$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149971.roa File: AS149971.roa (raw, json) Hash identifier: v3o7gjQ+QLW4Nr0BDghiKMJfRykQMSOEwPtI1yBWHCY= Subject key identifier: 2A:EC:14:9C:F8:4F:5C:85:CA:F8:F8:0F:1A:DD:F7:DE:58:FC:1A:41 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4F4108B235679FC74625EA15B8296F1C0C0380E7 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149971.roa Signing time: Fri 02 Aug 2024 09:01:43 +0000 ROA not before: Fri 02 Aug 2024 08:56:43 +0000 ROA not after: Fri 01 Aug 2025 09:01:43 +0000 asID: 149971 IP address blocks: 2001:df2:b440::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:41:08:b2:35:67:9f:c7:46:25:ea:15:b8:29:6f:1c:0c:03:80:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Aug 2 08:56:43 2024 GMT Not After : Aug 1 09:01:43 2025 GMT Subject: CN=2AEC149CF84F5C85CAF8F80F1ADDF7DE58FC1A41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:6c:78:ae:e4:a8:14:1a:17:d2:fb:39:4e:20: 7f:ed:d4:17:8a:1c:a4:9e:10:84:18:99:82:95:46: 6b:0a:14:83:f6:a7:05:b4:af:bd:74:b8:82:45:14: 6f:ad:69:4b:5a:13:76:7e:a8:7e:1f:a4:d6:18:2d: db:69:62:4e:e5:cd:0a:59:50:a6:8f:00:77:b9:81: 75:54:32:84:92:1c:a8:34:55:3e:df:8d:a1:75:08: fc:09:6f:04:c5:31:c9:26:4e:f0:3d:18:b2:39:78: ab:ae:4a:0e:06:8a:b1:b3:ce:5d:ad:76:fd:ce:d1: a4:47:6b:47:51:20:08:c7:ec:fa:68:07:65:1f:b4: 77:4a:42:0f:d9:c4:8e:3d:6e:c0:fe:ae:6c:58:b8: ef:04:97:5d:c0:a5:88:1c:4c:bf:c9:3f:6e:c8:b2: f6:05:7b:57:cb:ad:46:b7:2f:ec:7d:d6:c2:b9:49: 8e:12:bd:eb:89:12:2e:39:d5:7c:63:c0:f6:a1:c6: 15:eb:bd:10:c6:62:a8:3c:60:2d:f9:1d:d9:18:54: f7:11:ad:71:09:16:9b:2c:9c:42:70:ae:a7:e8:7e: f4:cc:cf:07:e9:ba:4a:d2:32:30:02:e7:3f:22:8b: 98:50:22:69:18:f9:cd:0a:2d:66:68:51:a5:0a:25: 30:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:EC:14:9C:F8:4F:5C:85:CA:F8:F8:0F:1A:DD:F7:DE:58:FC:1A:41 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149971.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:b440::/48 Signature Algorithm: sha256WithRSAEncryption 53:0a:24:4f:22:e7:cd:54:f0:90:f4:bd:28:dd:24:16:74:74: 67:6a:8e:3d:80:ee:f2:94:88:26:5c:b6:81:01:e1:1a:8e:95: 08:a1:0a:e8:5b:c4:25:16:0c:dd:39:c9:5e:f9:cc:9a:49:c4: e6:8a:f3:f2:81:5e:6d:5c:98:8e:7f:e8:cc:43:4f:7a:5e:0b: 69:0a:7e:bc:53:f2:fd:1f:3a:52:70:1c:9c:f3:7f:b1:23:28: 5a:15:37:33:bc:8f:11:a7:f1:27:1f:19:80:43:51:3b:21:00: a3:c9:8a:d3:18:8b:98:5f:c3:77:42:fc:10:19:c2:e6:f3:af: 89:e2:51:86:35:92:a0:4d:aa:7a:d1:79:a7:bb:3e:f8:d8:fe: 4f:a4:80:74:a6:0c:a4:94:44:de:ed:3e:e1:56:80:a9:f8:b7: 1c:c6:40:88:f1:7d:c6:84:10:ec:00:bf:07:43:0c:91:8e:90: 7b:b3:38:de:a7:bf:93:62:f1:cc:2c:2e:e7:05:43:43:d8:be: 5d:1b:08:0f:4c:3d:44:c9:14:21:67:67:27:16:40:64:5a:a5: 00:b9:6b:da:29:a2:23:8e:72:98:4b:a1:ce:ff:f4:2e:ce:8d: f5:de:bc:c7:ab:cf:f3:c8:12:c8:48:03:2e:3c:12:66:bd:28: d7:5d:7d:c1 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUT0EIsjVnn8dGJeoVuClvHAwDgOcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDgwMjA4NTY0M1oX DTI1MDgwMTA5MDE0M1owMzExMC8GA1UEAxMoMkFFQzE0OUNGODRGNUM4NUNBRjhG ODBGMUFEREY3REU1OEZDMUE0MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMZseK7kqBQaF9L7OU4gf+3UF4ocpJ4QhBiZgpVGawoUg/anBbSvvXS4gkUU b61pS1oTdn6ofh+k1hgt22liTuXNCllQpo8Ad7mBdVQyhJIcqDRVPt+NoXUI/Alv BMUxySZO8D0Ysjl4q65KDgaKsbPOXa12/c7RpEdrR1EgCMfs+mgHZR+0d0pCD9nE jj1uwP6ubFi47wSXXcCliBxMv8k/bsiy9gV7V8utRrcv7H3WwrlJjhK964kSLjnV fGPA9qHGFeu9EMZiqDxgLfkd2RhU9xGtcQkWmyycQnCup+h+9MzPB+m6StIyMALn PyKLmFAiaRj5zQotZmhRpQolMFUCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQq7BSc +E9chcr4+A8a3ffeWPwaQTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTk3MS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfK0QDANBgkqhkiG9w0BAQsFAAOCAQEAUwokTyLnzVTwkPS9 KN0kFnR0Z2qOPYDu8pSIJly2gQHhGo6VCKEK6FvEJRYM3TnJXvnMmknE5orz8oFe bVyYjn/ozENPel4LaQp+vFPy/R86UnAcnPN/sSMoWhU3M7yPEafxJx8ZgENROyEA o8mK0xiLmF/Dd0L8EBnC5vOvieJRhjWSoE2qetF5p7s++Nj+T6SAdKYMpJRE3u0+ 4VaAqfi3HMZAiPF9xoQQ7AC/B0MMkY6Qe7M43qe/k2LxzCwu5wVDQ9i+XRsID0w9 RMkUIWdnJxZAZFqlALlr2imiI45ymEuhzv/0Ls6N9d68x6vP88gSyEgDLjwSZr0o 1119wQ== -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:27 2024 by rpki-client on console-fra.rpki-client.org