$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149931.roa File: AS149931.roa (raw, json) Hash identifier: UZ0f7+fg9oGyV1TKG+s+F5lqdG4avLrABl2DxaHma0M= Subject key identifier: CE:92:00:74:3A:66:5E:B1:2B:15:F8:F5:2D:CC:F9:8A:B2:B2:9E:14 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3736343876F0D619EE64C2B930869918A26D873A Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149931.roa Signing time: Wed 27 Dec 2023 09:00:33 +0000 ROA not before: Wed 27 Dec 2023 08:55:33 +0000 ROA not after: Wed 25 Dec 2024 09:00:33 +0000 asID: 149931 IP address blocks: 103.4.134.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 18:02:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:36:34:38:76:f0:d6:19:ee:64:c2:b9:30:86:99:18:a2:6d:87:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Dec 27 08:55:33 2023 GMT Not After : Dec 25 09:00:33 2024 GMT Subject: CN=CE9200743A665EB12B15F8F52DCCF98AB2B29E14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:3e:0b:80:16:54:85:36:4b:2e:a0:0d:b8:67: ac:56:b4:a0:3a:fc:86:2f:14:a4:fc:e8:39:45:f8: 4b:4d:f9:a0:0f:81:a9:ed:f3:1c:ea:df:3d:27:ae: a7:af:8a:44:20:9c:56:a5:77:6f:73:5d:7c:14:e9: 8f:04:6d:e0:92:32:d4:21:88:0e:f7:a8:f3:50:a2: 09:e0:06:13:68:4b:89:2b:b6:a7:6b:bd:ca:69:f0: 3c:96:db:dc:e9:70:bf:fb:79:d9:f4:39:9e:2b:1a: b2:a2:e6:d2:95:24:3b:06:cb:75:8b:8b:2c:94:d9: 7b:73:ec:be:41:87:c9:ce:e9:c4:4f:00:f3:73:d2: 31:4a:fa:9a:7e:15:06:56:d5:6f:f3:63:7a:23:0d: 50:0f:be:26:f9:07:e6:7a:8d:22:93:08:b9:8e:af: ef:27:37:25:80:4f:85:ca:9e:d9:c6:f9:32:f5:2e: 59:9c:d9:c6:30:11:6f:3d:8a:2d:5d:15:6b:99:f2: 25:4d:62:15:70:cd:93:4f:62:08:6f:23:cd:a9:98: 5a:49:5a:09:e7:67:53:37:29:ed:c7:98:22:a1:47: 56:5d:98:0c:b9:46:8b:ff:a8:01:87:80:66:27:7a: d9:d5:cc:da:f0:16:9a:93:b5:7d:2d:23:51:49:47: 3d:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:92:00:74:3A:66:5E:B1:2B:15:F8:F5:2D:CC:F9:8A:B2:B2:9E:14 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149931.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.4.134.0/23 Signature Algorithm: sha256WithRSAEncryption 17:b5:c9:b1:48:63:62:ab:74:4f:a3:94:2c:2e:52:b3:a3:38: a7:fd:b1:82:56:84:cc:7c:d8:65:23:ed:16:03:ad:39:8e:aa: 5b:cd:61:34:3e:fe:a1:fe:ca:d3:ab:ef:f0:6a:b7:7f:90:74: 1c:25:17:18:87:2f:a5:c8:bc:2f:6c:f5:7f:13:cd:b4:b3:ab: 9e:97:89:ad:f1:1d:ce:21:30:25:b2:b4:f4:8c:5b:74:31:93: 2e:e4:dc:c5:45:20:da:aa:84:cf:6a:d8:19:22:84:ad:c4:85: f6:38:91:05:05:46:91:a4:2f:9b:70:a1:97:05:fe:d3:8f:05: d8:28:39:5a:1e:b2:92:82:3e:e5:5a:67:ea:8e:00:70:ee:b6: 94:d9:98:4c:74:43:45:de:90:51:6e:36:8b:26:52:83:97:e5: 7d:58:bb:e9:45:3e:20:91:bf:83:4e:6e:e0:bb:32:38:a9:91: 26:cc:10:81:a0:4a:f7:02:ba:32:d8:58:12:fd:e3:03:2a:83: 15:ea:41:d7:c4:44:df:fb:ca:f3:4a:f4:b2:83:68:70:fc:56: 03:da:94:ac:3f:ea:57:da:24:bc:d7:fd:d5:55:28:19:80:fc: 24:38:8a:d0:3b:47:ba:3d:23:7c:28:9e:f5:02:0e:51:a9:a0: 67:10:81:48 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUNzY0OHbw1hnuZMK5MIaZGKJthzowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMTIyNzA4NTUzM1oX DTI0MTIyNTA5MDAzM1owMzExMC8GA1UEAxMoQ0U5MjAwNzQzQTY2NUVCMTJCMTVG OEY1MkRDQ0Y5OEFCMkIyOUUxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMY+C4AWVIU2Sy6gDbhnrFa0oDr8hi8UpPzoOUX4S035oA+Bqe3zHOrfPSeu p6+KRCCcVqV3b3NdfBTpjwRt4JIy1CGIDveo81CiCeAGE2hLiSu2p2u9ymnwPJbb 3Olwv/t52fQ5nisasqLm0pUkOwbLdYuLLJTZe3PsvkGHyc7pxE8A83PSMUr6mn4V BlbVb/NjeiMNUA++JvkH5nqNIpMIuY6v7yc3JYBPhcqe2cb5MvUuWZzZxjARbz2K LV0Va5nyJU1iFXDNk09iCG8jzamYWklaCednUzcp7ceYIqFHVl2YDLlGi/+oAYeA Zid62dXM2vAWmpO1fS0jUUlHPVsCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTOkgB0 OmZesSsV+PUtzPmKsrKeFDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTkzMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWcEhjANBgkqhkiG9w0BAQsFAAOCAQEAF7XJsUhjYqt0T6OULC5S s6M4p/2xglaEzHzYZSPtFgOtOY6qW81hND7+of7K06vv8Gq3f5B0HCUXGIcvpci8 L2z1fxPNtLOrnpeJrfEdziEwJbK09IxbdDGTLuTcxUUg2qqEz2rYGSKErcSF9jiR BQVGkaQvm3ChlwX+048F2Cg5Wh6ykoI+5Vpn6o4AcO62lNmYTHRDRd6QUW42iyZS g5flfVi76UU+IJG/g05u4LsyOKmRJswQgaBK9wK6MthYEv3jAyqDFepB18RE3/vK 80r0soNocPxWA9qUrD/qV9okvNf91VUoGYD8JDiK0DtHuj0jfCie9QIOUamgZxCB SA== -----END CERTIFICATE-----Generated at Wed May 8 17:45:23 2024 by rpki-client on console-ams.rpki-client.org