$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149897.roa File: AS149897.roa (raw, json) Hash identifier: wKxmNAnSVr/866gm3SbU+UFM0ggjl+JfLI2vTZAFhFw= Subject key identifier: 3B:57:98:D0:A4:E0:8F:7C:45:C9:E8:C2:3E:C8:90:80:9D:0F:A8:80 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 52A9B13B1ADAE4560DD058D1E7A0D0FBCBA35247 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149897.roa Signing time: Wed 02 Aug 2023 08:00:00 +0000 ROA not before: Wed 02 Aug 2023 07:55:00 +0000 ROA not after: Wed 31 Jul 2024 08:00:00 +0000 asID: 149897 IP address blocks: 2001:df1:2e40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 10:29:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:a9:b1:3b:1a:da:e4:56:0d:d0:58:d1:e7:a0:d0:fb:cb:a3:52:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Aug 2 07:55:00 2023 GMT Not After : Jul 31 08:00:00 2024 GMT Subject: CN=3B5798D0A4E08F7C45C9E8C23EC890809D0FA880 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:46:9c:44:e4:f6:eb:b5:8e:ac:16:5a:65:d0: c8:f5:cf:7b:75:d7:e5:ab:36:8e:49:75:74:10:5d: bb:92:77:09:9d:9f:26:e3:c4:6f:33:0a:e5:28:fa: 0d:d6:94:4c:3a:bc:f5:8b:1a:10:6a:3e:9e:a0:86: 7c:e9:53:29:01:22:78:4f:5f:6a:26:5d:9c:71:f4: 98:57:7e:10:75:8c:61:eb:4b:6e:39:09:6a:d3:1b: 83:45:f7:38:19:bb:69:d5:23:42:35:e9:e3:13:dd: b8:b5:ab:51:f9:cf:a4:80:96:6a:72:36:13:c8:c8: a6:cd:3d:66:75:f5:fd:a9:34:ef:da:01:7d:c7:f8: 55:85:01:2f:31:47:8f:ed:c3:51:08:7c:9c:9f:b0: 45:60:88:7b:3d:11:a6:6a:92:e7:f5:12:13:e3:1a: 61:f7:b0:ef:b8:e9:33:80:a2:20:b3:31:5f:8c:be: 6d:b6:f8:2c:b4:5d:c8:84:db:0e:5b:4e:19:54:7d: f5:24:19:a3:ef:03:e5:03:79:8e:6b:f1:72:22:13: e4:92:54:07:34:0f:b2:b3:cb:54:d2:dd:47:2d:18: 40:75:46:f2:2f:6b:87:ae:35:a8:f6:fa:d0:23:b3: 4c:e0:4f:4e:a9:9c:d4:b6:a9:ea:65:e7:0f:7f:80: 09:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:57:98:D0:A4:E0:8F:7C:45:C9:E8:C2:3E:C8:90:80:9D:0F:A8:80 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149897.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:2e40::/48 Signature Algorithm: sha256WithRSAEncryption 31:b2:97:c4:0a:78:46:9e:b4:4f:f4:43:c7:a4:b1:b7:a5:45: f9:83:25:17:9a:8d:bb:e7:9f:18:ad:d4:82:89:ae:65:2a:e2: 59:df:f0:0a:1c:87:46:d2:e9:79:35:58:52:2b:af:23:c0:60: ff:f3:1a:52:98:bb:e8:5b:ff:2f:dd:35:cf:02:cb:fa:93:10: 30:0f:f2:96:b9:29:fa:47:3a:cd:26:1c:44:be:30:8a:78:0a: f8:29:6d:97:d6:10:d2:93:3b:ea:9a:09:40:78:7f:9d:35:7c: 35:4c:21:d9:9d:9f:ad:1d:b4:4b:e7:16:29:dc:d7:a7:9f:7a: 8f:8a:c6:5a:5e:63:f5:b6:fd:48:6b:5c:91:35:34:85:95:9f: 71:e7:ae:20:36:94:3d:78:a3:ea:90:53:42:b0:7f:3c:a2:37: 1b:d7:87:fd:3d:85:06:9f:51:c5:cf:34:de:ce:d8:28:e7:e0: ec:5a:0d:6c:16:d6:14:73:c1:df:84:e7:04:10:03:e3:ad:ee: 64:7d:d3:3a:6d:a9:3c:d3:2a:69:54:c5:0f:39:2b:69:64:5d: 2f:94:fd:1e:c4:a4:9c:b5:9c:a1:1f:f3:f7:0d:36:8c:83:6b: 36:22:4f:06:99:14:e3:04:de:90:03:14:06:18:07:32:bb:ec: 09:4e:3c:b8 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUUqmxOxra5FYN0FjR56DQ+8ujUkcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDgwMjA3NTUwMFoX DTI0MDczMTA4MDAwMFowMzExMC8GA1UEAxMoM0I1Nzk4RDBBNEUwOEY3QzQ1QzlF OEMyM0VDODkwODA5RDBGQTg4MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL9GnETk9uu1jqwWWmXQyPXPe3XX5as2jkl1dBBdu5J3CZ2fJuPEbzMK5Sj6 DdaUTDq89YsaEGo+nqCGfOlTKQEieE9faiZdnHH0mFd+EHWMYetLbjkJatMbg0X3 OBm7adUjQjXp4xPduLWrUfnPpICWanI2E8jIps09ZnX1/ak079oBfcf4VYUBLzFH j+3DUQh8nJ+wRWCIez0RpmqS5/USE+MaYfew77jpM4CiILMxX4y+bbb4LLRdyITb DltOGVR99SQZo+8D5QN5jmvxciIT5JJUBzQPsrPLVNLdRy0YQHVG8i9rh641qPb6 0COzTOBPTqmc1Lap6mXnD3+ACVcCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQ7V5jQ pOCPfEXJ6MI+yJCAnQ+ogDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTg5Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfEuQDANBgkqhkiG9w0BAQsFAAOCAQEAMbKXxAp4Rp60T/RD x6Sxt6VF+YMlF5qNu+efGK3UgomuZSriWd/wChyHRtLpeTVYUiuvI8Bg//MaUpi7 6Fv/L901zwLL+pMQMA/ylrkp+kc6zSYcRL4wingK+Cltl9YQ0pM76poJQHh/nTV8 NUwh2Z2frR20S+cWKdzXp596j4rGWl5j9bb9SGtckTU0hZWfceeuIDaUPXij6pBT QrB/PKI3G9eH/T2FBp9Rxc803s7YKOfg7FoNbBbWFHPB34TnBBAD463uZH3TOm2p PNMqaVTFDzkraWRdL5T9HsSknLWcoR/z9w02jINrNiJPBpkU4wTekAMUBhgHMrvs CU48uA== -----END CERTIFICATE-----Generated at Wed May 8 04:37:57 2024 by rpki-client on console-fra.rpki-client.org