$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149882.roa File: AS149882.roa (raw, json) Hash identifier: lH+sAK7J7iQ1A3keB1PxUJauUwYxdYdJ8Yvpr67gldY= Subject key identifier: E7:BC:C6:17:E7:FD:07:7D:8B:1C:A5:D3:E3:FB:E3:A5:1A:A1:C4:5F Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1DA2658AF17CD20A73FA6870975614CF175195C6 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149882.roa Signing time: Mon 24 Jun 2024 07:00:00 +0000 ROA not before: Mon 24 Jun 2024 06:55:00 +0000 ROA not after: Mon 23 Jun 2025 07:00:00 +0000 asID: 149882 IP address blocks: 2401:1ba0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:a2:65:8a:f1:7c:d2:0a:73:fa:68:70:97:56:14:cf:17:51:95:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 24 06:55:00 2024 GMT Not After : Jun 23 07:00:00 2025 GMT Subject: CN=E7BCC617E7FD077D8B1CA5D3E3FBE3A51AA1C45F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:e6:9b:d7:ec:13:c4:4e:19:06:4c:7b:1e:1c: 6e:d3:fd:70:1b:a9:06:14:86:f4:93:a7:a4:12:dc: 10:e8:36:d5:95:dd:3a:cf:b8:52:e8:8a:a0:82:8d: 8d:e3:f4:f2:3e:6e:32:50:2d:8c:17:13:c4:cd:a9: 8f:bf:34:3a:ce:1f:4b:50:0b:9c:9e:27:a8:57:5e: 7f:ce:43:90:c3:56:5b:17:b8:10:4d:36:69:4b:d9: ba:4d:04:0c:2c:7f:07:c4:e2:6f:1c:46:be:03:4e: 0f:7f:86:d9:39:4b:d5:95:66:41:52:fb:16:14:e5: 58:ba:c0:9c:d7:90:7b:37:56:22:f3:0e:02:f1:7e: 58:0d:cc:08:e9:f2:bd:c8:e7:2f:96:75:99:73:55: 8f:c8:63:c1:c3:7e:ca:fa:88:99:34:bf:20:db:68: 4f:1d:6d:63:59:95:f4:04:53:13:82:be:e0:3a:6d: ac:5d:df:4c:13:bd:6d:85:07:bb:df:45:5e:9a:16: e5:ea:93:ea:62:76:aa:84:c8:51:cb:79:53:da:c4: 3b:a1:1c:7d:12:6a:35:d2:56:0d:12:32:c3:a8:48: 1c:d8:1a:7a:0e:f7:db:cd:04:69:a7:c1:1d:5c:f0: ab:7e:f3:29:67:aa:75:d3:fb:60:b6:95:00:cf:0c: 81:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:BC:C6:17:E7:FD:07:7D:8B:1C:A5:D3:E3:FB:E3:A5:1A:A1:C4:5F X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149882.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:1ba0::/32 Signature Algorithm: sha256WithRSAEncryption 7b:d3:0c:af:a3:36:14:79:2d:fd:fc:8e:1e:cf:2e:c8:df:d7: 79:e5:ed:01:13:3d:82:ca:db:fd:24:8d:9b:9c:f7:65:3e:91: 42:83:26:1f:ed:ec:58:0f:18:cb:ba:02:4d:18:d7:7f:be:66: 97:b7:87:c8:7d:6b:5c:16:46:21:1c:2c:84:cd:ed:58:c8:94: b7:da:dd:39:f2:1a:3a:79:f9:70:d9:83:18:98:d1:85:a9:35: 58:96:6a:7b:24:9a:71:5c:d8:cd:be:92:36:74:38:14:25:39: 11:3e:e7:0e:3f:29:84:04:fb:2f:67:7b:2c:46:2e:34:fa:c7: f9:36:ad:d7:a1:5f:c3:f6:68:66:17:2e:c3:28:df:c1:97:88: 68:2d:80:6b:8f:db:33:e9:4a:fa:ba:81:56:67:28:eb:ae:68: 06:d8:d5:35:34:d6:3e:81:ab:7a:6b:97:66:03:a2:57:78:7e: 33:f4:32:98:da:c1:77:ce:10:3f:68:f1:1c:0e:e8:41:5c:86: 77:35:e8:22:18:29:8b:91:2d:9a:5c:6f:48:66:00:a5:26:11: 7f:20:1f:cc:e5:b7:15:33:93:50:5e:20:4c:59:19:a3:3b:c3: 09:b5:7d:a2:7e:58:48:fe:9f:1e:66:a3:8e:d9:6a:1d:59:50: ee:fe:9d:06 -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIUHaJlivF80gpz+mhwl1YUzxdRlcYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDYyNDA2NTUwMFoX DTI1MDYyMzA3MDAwMFowMzExMC8GA1UEAxMoRTdCQ0M2MTdFN0ZEMDc3RDhCMUNB NUQzRTNGQkUzQTUxQUExQzQ1RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKbmm9fsE8ROGQZMex4cbtP9cBupBhSG9JOnpBLcEOg21ZXdOs+4UuiKoIKN jeP08j5uMlAtjBcTxM2pj780Os4fS1ALnJ4nqFdef85DkMNWWxe4EE02aUvZuk0E DCx/B8TibxxGvgNOD3+G2TlL1ZVmQVL7FhTlWLrAnNeQezdWIvMOAvF+WA3MCOny vcjnL5Z1mXNVj8hjwcN+yvqImTS/INtoTx1tY1mV9ARTE4K+4DptrF3fTBO9bYUH u99FXpoW5eqT6mJ2qoTIUct5U9rEO6EcfRJqNdJWDRIyw6hIHNgaeg73280EaafB HVzwq37zKWeqddP7YLaVAM8MgRMCAwEAAaOCAdEwggHNMB0GA1UdDgQWBBTnvMYX 5/0HfYscpdPj++OlGqHEXzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTg4Mi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQBG6AwDQYJKoZIhvcNAQELBQADggEBAHvTDK+jNhR5Lf38jh7P Lsjf13nl7QETPYLK2/0kjZuc92U+kUKDJh/t7FgPGMu6Ak0Y13++Zpe3h8h9a1wW RiEcLITN7VjIlLfa3TnyGjp5+XDZgxiY0YWpNViWanskmnFc2M2+kjZ0OBQlORE+ 5w4/KYQE+y9neyxGLjT6x/k2rdehX8P2aGYXLsMo38GXiGgtgGuP2zPpSvq6gVZn KOuuaAbY1TU01j6Bq3prl2YDold4fjP0MpjawXfOED9o8RwO6EFchnc16CIYKYuR LZpcb0hmAKUmEX8gH8zltxUzk1BeIExZGaM7wwm1faJ+WEj+nx5mo47Zah1ZUO7+ nQY= -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:26 2024 by rpki-client on console-fra.rpki-client.org