30:d2:4e:89:3f:95:98:d5:35:3f:f5:b7: cd:ed:80:28:e7:8c:16:25:9e:03:d9:11:49:f4:c7:42:e6:9e: db:eb:10:13:7d:38:ac:f7:b4:b3:52:8b:9d:e2:1e:bb:91:27: 09:c8:d6:81 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUb7xBqJDxcZPb1BBYR4to0XVQ++YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDgxNjA5NTUwMFoX DTI1MDgxNTEwMDAwMFowMzExMC8GA1UEAxMoQUQ4RTgxNDBERTQzODA3QzBDREQ4 NEY4MTEyNzEzQzg0OUFFN0IyNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ7YW8POX2S6cdfY2WB1MDIcJUCD8TPoq1wkyRvjd5oed71ZItqeXkX8p18J rwBtwXTiqH5dr315wO1AGIa89toCPV86k7A4WgPFzMubjgI8UopnOef1YC3XfUsO QhQmWB75VrYUxege48RknKXv1iS/fFhNRA/pVkQfNPGK2YecDn8lpxgrGMIGirp/ P6u5dZk0L5jmR1O76meRFIKKQfnUzseRVu7pgkvLvzFeB1KEN+hg2olSJ2oHaSXW /qy1z7rE392w//TrY/EabncpURisbljZIckLvPWZeuJzACC1cHmkI/hRFBBmhVL/ 5jVP1P9znxoSVN0PUcWnj0Hb4ncCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBStjoFA 3kOAfAzdhPgRJxPISa57JTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTg4MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfLqwDANBgkqhkiG9w0BAQsFAAOCAQEAMAeO+fP896gWj5U1 DHRzhh+5bjhCncCmONCpK2Nv8+gCTagRMdJl9Ul89yDDRAVlx/C8W/lU4Aw7wVLA Mp0ItV0XguJ/B7aOSQIVCuROGLFQZU1AXuPX2mA/l2s8xF3hsJKZGRf21zyEeMGV G/bxhzB5zRz8CFixI7LUAJHP15wPmCPeZWP0NiASKzHzxpJJmSSDdyOxa2p8qzal UoIEpCKSqw/R5vOjYCei8xpbJfnBldc0MIFqcYJINJ0Z7K7GeFtGVkLU7zRDDcas MNJOiT+VmNU1P/W3ze2AKOeMFiWeA9kRSfTHQuae2+sQE304rPe0s1KLneIeu5En CcjWgQ== -----END CERTIFICATE-----Generated at Mon Nov 25 13:14:28 2024 by rpki-client on console-ams.rpki-client.org