$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149912.roa File: AS149912.roa (raw, json) Hash identifier: gzvcNrP9KT69xAVY1T5kpIyVTgNtvEK2ZE4/dvYdmrM= Subject key identifier: 58:14:A1:E6:EA:CE:31:72:28:22:A6:A9:66:52:45:3C:B2:10:CD:3E Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 0CA255E49E4DBCCBD293CBD9E53DFE44F053F722 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149912.roa Signing time: Thu 14 Mar 2024 04:25:12 +0000 ROA not before: Thu 14 Mar 2024 04:20:12 +0000 ROA not after: Thu 13 Mar 2025 04:25:12 +0000 asID: 149912 IP address blocks: 2001:df3:2740::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 17:47:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:a2:55:e4:9e:4d:bc:cb:d2:93:cb:d9:e5:3d:fe:44:f0:53:f7:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Mar 14 04:20:12 2024 GMT Not After : Mar 13 04:25:12 2025 GMT Subject: CN=5814A1E6EACE31722822A6A96652453CB210CD3E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:4d:4c:76:b5:a3:fb:b5:f4:60:ec:a5:7f:50: c4:2c:0c:ee:e7:02:68:16:f2:ea:aa:9b:0d:9a:0b: 73:93:a3:81:80:72:58:ca:49:e9:40:ef:66:52:1e: f8:52:7b:81:60:d9:b6:5b:ef:16:74:3b:0b:17:82: 64:93:b4:69:12:87:2c:08:c0:b3:77:06:a9:9d:8e: dc:f3:8b:4d:cd:60:79:2e:44:6d:49:14:05:cc:ba: 07:f1:82:67:42:d9:0c:49:7a:2b:b8:0f:f3:0f:60: a8:09:06:2f:11:d0:79:9f:27:a0:d3:77:fe:94:2a: 27:39:4f:cc:fb:a8:31:63:b7:95:c6:5f:33:69:56: b0:3f:9d:c5:48:66:1c:fb:92:a6:34:f2:0a:37:8d: 95:38:cf:86:aa:39:c2:4e:5e:f5:0c:a1:cc:06:7f: 4d:dd:d2:73:83:00:09:d2:fd:88:55:ce:39:73:90: 1e:7c:21:9d:58:eb:06:6c:1f:7c:ce:5e:7c:66:93: be:16:6e:ea:3a:e2:08:74:5c:34:94:57:53:e2:e7: 03:f0:d2:1b:9d:f8:74:67:5e:7e:72:94:10:a1:22: 2f:4c:78:4a:e4:a2:b8:ad:66:55:87:ac:aa:0c:b3: 8f:82:6c:03:34:5c:69:42:cd:a2:45:33:da:71:c5: fe:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:14:A1:E6:EA:CE:31:72:28:22:A6:A9:66:52:45:3C:B2:10:CD:3E X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149912.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:2740::/48 Signature Algorithm: sha256WithRSAEncryption 87:d0:f3:94:66:45:79:63:95:e1:ec:ef:ea:70:33:2e:3e:b3: ae:59:ba:9f:87:0d:33:48:cc:74:3d:12:8e:c0:7d:a3:2a:6d: 94:a0:09:3e:0e:38:05:0a:b0:da:3f:61:8f:ec:7b:05:55:44: 1b:e0:4d:0e:13:92:cd:8a:b7:2d:dc:9e:ee:17:25:c8:bd:9b: 41:4e:7d:c2:f8:24:ed:ac:59:a5:73:63:3d:ea:57:c6:de:71: 5e:5e:52:23:11:06:36:03:f4:22:9a:e6:79:ce:ac:27:ea:23: a1:6f:1d:50:ab:7b:da:27:e5:b8:67:72:07:1f:9f:65:af:72: 16:db:c0:aa:e4:d1:04:8c:1b:10:fd:da:85:6b:93:0e:c1:27: ee:18:93:10:12:28:ae:66:e2:af:8d:07:17:9d:f3:6d:f8:91: 90:4b:78:4a:ca:fe:ad:35:4f:e1:02:41:92:44:0c:ea:d8:07: 07:0c:3d:45:3a:af:02:6e:5c:b8:1e:ea:91:6f:5e:e8:e7:61: 45:f9:3d:6c:a0:08:c5:e6:49:f1:fc:dd:1e:cd:e0:56:60:42: 2b:e8:3c:7f:6e:b8:75:a8:4a:03:69:9b:59:eb:d5:59:49:bf: 90:94:13:57:b7:3f:b7:75:75:58:4b:e4:44:bb:e3:71:fb:e9: a4:9c:86:04 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUDKJV5J5NvMvSk8vZ5T3+RPBT9yIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDMxNDA0MjAxMloX DTI1MDMxMzA0MjUxMlowMzExMC8GA1UEAxMoNTgxNEExRTZFQUNFMzE3MjI4MjJB NkE5NjY1MjQ1M0NCMjEwQ0QzRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK5NTHa1o/u19GDspX9QxCwM7ucCaBby6qqbDZoLc5OjgYByWMpJ6UDvZlIe +FJ7gWDZtlvvFnQ7CxeCZJO0aRKHLAjAs3cGqZ2O3POLTc1geS5EbUkUBcy6B/GC Z0LZDEl6K7gP8w9gqAkGLxHQeZ8noNN3/pQqJzlPzPuoMWO3lcZfM2lWsD+dxUhm HPuSpjTyCjeNlTjPhqo5wk5e9QyhzAZ/Td3Sc4MACdL9iFXOOXOQHnwhnVjrBmwf fM5efGaTvhZu6jriCHRcNJRXU+LnA/DSG534dGdefnKUEKEiL0x4SuSiuK1mVYes qgyzj4JsAzRcaULNokUz2nHF/ncCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBRYFKHm 6s4xcigipqlmUkU8shDNPjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTkxMi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfMnQDANBgkqhkiG9w0BAQsFAAOCAQEAh9DzlGZFeWOV4ezv 6nAzLj6zrlm6n4cNM0jMdD0SjsB9oyptlKAJPg44BQqw2j9hj+x7BVVEG+BNDhOS zYq3Ldye7hclyL2bQU59wvgk7axZpXNjPepXxt5xXl5SIxEGNgP0Iprmec6sJ+oj oW8dUKt72ifluGdyBx+fZa9yFtvAquTRBIwbEP3ahWuTDsEn7hiTEBIormbir40H F53zbfiRkEt4Ssr+rTVP4QJBkkQM6tgHBww9RTqvAm5cuB7qkW9e6OdhRfk9bKAI xeZJ8fzdHs3gVmBCK+g8f264dahKA2mbWevVWUm/kJQTV7c/t3V1WEvkRLvjcfvp pJyGBA== -----END CERTIFICATE-----Generated at Wed May 8 14:59:57 2024 by rpki-client on console-ams.rpki-client.org