$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149947.roa File: AS149947.roa (raw, json) Hash identifier: 369C9NqN6FVi5W9Teiu13MsuM14cvbUa2ONJdD5RWCg= Subject key identifier: 1A:2E:28:51:1B:91:C2:E9:B2:89:87:A0:B2:58:30:A3:4B:35:B6:54 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 7476C77FAD4CA37574223E37F6C17A507A4B927F Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149947.roa Signing time: Fri 29 Sep 2023 07:54:17 +0000 ROA not before: Fri 29 Sep 2023 07:49:17 +0000 ROA not after: Fri 27 Sep 2024 07:54:17 +0000 asID: 149947 IP address blocks: 103.88.152.0/23 maxlen: 24 103.88.152.0/24 maxlen: 24 103.88.153.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 00:20:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:76:c7:7f:ad:4c:a3:75:74:22:3e:37:f6:c1:7a:50:7a:4b:92:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 29 07:49:17 2023 GMT Not After : Sep 27 07:54:17 2024 GMT Subject: CN=1A2E28511B91C2E9B28987A0B25830A34B35B654 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:89:6f:da:d1:12:c5:f1:6d:ab:db:ab:da:2f: b3:4b:11:dd:72:cc:58:ee:a5:a8:32:c0:de:8a:2b: 94:a3:c6:66:e5:fd:2a:81:c0:98:5e:a1:db:e4:12: 72:db:02:9a:bc:10:e2:69:f8:d6:a4:b2:0d:69:e0: 9f:33:41:85:45:e2:88:f3:8c:5e:3b:06:e3:17:4a: c4:49:28:54:00:87:41:45:cc:d0:95:54:7b:30:54: 91:be:72:bb:fe:0f:2b:47:77:3f:cd:92:b2:2f:be: 8e:99:ad:b6:d8:9c:9e:8e:1d:6c:dc:3e:75:a4:65: a4:3e:3c:2b:a7:d3:07:60:a0:b3:3b:c1:b9:91:bc: 70:f7:e1:08:02:29:65:24:80:68:98:af:dd:b9:ad: 35:fb:04:26:b0:b9:de:09:5e:ba:ad:1e:e7:5c:c7: 8a:12:cd:24:4c:4d:ac:b8:d3:73:bf:5a:aa:02:1c: 26:a4:49:09:ec:f2:9a:9f:96:7f:db:5c:f2:c5:b1: 70:a2:42:f5:1b:7a:dd:bb:be:a9:42:3b:b9:a2:0d: 8e:04:5d:25:3c:f5:07:a0:4e:b8:3b:6f:8e:b9:20: f7:ba:43:9f:dd:d7:b3:bb:7a:6d:1b:37:e2:e2:4a: a2:e5:1a:f3:53:2e:c9:7a:2a:0b:b1:18:63:87:5f: 23:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:2E:28:51:1B:91:C2:E9:B2:89:87:A0:B2:58:30:A3:4B:35:B6:54 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149947.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.88.152.0/23 Signature Algorithm: sha256WithRSAEncryption 33:38:33:c3:84:59:19:23:68:cd:4b:64:1c:3b:ce:b2:3b:dc: 5a:f3:95:f8:f2:de:22:13:93:83:ea:5e:18:93:b1:e3:b3:ca: 95:66:80:8e:ac:ce:c8:d1:e4:30:4b:d7:89:44:f7:bd:63:8a: 85:64:91:12:fa:1c:fb:96:99:b7:86:14:ef:65:e7:63:40:58: 5a:85:f6:b8:44:e2:5b:4d:6c:78:08:3e:09:74:8d:0e:85:e9: 0f:fa:1d:4e:3f:37:0e:86:a8:60:08:f1:a3:f4:9d:55:c4:ae: 04:c3:a7:c0:83:fc:ba:a5:c2:03:4a:47:0b:b7:70:e4:4d:0e: b3:4a:f8:5a:62:10:36:3f:ea:e9:2c:90:bf:f8:d1:c3:10:62: f8:e6:8a:03:a0:24:53:ee:3b:ad:ee:f1:fc:29:88:a4:fc:c6: 57:c3:a8:a3:44:a1:1a:a6:e4:98:54:83:64:5a:73:71:fa:be: e7:f0:3a:8d:47:72:ca:f8:e6:a3:b8:98:8b:be:ae:74:0f:f5: db:c7:9e:e2:3c:2e:6d:bb:8e:d1:7d:64:ec:a1:6c:ba:64:39: 09:e6:c5:77:9d:79:2e:38:c5:ac:30:ec:17:63:03:7c:3c:b9: fc:a3:9a:71:0f:53:65:b5:33:b9:30:d2:17:8e:ae:0b:a6:f3: 2d:dd:68:98 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUdHbHf61Mo3V0Ij439sF6UHpLkn8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDkyOTA3NDkxN1oX DTI0MDkyNzA3NTQxN1owMzExMC8GA1UEAxMoMUEyRTI4NTExQjkxQzJFOUIyODk4 N0EwQjI1ODMwQTM0QjM1QjY1NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOSJb9rREsXxbavbq9ovs0sR3XLMWO6lqDLA3oorlKPGZuX9KoHAmF6h2+QS ctsCmrwQ4mn41qSyDWngnzNBhUXiiPOMXjsG4xdKxEkoVACHQUXM0JVUezBUkb5y u/4PK0d3P82Ssi++jpmttticno4dbNw+daRlpD48K6fTB2CgszvBuZG8cPfhCAIp ZSSAaJiv3bmtNfsEJrC53gleuq0e51zHihLNJExNrLjTc79aqgIcJqRJCezymp+W f9tc8sWxcKJC9Rt63bu+qUI7uaINjgRdJTz1B6BOuDtvjrkg97pDn93Xs7t6bRs3 4uJKouUa81MuyXoqC7EYY4dfI38CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQaLihR G5HC6bKJh6CyWDCjSzW2VDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTk0Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWdYmDANBgkqhkiG9w0BAQsFAAOCAQEAMzgzw4RZGSNozUtkHDvO sjvcWvOV+PLeIhOTg+peGJOx47PKlWaAjqzOyNHkMEvXiUT3vWOKhWSREvoc+5aZ t4YU72XnY0BYWoX2uETiW01seAg+CXSNDoXpD/odTj83DoaoYAjxo/SdVcSuBMOn wIP8uqXCA0pHC7dw5E0Os0r4WmIQNj/q6SyQv/jRwxBi+OaKA6AkU+47re7x/CmI pPzGV8Ooo0ShGqbkmFSDZFpzcfq+5/A6jUdyyvjmo7iYi76udA/128ee4jwubbuO 0X1k7KFsumQ5CebFd515LjjFrDDsF2MDfDy5/KOacQ9TZbUzuTDSF46uC6bzLd1o mA== -----END CERTIFICATE-----Generated at Thu May 9 00:37:07 2024 by rpki-client on console-fra.rpki-client.org