$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149971.roa File: AS149971.roa (raw, json) Hash identifier: 8l3j0JdNU84rqGOPJtBOlpBa45tRfnxwOqs4ueDUN7U= Subject key identifier: 2B:30:03:9E:DA:9C:71:D4:56:75:A8:E3:D1:04:7C:01:2A:0C:F1:A3 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 53DBD5C11FBC51208D4181574621089CF2C1CDB0 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149971.roa Signing time: Fri 01 Sep 2023 08:41:43 +0000 ROA not before: Fri 01 Sep 2023 08:36:43 +0000 ROA not after: Fri 30 Aug 2024 08:41:43 +0000 asID: 149971 IP address blocks: 2001:df2:b440::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 03:34:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:db:d5:c1:1f:bc:51:20:8d:41:81:57:46:21:08:9c:f2:c1:cd:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 1 08:36:43 2023 GMT Not After : Aug 30 08:41:43 2024 GMT Subject: CN=2B30039EDA9C71D45675A8E3D1047C012A0CF1A3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:12:11:98:32:3f:e5:10:6e:ee:c8:bb:73:fd: 01:b6:36:60:8a:a7:c0:85:ad:bf:f1:9b:e5:d8:69: 77:9d:e7:2d:3d:ca:d8:02:ec:40:77:85:62:94:18: 24:7a:0a:8b:30:59:13:de:bc:92:ba:aa:b3:e7:2a: 8d:79:48:ad:0f:53:6f:25:d7:ce:d9:21:64:be:15: d5:fc:33:19:fb:4d:27:3d:e0:6d:03:88:50:c9:a1: fc:46:f9:d9:80:0f:28:af:b4:4d:38:c5:57:07:24: c7:e4:62:7a:51:11:a2:a0:e2:bb:ea:ce:b0:72:7a: 86:2a:f0:b2:19:07:1b:d1:92:ab:a6:26:8b:36:56: ee:55:2f:1a:cc:a2:c8:27:56:f1:8d:40:2c:3f:73: 4d:09:3a:65:fb:3e:7e:5c:91:4a:fb:bd:77:df:a9: 9f:9f:dc:90:aa:a9:ff:65:78:0f:89:bc:7b:a0:fa: 37:d2:4e:65:8a:6a:19:82:9f:d5:34:24:f8:b3:7c: 4e:ce:da:7f:4a:4b:42:29:4d:2c:84:46:70:5a:c3: a9:e9:ec:61:3f:e6:24:b0:93:30:03:bb:45:2a:50: e1:5a:85:f9:70:ed:25:3b:1d:58:66:40:fb:4a:40: 1e:87:ff:32:dd:df:a9:a2:06:58:51:c5:5a:04:90: 74:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:30:03:9E:DA:9C:71:D4:56:75:A8:E3:D1:04:7C:01:2A:0C:F1:A3 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149971.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:b440::/48 Signature Algorithm: sha256WithRSAEncryption 4f:ba:21:e2:9e:39:d4:a5:0f:ea:3c:7f:20:df:e7:73:3e:a4: 68:f9:94:8a:72:2e:25:2b:46:51:46:8c:71:9f:9e:df:61:05: 3f:bb:e8:ee:45:91:ac:ab:ff:54:33:09:c6:cf:65:9d:92:22: 71:9f:4a:58:f7:26:3c:cf:0b:71:ad:db:78:eb:1b:b9:11:36: 0e:5a:d6:58:2c:50:95:0a:b4:fe:fc:77:34:10:f1:87:25:e8: 31:b1:41:d4:9e:3b:34:61:0d:56:e7:66:73:e3:db:a2:61:61: bc:ba:d8:42:9e:d2:50:4d:79:82:45:75:64:84:66:da:3f:54: de:90:c6:8c:ca:b7:98:e5:3d:6b:8e:71:fe:c9:8f:9e:a4:65: 51:06:a4:8e:ff:6c:e1:fa:16:8e:c0:bb:1b:ed:58:0e:53:3c: f7:17:62:aa:ea:a5:dc:93:de:88:c1:5a:3e:0d:94:d4:6b:c7: 9a:67:69:08:20:5d:41:c8:b2:d7:1f:58:4b:cb:9b:90:85:04: 1a:02:47:11:78:26:84:99:9c:d6:ab:cd:5b:7a:82:13:82:bf: 1f:86:a1:7e:3d:12:75:b5:9f:e1:41:a4:d8:22:18:c1:63:af: 9a:0e:9a:13:03:10:70:ca:54:4b:ce:44:a4:c2:96:b2:9d:6a: 38:cb:7d:76 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUU9vVwR+8USCNQYFXRiEInPLBzbAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDkwMTA4MzY0M1oX DTI0MDgzMDA4NDE0M1owMzExMC8GA1UEAxMoMkIzMDAzOUVEQTlDNzFENDU2NzVB OEUzRDEwNDdDMDEyQTBDRjFBMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANkSEZgyP+UQbu7Iu3P9AbY2YIqnwIWtv/Gb5dhpd53nLT3K2ALsQHeFYpQY JHoKizBZE968krqqs+cqjXlIrQ9TbyXXztkhZL4V1fwzGftNJz3gbQOIUMmh/Eb5 2YAPKK+0TTjFVwckx+RielERoqDiu+rOsHJ6hirwshkHG9GSq6YmizZW7lUvGsyi yCdW8Y1ALD9zTQk6Zfs+flyRSvu9d9+pn5/ckKqp/2V4D4m8e6D6N9JOZYpqGYKf 1TQk+LN8Ts7af0pLQilNLIRGcFrDqensYT/mJLCTMAO7RSpQ4VqF+XDtJTsdWGZA +0pAHof/Mt3fqaIGWFHFWgSQdE8CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQrMAOe 2pxx1FZ1qOPRBHwBKgzxozAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTk3MS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfK0QDANBgkqhkiG9w0BAQsFAAOCAQEAT7oh4p451KUP6jx/ IN/ncz6kaPmUinIuJStGUUaMcZ+e32EFP7vo7kWRrKv/VDMJxs9lnZIicZ9KWPcm PM8Lca3beOsbuRE2DlrWWCxQlQq0/vx3NBDxhyXoMbFB1J47NGENVudmc+PbomFh vLrYQp7SUE15gkV1ZIRm2j9U3pDGjMq3mOU9a45x/smPnqRlUQakjv9s4foWjsC7 G+1YDlM89xdiquql3JPeiMFaPg2U1GvHmmdpCCBdQciy1x9YS8ubkIUEGgJHEXgm hJmc1qvNW3qCE4K/H4ahfj0SdbWf4UGk2CIYwWOvmg6aEwMQcMpUS85EpMKWsp1q OMt9dg== -----END CERTIFICATE-----Generated at Wed May 8 22:46:43 2024 by rpki-client on console-ams.rpki-client.org