$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149897.roa File: AS149897.roa (raw, json) Hash identifier: kkf929z4gQLuYI7kC1XHF1SgT07QKvXeqiY6vlAivLo= Subject key identifier: D0:57:C7:CD:2C:88:6D:9A:CE:2F:25:12:4D:80:5C:6E:D4:16:1A:B3 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 590233FDB17628CD9CEA2057B59176CDB281CECA Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149897.roa Signing time: Wed 03 Jul 2024 08:00:00 +0000 ROA not before: Wed 03 Jul 2024 07:55:00 +0000 ROA not after: Wed 02 Jul 2025 08:00:00 +0000 asID: 149897 IP address blocks: 2001:df1:2e40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:02:33:fd:b1:76:28:cd:9c:ea:20:57:b5:91:76:cd:b2:81:ce:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 3 07:55:00 2024 GMT Not After : Jul 2 08:00:00 2025 GMT Subject: CN=D057C7CD2C886D9ACE2F25124D805C6ED4161AB3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:9c:8a:15:52:ba:86:86:60:28:7d:b3:0f:2b: 3f:c2:cb:c8:4f:b1:03:c3:dc:88:dd:f7:07:3b:e8: 22:03:8a:3a:97:29:72:00:48:33:d8:c6:3f:96:16: 24:7b:69:50:16:ac:df:99:c7:b8:af:ae:28:2e:63: 62:96:1f:5c:6d:a6:bd:10:9a:d8:0e:fb:d1:de:45: a5:c2:74:32:d5:ce:3e:6c:b1:88:70:28:f9:1a:e4: ba:38:48:4f:23:81:e5:9a:bb:fa:ae:0d:69:74:08: b2:4e:a5:b8:0c:72:88:d2:71:6a:0d:71:4e:a8:5f: f1:e4:c6:2d:8d:05:77:03:36:e7:20:73:a7:a1:60: 5e:24:79:41:72:c9:1b:88:b7:da:51:a7:3e:25:0d: 0a:0f:78:03:fd:dd:eb:aa:f2:3f:09:5e:7c:6c:18: d8:b9:1a:a1:43:b8:be:3e:b8:a2:da:2e:84:a4:9f: dc:10:1b:09:e8:f4:a9:ca:91:19:ef:eb:d7:0c:84: 87:12:18:d1:07:1e:58:45:2e:7c:f6:e7:c8:f0:b6: 8e:2a:fb:0f:e5:75:8a:2e:c7:4e:f9:c7:dc:8e:71: b9:ca:31:42:3e:eb:ff:b0:ea:61:0b:35:80:d3:5f: 6a:74:ed:2b:7b:f1:01:30:6d:75:2c:51:5b:c3:1f: cb:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:57:C7:CD:2C:88:6D:9A:CE:2F:25:12:4D:80:5C:6E:D4:16:1A:B3 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149897.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:2e40::/48 Signature Algorithm: sha256WithRSAEncryption 99:ba:0a:40:34:e3:d7:fc:af:2a:47:3b:03:73:75:70:93:ba: 81:53:e0:f8:3c:5a:a3:aa:60:4e:e7:e6:51:ef:c0:0e:b8:3b: 9d:dd:e0:42:09:29:55:b2:b9:e3:88:78:ee:9e:5b:b6:3b:59: 5d:af:bb:55:bb:b4:66:ce:25:24:b0:9b:ba:a9:eb:56:fd:b1: 99:01:79:a9:6c:3c:2e:69:14:e6:a3:2d:40:eb:6b:da:ff:63: c7:64:83:5f:5b:5d:cc:67:77:60:b8:68:4b:56:58:37:da:24: 03:cb:19:fe:85:ea:0c:0e:2e:b0:80:1d:55:02:2c:67:8a:5d: cf:59:89:de:94:a2:c1:cb:e4:bf:68:8f:15:46:12:d9:73:7b: d1:35:ee:61:51:2c:0b:23:08:75:8d:b7:2f:c6:9c:68:17:5c: 02:76:90:d0:76:cc:32:09:9e:5f:14:8f:81:8a:a2:3d:2b:dc: 24:dd:7b:71:8a:ff:a3:8d:68:32:f2:bb:b7:dc:db:d2:73:88: 2d:bc:50:69:bb:cd:6d:68:59:88:4a:ff:53:0f:72:5d:28:c7: 13:7a:f2:fc:56:14:2c:37:0a:07:33:72:c1:44:0c:5b:85:aa: 62:1e:d9:7a:60:29:1c:cf:af:04:dc:9b:d5:37:6e:23:34:7c: 64:3f:a4:97 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUWQIz/bF2KM2c6iBXtZF2zbKBzsowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDcwMzA3NTUwMFoX DTI1MDcwMjA4MDAwMFowMzExMC8GA1UEAxMoRDA1N0M3Q0QyQzg4NkQ5QUNFMkYy NTEyNEQ4MDVDNkVENDE2MUFCMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANycihVSuoaGYCh9sw8rP8LLyE+xA8PciN33BzvoIgOKOpcpcgBIM9jGP5YW JHtpUBas35nHuK+uKC5jYpYfXG2mvRCa2A770d5FpcJ0MtXOPmyxiHAo+RrkujhI TyOB5Zq7+q4NaXQIsk6luAxyiNJxag1xTqhf8eTGLY0FdwM25yBzp6FgXiR5QXLJ G4i32lGnPiUNCg94A/3d66ryPwlefGwY2LkaoUO4vj64otouhKSf3BAbCej0qcqR Ge/r1wyEhxIY0QceWEUufPbnyPC2jir7D+V1ii7HTvnH3I5xucoxQj7r/7DqYQs1 gNNfanTtK3vxATBtdSxRW8Mfy2sCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBTQV8fN LIhtms4vJRJNgFxu1BYaszAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTg5Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfEuQDANBgkqhkiG9w0BAQsFAAOCAQEAmboKQDTj1/yvKkc7 A3N1cJO6gVPg+Dxao6pgTufmUe/ADrg7nd3gQgkpVbK544h47p5btjtZXa+7Vbu0 Zs4lJLCbuqnrVv2xmQF5qWw8LmkU5qMtQOtr2v9jx2SDX1tdzGd3YLhoS1ZYN9ok A8sZ/oXqDA4usIAdVQIsZ4pdz1mJ3pSiwcvkv2iPFUYS2XN70TXuYVEsCyMIdY23 L8acaBdcAnaQ0HbMMgmeXxSPgYqiPSvcJN17cYr/o41oMvK7t9zb0nOILbxQabvN bWhZiEr/Uw9yXSjHE3ry/FYULDcKBzNywUQMW4WqYh7ZemApHM+vBNyb1TduIzR8 ZD+klw== -----END CERTIFICATE-----Generated at Mon Nov 25 13:14:29 2024 by rpki-client on console-ams.rpki-client.org