$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149880.roa File: AS149880.roa (raw, json) Hash identifier: kO4jxyOvrQ0K2YBXzXPn5MUaDGiXdsZikLozWb4prFY= Subject key identifier: 44:24:97:B2:08:78:77:6A:5C:36:FC:39:01:E9:64:8B:5C:DA:D9:B7 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2A96B68D794B313510B17FBBF6D8D71B35B68195 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149880.roa Signing time: Fri 15 Sep 2023 09:31:52 +0000 ROA not before: Fri 15 Sep 2023 09:26:52 +0000 ROA not after: Fri 13 Sep 2024 09:31:52 +0000 asID: 149880 IP address blocks: 2001:df2:eac0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 13:23:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:96:b6:8d:79:4b:31:35:10:b1:7f:bb:f6:d8:d7:1b:35:b6:81:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 15 09:26:52 2023 GMT Not After : Sep 13 09:31:52 2024 GMT Subject: CN=442497B20878776A5C36FC3901E9648B5CDAD9B7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:10:04:e6:2f:60:00:89:d9:08:0b:43:8b:21: c8:50:4c:6e:da:98:c2:9e:27:44:71:48:4d:53:ec: 42:2b:ee:70:f8:ec:8d:97:ba:1e:1c:fe:1e:37:ff: 7a:98:a6:fd:3c:41:ec:70:87:2a:3d:9a:ac:e1:5c: e4:4f:1b:d8:82:a2:8c:4d:df:09:be:3e:73:b3:ad: 86:97:f1:e9:8b:27:bb:1e:e7:2a:3a:dc:c2:79:7f: 0f:6a:99:2c:90:c3:ad:1f:0f:4e:aa:60:d1:ba:79: a5:25:5e:b2:88:b9:94:9b:d5:96:16:6e:1c:a0:f5: d3:f7:7d:b1:ea:c9:ca:69:35:4f:46:7c:5b:dc:2f: 3c:c5:e8:90:1b:bb:84:b5:1c:80:a5:82:e1:82:53: 9f:21:e3:cf:13:30:4a:7c:af:63:62:f3:07:09:27: b7:d9:76:51:6f:c7:72:75:49:bf:10:ee:1a:54:75: 4c:fa:92:a0:c0:14:6f:eb:7c:45:a4:e3:d6:7b:11: e2:02:62:66:be:eb:82:3a:91:64:2f:38:1b:c9:0f: f3:5f:bf:0a:94:34:14:3c:af:40:80:aa:7f:c1:3a: a8:5b:11:37:6a:33:b4:1e:f9:01:f9:ec:12:2d:4c: 25:f3:20:8c:e4:8c:35:b4:ff:b7:6a:13:2e:51:76: b9:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:24:97:B2:08:78:77:6A:5C:36:FC:39:01:E9:64:8B:5C:DA:D9:B7 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149880.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:eac0::/48 Signature Algorithm: sha256WithRSAEncryption 49:1e:e1:35:6b:e3:1f:db:2f:b0:f0:b7:c0:14:9e:67:d5:1f: f7:11:8f:cc:7e:4a:0a:0a:f0:d5:46:a0:d4:b5:13:77:f0:a7: b9:21:6e:34:a7:1d:22:a6:de:75:57:f8:9b:08:12:46:1a:08: fc:4a:dc:e9:ec:be:4d:92:f8:06:ae:21:37:02:39:be:42:60: d2:dc:76:e9:7c:0d:40:51:8f:1b:99:29:c5:6b:78:6a:9d:40: 2b:27:fc:1b:dd:7d:53:20:d3:c6:49:96:82:5f:fc:81:15:82: 11:f6:56:51:d3:3e:40:b3:a9:95:9a:aa:ca:17:58:24:c5:58: dd:31:08:87:16:60:f0:77:0d:a9:00:1b:ae:bc:de:eb:f0:f5: c5:03:02:c0:3f:b0:6b:71:d6:5c:06:fa:97:a2:32:b9:3c:f6: c2:9b:7c:dc:0e:06:38:3b:15:49:69:0f:8a:cb:b9:97:6c:d2: c0:3f:46:a1:95:c8:07:ca:9c:f7:4e:e8:c2:aa:c5:ce:2d:e5: 08:b4:f3:95:2f:5c:02:4c:e1:6a:20:4c:ac:3e:db:e4:a4:a4: ff:20:42:f6:fb:6f:36:e7:33:bc:a6:84:5d:6e:0c:bd:e6:34: 68:c7:a6:88:52:d1:26:6e:e4:91:94:7d:e3:d3:45:39:fb:e8: 0d:24:70:3a -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUKpa2jXlLMTUQsX+79tjXGzW2gZUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDkxNTA5MjY1MloX DTI0MDkxMzA5MzE1MlowMzExMC8GA1UEAxMoNDQyNDk3QjIwODc4Nzc2QTVDMzZG QzM5MDFFOTY0OEI1Q0RBRDlCNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOkQBOYvYACJ2QgLQ4shyFBMbtqYwp4nRHFITVPsQivucPjsjZe6Hhz+Hjf/ epim/TxB7HCHKj2arOFc5E8b2IKijE3fCb4+c7Othpfx6Ysnux7nKjrcwnl/D2qZ LJDDrR8PTqpg0bp5pSVesoi5lJvVlhZuHKD10/d9serJymk1T0Z8W9wvPMXokBu7 hLUcgKWC4YJTnyHjzxMwSnyvY2LzBwknt9l2UW/HcnVJvxDuGlR1TPqSoMAUb+t8 RaTj1nsR4gJiZr7rgjqRZC84G8kP81+/CpQ0FDyvQICqf8E6qFsRN2oztB75Afns Ei1MJfMgjOSMNbT/t2oTLlF2uUcCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBREJJey CHh3alw2/DkB6WSLXNrZtzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTg4MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfLqwDANBgkqhkiG9w0BAQsFAAOCAQEASR7hNWvjH9svsPC3 wBSeZ9Uf9xGPzH5KCgrw1Uag1LUTd/CnuSFuNKcdIqbedVf4mwgSRhoI/Erc6ey+ TZL4Bq4hNwI5vkJg0tx26XwNQFGPG5kpxWt4ap1AKyf8G919UyDTxkmWgl/8gRWC EfZWUdM+QLOplZqqyhdYJMVY3TEIhxZg8HcNqQAbrrze6/D1xQMCwD+wa3HWXAb6 l6IyuTz2wpt83A4GODsVSWkPisu5l2zSwD9GoZXIB8qc907owqrFzi3lCLTzlS9c AkzhaiBMrD7b5KSk/yBC9vtvNuczvKaEXW4MveY0aMemiFLRJm7kkZR949NFOfvo DSRwOg== -----END CERTIFICATE-----Generated at Wed May 8 10:06:54 2024 by rpki-client on console-ams.rpki-client.org