$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149920.roa File: AS149920.roa (raw, json) Hash identifier: IsBR3Rj+XnV65GJ4NrniarZZBg7f0RYZh2h0HcOfPzo= Subject key identifier: 52:38:CB:69:1F:3A:2B:94:B1:1F:89:06:E3:02:07:85:C4:BC:97:B9 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 366B704DD068829A20A20302D857D16B84498DC8 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149920.roa Signing time: Fri 21 Jun 2024 07:00:00 +0000 ROA not before: Fri 21 Jun 2024 06:55:00 +0000 ROA not after: Fri 20 Jun 2025 07:00:00 +0000 asID: 149920 IP address blocks: 103.161.1.0/24 maxlen: 24 2001:df1:3940::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:6b:70:4d:d0:68:82:9a:20:a2:03:02:d8:57:d1:6b:84:49:8d:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 21 06:55:00 2024 GMT Not After : Jun 20 07:00:00 2025 GMT Subject: CN=5238CB691F3A2B94B11F8906E3020785C4BC97B9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:88:5a:26:ab:a6:e8:63:1a:2e:d8:c6:18:19: 89:27:0c:c5:dd:e1:12:a2:cd:72:f1:8a:85:46:4d: 2c:2f:98:59:a6:ab:79:66:e9:fb:e1:51:ae:5d:eb: 33:3e:c8:99:17:a6:a3:78:97:33:1f:7a:2c:c5:95: 0c:4d:ed:d3:54:ce:7e:11:bc:1d:d5:c8:80:09:2e: 51:c0:ff:7c:10:ca:91:25:1b:2f:7a:df:00:10:a5: 1c:fd:1e:c2:d0:ff:6e:0e:1c:b4:fc:b9:db:c5:20: ff:b1:2c:27:22:75:95:c3:3c:01:08:26:51:5a:28: cf:6c:c8:c7:e2:e2:50:e9:11:b7:74:86:81:a3:72: 27:a1:2f:e3:87:42:29:d7:6b:0c:7a:6f:e5:22:65: fd:37:a5:ff:88:fd:44:8b:35:81:79:3c:71:74:47: 0f:d5:03:c6:0a:32:12:87:73:cc:d5:f8:78:b2:b7: f5:f1:f3:46:08:1c:3a:74:11:43:37:56:27:80:3c: 13:d6:3c:26:41:48:4c:fd:3a:c5:55:0f:4a:f2:72: 25:9e:67:60:b1:af:c1:4e:51:08:eb:5c:11:6f:a7: 40:35:be:c3:b0:d7:98:7a:0d:0e:8d:45:a3:a4:60: b0:b5:0c:c1:1f:66:34:ad:c7:cf:c0:25:2b:e6:5b: 79:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:38:CB:69:1F:3A:2B:94:B1:1F:89:06:E3:02:07:85:C4:BC:97:B9 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149920.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.161.1.0/24 IPv6: 2001:df1:3940::/48 Signature Algorithm: sha256WithRSAEncryption 6a:e3:28:f0:da:61:7a:85:6f:44:a3:fa:d3:63:c8:df:38:e2: 95:ff:b2:ad:cd:67:ea:fd:59:36:1f:28:b7:08:89:6f:ed:b7: 17:71:dc:b5:22:35:7f:44:a9:b2:7e:b0:08:df:da:03:f9:51: 0e:0c:97:f7:eb:7b:78:9c:3c:c5:cb:1e:94:60:c3:4e:ad:c3: 44:f7:b9:2c:9d:2c:78:47:4a:ef:4c:34:79:b7:89:80:7c:d3: 7f:27:8d:43:ea:00:de:a2:d7:25:ca:6b:38:b9:28:08:d2:a1: d9:ad:12:79:86:76:0d:0c:61:e5:7f:75:f7:d0:e6:51:53:6e: c1:44:fb:05:c8:77:fe:49:6a:0d:cd:ea:6b:fe:bf:51:a8:c0: ee:2b:bd:fb:ef:e1:c7:6d:88:3d:aa:d1:25:86:c7:c0:ec:96: 3d:dc:e4:f3:13:07:b5:f4:ef:0b:11:97:fc:b7:b3:a2:85:99: 07:04:92:55:49:f5:cf:6d:cf:82:f9:b0:f3:35:db:ce:3c:46: c0:f1:2a:ef:6c:9c:46:c2:df:6d:ca:f2:c0:d7:b3:4b:10:00: 2e:d7:46:4b:0c:c1:85:5c:4b:98:4a:de:fd:70:d9:d3:f0:42: ff:3f:8a:51:86:8d:ee:3b:2f:7e:eb:67:b5:be:d0:66:20:01: 77:14:a4:7b -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUNmtwTdBogpogogMC2FfRa4RJjcgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDYyMTA2NTUwMFoX DTI1MDYyMDA3MDAwMFowMzExMC8GA1UEAxMoNTIzOENCNjkxRjNBMkI5NEIxMUY4 OTA2RTMwMjA3ODVDNEJDOTdCOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL6IWiarpuhjGi7YxhgZiScMxd3hEqLNcvGKhUZNLC+YWaareWbp++FRrl3r Mz7ImRemo3iXMx96LMWVDE3t01TOfhG8HdXIgAkuUcD/fBDKkSUbL3rfABClHP0e wtD/bg4ctPy528Ug/7EsJyJ1lcM8AQgmUVooz2zIx+LiUOkRt3SGgaNyJ6Ev44dC KddrDHpv5SJl/Tel/4j9RIs1gXk8cXRHD9UDxgoyEodzzNX4eLK39fHzRggcOnQR QzdWJ4A8E9Y8JkFITP06xVUPSvJyJZ5nYLGvwU5RCOtcEW+nQDW+w7DXmHoNDo1F o6RgsLUMwR9mNK3Hz8AlK+ZbeS8CAwEAAaOCAeEwggHdMB0GA1UdDgQWBBRSOMtp HzorlLEfiQbjAgeFxLyXuTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTkyMC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAGehATAPBAIAAjAJAwcAIAEN8TlAMA0GCSqGSIb3DQEBCwUAA4IB AQBq4yjw2mF6hW9Eo/rTY8jfOOKV/7KtzWfq/Vk2Hyi3CIlv7bcXcdy1IjV/RKmy frAI39oD+VEODJf363t4nDzFyx6UYMNOrcNE97ksnSx4R0rvTDR5t4mAfNN/J41D 6gDeotclyms4uSgI0qHZrRJ5hnYNDGHlf3X30OZRU27BRPsFyHf+SWoNzepr/r9R qMDuK7377+HHbYg9qtElhsfA7JY93OTzEwe19O8LEZf8t7OihZkHBJJVSfXPbc+C +bDzNdvOPEbA8SrvbJxGwt9tyvLA17NLEAAu10ZLDMGFXEuYSt79cNnT8EL/P4pR ho3uOy9+62e1vtBmIAF3FKR7 -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:26 2024 by rpki-client on console-fra.rpki-client.org