$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149947.roa File: AS149947.roa (raw, json) Hash identifier: 4JB8XYXnBj0+jVB38C9QMDYR6K70/aebqgya/jCsZo8= Subject key identifier: 4C:50:BF:C2:9D:08:81:24:F1:2D:10:03:51:82:E9:BA:5B:42:87:B9 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 22DF6AA10F87F411FF25173A9DC021CD234C06CC Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149947.roa Signing time: Fri 30 Aug 2024 08:00:00 +0000 ROA not before: Fri 30 Aug 2024 07:55:00 +0000 ROA not after: Fri 29 Aug 2025 08:00:00 +0000 asID: 149947 IP address blocks: 103.88.152.0/23 maxlen: 24 103.88.152.0/24 maxlen: 24 103.88.153.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:df:6a:a1:0f:87:f4:11:ff:25:17:3a:9d:c0:21:cd:23:4c:06:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Aug 30 07:55:00 2024 GMT Not After : Aug 29 08:00:00 2025 GMT Subject: CN=4C50BFC29D088124F12D10035182E9BA5B4287B9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:d8:87:d1:00:4a:78:8e:42:af:d5:7a:0e:47: e3:c7:4a:bb:20:6a:9d:77:75:eb:53:b4:1b:72:7f: c1:39:18:41:b9:d8:23:cc:58:fb:76:e7:3e:e6:1f: e5:40:cd:92:b8:39:29:64:1e:ed:e9:7a:9a:fe:78: 98:83:dd:37:fc:59:21:a5:f4:8e:a7:40:f4:19:05: f8:9c:98:c7:d8:3b:53:7a:25:56:fb:fb:01:11:cc: c2:38:77:b3:da:8b:08:58:8f:ec:95:0e:62:34:a4: af:ee:5d:62:ac:51:6d:6e:e6:b9:a2:40:94:04:87: 8a:75:f9:b9:a4:bd:f8:a8:76:02:2c:71:38:80:04: 36:87:ff:a0:62:10:69:ad:14:9a:a9:1b:05:78:79: 76:6b:29:a2:76:3b:e6:9f:ef:69:92:4f:62:6a:91: 9e:8d:51:3d:44:d0:fb:89:0e:04:fc:35:51:fa:eb: c8:69:52:b1:1b:4c:77:2d:47:d5:55:7d:0a:ff:59: 56:fd:37:96:56:17:8d:bf:6f:96:f1:b6:2a:1b:46: c0:45:e4:84:0b:4d:ba:35:e1:00:22:ab:d1:27:af: 4d:f1:a5:df:59:11:ca:00:36:f5:b3:f7:ca:39:42: 64:fa:0a:80:74:da:74:ca:f6:3e:37:33:b0:2a:52: f9:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:50:BF:C2:9D:08:81:24:F1:2D:10:03:51:82:E9:BA:5B:42:87:B9 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149947.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.88.152.0/23 Signature Algorithm: sha256WithRSAEncryption 41:71:6b:37:3e:d6:3d:e6:60:e8:d5:88:53:29:9e:2f:c1:d2: 90:2b:3e:72:ed:15:9b:7b:c5:4f:13:72:81:81:f8:ed:07:4d: b2:83:fb:35:fe:55:72:f2:e3:c2:82:b8:c7:37:c8:8b:51:53: 96:1e:69:17:df:86:70:64:d9:9d:4d:a6:4a:36:e9:15:9e:7d: 21:60:c0:92:fa:e7:7c:b5:19:27:bf:59:c9:20:61:26:dd:2f: 71:8e:0d:a2:8b:c6:0a:b6:5a:43:97:c7:04:fc:a8:5b:54:7c: 8f:1b:90:65:79:60:2e:35:98:b1:52:0e:a2:1c:46:be:7d:7b: 1f:7e:4a:60:8b:cb:39:56:44:50:a6:98:7f:16:75:5b:81:93: b3:a7:fc:e5:b3:75:6a:7c:6b:55:6a:2b:a5:52:37:29:71:9f: 98:12:85:47:db:6e:6a:5b:40:8f:a4:52:d6:7b:11:55:66:1c: 75:12:1f:02:41:48:2a:ba:30:da:25:b2:71:71:fc:49:5b:45: 16:5a:96:c8:34:bd:43:90:f2:0e:77:6e:ac:1c:c8:db:6e:d1: 29:8e:18:d2:a4:d3:a7:2a:33:08:7a:b0:51:46:f9:ee:18:63: d3:2c:df:6a:5e:dd:9d:d3:fa:09:88:c2:e9:b2:63:0b:60:69: 93:26:d5:35 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUIt9qoQ+H9BH/JRc6ncAhzSNMBswwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDgzMDA3NTUwMFoX DTI1MDgyOTA4MDAwMFowMzExMC8GA1UEAxMoNEM1MEJGQzI5RDA4ODEyNEYxMkQx MDAzNTE4MkU5QkE1QjQyODdCOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANXYh9EASniOQq/Veg5H48dKuyBqnXd161O0G3J/wTkYQbnYI8xY+3bnPuYf 5UDNkrg5KWQe7el6mv54mIPdN/xZIaX0jqdA9BkF+JyYx9g7U3olVvv7ARHMwjh3 s9qLCFiP7JUOYjSkr+5dYqxRbW7muaJAlASHinX5uaS9+Kh2AixxOIAENof/oGIQ aa0UmqkbBXh5dmsponY75p/vaZJPYmqRno1RPUTQ+4kOBPw1UfrryGlSsRtMdy1H 1VV9Cv9ZVv03llYXjb9vlvG2KhtGwEXkhAtNujXhACKr0SevTfGl31kRygA29bP3 yjlCZPoKgHTadMr2PjczsCpS+ZECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRMUL/C nQiBJPEtEANRgum6W0KHuTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTk0Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWdYmDANBgkqhkiG9w0BAQsFAAOCAQEAQXFrNz7WPeZg6NWIUyme L8HSkCs+cu0Vm3vFTxNygYH47QdNsoP7Nf5VcvLjwoK4xzfIi1FTlh5pF9+GcGTZ nU2mSjbpFZ59IWDAkvrnfLUZJ79ZySBhJt0vcY4NoovGCrZaQ5fHBPyoW1R8jxuQ ZXlgLjWYsVIOohxGvn17H35KYIvLOVZEUKaYfxZ1W4GTs6f85bN1anxrVWorpVI3 KXGfmBKFR9tualtAj6RS1nsRVWYcdRIfAkFIKrow2iWycXH8SVtFFlqWyDS9Q5Dy DndurBzI227RKY4Y0qTTpyozCHqwUUb57hhj0yzfal7dndP6CYjC6bJjC2BpkybV NQ== -----END CERTIFICATE-----Generated at Mon Nov 25 13:01:56 2024 by rpki-client on console-fra.rpki-client.org