$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149974.roa File: AS149974.roa (raw, json) Hash identifier: 5cQL9c915A/6Giisso0PPHmgeuFbk3wGTrHmgHoyMuI= Subject key identifier: E2:71:F1:7D:D1:1F:5F:3A:8F:20:1E:F8:E7:9E:2A:56:5C:26:79:91 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 52B29D5FBF99FAB13784EB2A2828A2F9A8963CCC Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149974.roa Signing time: Wed 20 Nov 2024 10:00:00 +0000 ROA not before: Wed 20 Nov 2024 09:55:00 +0000 ROA not after: Wed 19 Nov 2025 10:00:00 +0000 asID: 149974 IP address blocks: 103.18.188.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:b2:9d:5f:bf:99:fa:b1:37:84:eb:2a:28:28:a2:f9:a8:96:3c:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 20 09:55:00 2024 GMT Not After : Nov 19 10:00:00 2025 GMT Subject: CN=E271F17DD11F5F3A8F201EF8E79E2A565C267991 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:e9:66:60:e6:f5:2f:63:90:78:61:75:01:86: 37:8c:27:1a:62:84:4e:47:79:ce:4b:4f:77:e5:cf: af:7f:d9:6c:d6:3e:54:6b:c3:55:ee:0a:e9:c4:ee: 21:8e:87:d0:1d:43:94:6a:14:6a:00:e6:d4:0d:0c: 95:fb:81:b0:98:17:52:54:21:63:15:84:4e:6d:7a: a8:26:ec:7a:c1:c3:2d:c3:af:5b:b9:c9:7d:ea:e0: 68:d0:49:3c:40:1b:79:8f:74:f4:c9:e2:06:d8:7d: c6:54:f8:75:90:31:ed:53:45:7a:15:f7:98:e3:b9: 5a:21:02:a7:a5:b0:43:2c:47:1b:a5:f0:fe:e2:7e: c1:0e:6d:32:b7:a5:63:ba:d0:15:5d:6e:e6:8a:6a: 35:84:bd:04:03:8c:1f:24:ca:18:40:47:e3:76:45: f9:32:c0:93:00:da:45:5f:f6:c9:5a:98:3e:3a:1e: 76:69:cf:4d:d8:95:b6:79:4f:e5:47:92:88:23:73: 15:46:b5:ca:69:74:e2:5c:62:ec:b7:37:f0:5f:82: 12:95:52:d9:0e:f0:aa:8e:91:dc:02:9b:b0:18:06: 49:cb:a6:ac:0a:15:c0:80:96:22:8c:1d:68:67:12: 3e:51:10:7e:2f:05:5d:c4:1b:2a:98:d9:c0:47:84: 89:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:71:F1:7D:D1:1F:5F:3A:8F:20:1E:F8:E7:9E:2A:56:5C:26:79:91 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149974.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.18.188.0/24 Signature Algorithm: sha256WithRSAEncryption 0b:73:5d:d6:cd:fa:6a:a5:e6:f8:e5:94:9f:fa:19:ca:7a:d0: 4e:10:fc:85:14:ab:94:2c:ba:94:73:d3:d2:88:15:26:c3:ce: 12:d3:99:41:90:7c:83:33:08:9c:d4:36:38:f5:8a:80:51:80: c0:0a:51:87:e7:34:7e:01:33:ad:03:ac:37:f9:40:d9:76:d6: af:1d:2b:a4:e2:5e:82:c9:d7:f1:8c:90:6f:3e:15:d9:b1:a9: 62:6e:64:bf:6b:26:f5:18:04:6d:3f:3f:0d:6f:fc:41:ff:f6: 4c:23:05:13:ac:7a:da:69:a5:eb:be:9b:fa:52:33:66:ef:da: 4c:e3:3b:a2:07:0b:35:aa:17:75:65:dd:58:c2:c8:f5:a8:6c: 48:e2:00:6f:e9:01:a1:f6:c3:fc:3e:a2:0e:e8:40:b8:ce:bb: 1e:14:ef:5b:1a:75:f4:07:b5:46:8d:4b:e3:2a:59:d3:2d:09: aa:e1:b5:4f:ad:d2:47:0d:61:6f:03:81:ad:c1:be:68:92:90: 33:70:e2:0c:38:c9:6b:ea:86:ab:9b:43:38:ce:31:99:5d:52: d8:ab:0d:5d:4d:f0:f4:6c:c4:e6:48:e2:10:85:3f:66:60:c2: 0e:56:9e:f7:c7:4d:93:3a:5a:22:ea:d9:26:96:78:d4:e9:62: 42:bd:e0:17 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUUrKdX7+Z+rE3hOsqKCii+aiWPMwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTEyMDA5NTUwMFoX DTI1MTExOTEwMDAwMFowMzExMC8GA1UEAxMoRTI3MUYxN0REMTFGNUYzQThGMjAx RUY4RTc5RTJBNTY1QzI2Nzk5MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALbpZmDm9S9jkHhhdQGGN4wnGmKETkd5zktPd+XPr3/ZbNY+VGvDVe4K6cTu IY6H0B1DlGoUagDm1A0MlfuBsJgXUlQhYxWETm16qCbsesHDLcOvW7nJfergaNBJ PEAbeY909MniBth9xlT4dZAx7VNFehX3mOO5WiECp6WwQyxHG6Xw/uJ+wQ5tMrel Y7rQFV1u5opqNYS9BAOMHyTKGEBH43ZF+TLAkwDaRV/2yVqYPjoedmnPTdiVtnlP 5UeSiCNzFUa1yml04lxi7Lc38F+CEpVS2Q7wqo6R3AKbsBgGScumrAoVwICWIowd aGcSPlEQfi8FXcQbKpjZwEeEiWcCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTicfF9 0R9fOo8gHvjnnipWXCZ5kTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTk3NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAGcSvDANBgkqhkiG9w0BAQsFAAOCAQEAC3Nd1s36aqXm+OWUn/oZ ynrQThD8hRSrlCy6lHPT0ogVJsPOEtOZQZB8gzMInNQ2OPWKgFGAwApRh+c0fgEz rQOsN/lA2XbWrx0rpOJegsnX8YyQbz4V2bGpYm5kv2sm9RgEbT8/DW/8Qf/2TCMF E6x62mml676b+lIzZu/aTOM7ogcLNaoXdWXdWMLI9ahsSOIAb+kBofbD/D6iDuhA uM67HhTvWxp19Ae1Ro1L4ypZ0y0JquG1T63SRw1hbwOBrcG+aJKQM3DiDDjJa+qG q5tDOM4xmV1S2KsNXU3w9GzE5kjiEIU/ZmDCDlae98dNkzpaIurZJpZ41OliQr3g Fw== -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:27 2024 by rpki-client on console-fra.rpki-client.org