$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149965.roa File: AS149965.roa (raw, json) Hash identifier: ltRTZ1fFGg4ATjtDObHI6AF2Jhq9Xt3RAoZKYQTeiTI= Subject key identifier: 5C:47:C8:77:3E:03:0F:E2:3C:87:C5:0F:99:32:8E:AF:96:76:80:84 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1E935BF21DE4F7007DC35094B6468F0AB8F2AAA1 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149965.roa Signing time: Tue 03 Oct 2023 09:00:00 +0000 ROA not before: Tue 03 Oct 2023 08:55:00 +0000 ROA not after: Tue 01 Oct 2024 09:00:00 +0000 asID: 149965 IP address blocks: 103.139.138.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 18:02:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:93:5b:f2:1d:e4:f7:00:7d:c3:50:94:b6:46:8f:0a:b8:f2:aa:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Oct 3 08:55:00 2023 GMT Not After : Oct 1 09:00:00 2024 GMT Subject: CN=5C47C8773E030FE23C87C50F99328EAF96768084 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:27:5f:42:3f:5e:e5:e2:ec:e6:4a:ba:59:b9: 44:eb:29:ed:07:19:1b:4e:bc:3f:4a:88:e7:65:27: b6:3a:49:ec:f5:d7:b3:0d:63:e7:5b:27:85:2c:65: 71:a6:db:ad:7b:1e:c3:e9:be:dd:a3:a2:a5:86:68: 52:56:df:b6:0b:52:d7:c4:1f:a3:9c:16:08:f0:7a: b9:cb:01:43:b2:73:da:01:55:08:c0:28:ad:c8:dc: 87:93:e5:7c:6d:31:a7:99:8e:77:40:a5:fc:00:65: 7f:8b:3a:5f:12:98:72:ea:5d:95:9f:f1:cd:ce:de: 18:f1:32:c1:3d:7c:dc:c1:c0:28:a2:ef:d3:0a:4e: b7:0a:15:bb:b4:d9:bd:7f:16:d6:e3:1c:94:7f:17: bc:0f:45:87:c2:c1:90:d2:0b:9b:78:34:a3:dc:3d: f2:77:41:20:65:3f:1f:24:e2:50:04:a6:7d:79:f6: aa:2c:c3:d8:ef:9f:46:c3:e5:33:2c:5d:01:4b:5a: 76:27:33:09:e3:f7:06:f9:3b:a6:bd:f2:3c:95:8c: 61:94:81:90:34:77:9a:32:f7:a4:4d:7c:2e:e4:5a: 73:ed:f9:75:c2:16:0d:64:45:b3:b6:8a:76:0d:54: 83:3c:dd:76:43:5a:f2:b5:b7:65:d0:ff:a6:75:be: 8d:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:47:C8:77:3E:03:0F:E2:3C:87:C5:0F:99:32:8E:AF:96:76:80:84 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149965.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.139.138.0/23 Signature Algorithm: sha256WithRSAEncryption 82:dd:6e:70:0f:5a:1a:53:7c:64:48:b3:b6:59:fe:c6:ca:55: ff:35:e9:82:7b:39:62:44:17:d0:81:70:3e:dc:78:ea:b3:76: 21:51:84:81:c5:c5:27:6c:13:f6:72:25:ef:d3:5f:b3:35:29: 24:93:7f:d5:70:ba:36:cf:6a:2c:66:b1:8a:12:d7:18:e4:b4: 29:0d:c6:a8:94:40:9e:30:30:65:ad:11:3e:8a:4f:cd:df:ae: 06:89:e3:9c:5c:86:ac:22:05:48:00:05:94:ec:df:52:da:16: 14:1e:59:1e:44:19:df:00:a8:12:50:9c:d9:42:f7:a1:9d:0c: 77:20:f7:0f:c0:10:9a:36:ca:bf:34:9c:b1:cb:fc:a9:a2:f9: 8f:42:ab:4e:2d:5a:12:ce:37:85:9d:bd:76:5a:bb:cf:ed:a9: c6:3c:bf:f6:43:2c:f4:f2:d5:0a:47:3c:79:9b:0d:08:3a:5b: bb:8c:d6:29:d7:00:78:90:02:bf:7c:3e:9f:1d:56:b8:bd:71: 85:89:59:f4:b0:ae:51:42:4e:bf:38:d4:fd:dd:56:51:ae:28: 09:5c:0d:91:22:8e:a6:50:03:99:9d:45:cb:b3:60:fb:e2:1e: e1:27:e1:60:8f:20:e5:5f:fe:66:56:ba:be:13:fd:2d:7f:7a: c1:92:88:ab -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUHpNb8h3k9wB9w1CUtkaPCrjyqqEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMTAwMzA4NTUwMFoX DTI0MTAwMTA5MDAwMFowMzExMC8GA1UEAxMoNUM0N0M4NzczRTAzMEZFMjNDODdD NTBGOTkzMjhFQUY5Njc2ODA4NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKknX0I/XuXi7OZKulm5ROsp7QcZG068P0qI52UntjpJ7PXXsw1j51snhSxl cabbrXsew+m+3aOipYZoUlbftgtS18Qfo5wWCPB6ucsBQ7Jz2gFVCMAorcjch5Pl fG0xp5mOd0Cl/ABlf4s6XxKYcupdlZ/xzc7eGPEywT183MHAKKLv0wpOtwoVu7TZ vX8W1uMclH8XvA9Fh8LBkNILm3g0o9w98ndBIGU/HyTiUASmfXn2qizD2O+fRsPl MyxdAUtadiczCeP3Bvk7pr3yPJWMYZSBkDR3mjL3pE18LuRac+35dcIWDWRFs7aK dg1UgzzddkNa8rW3ZdD/pnW+jX0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRcR8h3 PgMP4jyHxQ+ZMo6vlnaAhDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTk2NS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWeLijANBgkqhkiG9w0BAQsFAAOCAQEAgt1ucA9aGlN8ZEiztln+ xspV/zXpgns5YkQX0IFwPtx46rN2IVGEgcXFJ2wT9nIl79NfszUpJJN/1XC6Ns9q LGaxihLXGOS0KQ3GqJRAnjAwZa0RPopPzd+uBonjnFyGrCIFSAAFlOzfUtoWFB5Z HkQZ3wCoElCc2UL3oZ0MdyD3D8AQmjbKvzScscv8qaL5j0KrTi1aEs43hZ29dlq7 z+2pxjy/9kMs9PLVCkc8eZsNCDpbu4zWKdcAeJACv3w+nx1WuL1xhYlZ9LCuUUJO vzjU/d1WUa4oCVwNkSKOplADmZ1Fy7Ng++Ie4SfhYI8g5V/+Zla6vhP9LX96wZKI qw== -----END CERTIFICATE-----Generated at Wed May 8 17:45:23 2024 by rpki-client on console-ams.rpki-client.org