$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149976.roa File: AS149976.roa (raw, json) Hash identifier: IJRxf5BZVBdhyZ72hJOB5dE86vQkNEO2SRBgcNygX90= Subject key identifier: 88:9C:10:7C:AB:5C:1A:66:86:1E:D6:AA:BC:D4:8A:C6:9F:10:D8:BE Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 457C7CB013293DE8DA6E90A7B150E2F8FBBC303C Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149976.roa Signing time: Wed 15 May 2024 03:00:00 +0000 ROA not before: Wed 15 May 2024 02:55:00 +0000 ROA not after: Wed 14 May 2025 03:00:00 +0000 asID: 149976 IP address blocks: 2001:df2:91c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:7c:7c:b0:13:29:3d:e8:da:6e:90:a7:b1:50:e2:f8:fb:bc:30:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 15 02:55:00 2024 GMT Not After : May 14 03:00:00 2025 GMT Subject: CN=889C107CAB5C1A66861ED6AABCD48AC69F10D8BE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:e6:5a:cf:a5:d6:46:ad:a6:dc:de:b8:c6:0c: 51:73:7a:02:23:79:d5:40:3e:c6:74:c0:5e:7c:ab: d7:b8:d9:d3:12:fd:e1:78:66:c7:5f:93:9d:f9:c8: 22:f2:9c:d6:5d:bc:78:d0:c5:3b:ab:a1:80:bc:32: d0:78:6c:b1:78:31:45:7f:91:59:a0:cb:f4:f1:2b: 16:83:55:d2:50:1d:46:3f:8d:99:88:6f:7a:ca:2d: 02:c6:05:05:f3:e3:21:66:da:38:7c:41:62:3e:33: ff:1a:2d:6f:29:7b:f4:28:af:7f:ad:9e:5c:8c:d5: ac:21:35:2e:a9:ce:dd:3a:89:e0:5f:b2:92:6f:48: d6:49:cb:0a:a6:49:f4:6d:10:de:f8:99:90:df:2e: ea:78:09:df:73:42:c5:22:ee:66:9f:36:22:b9:9a: b6:71:11:8a:0e:3b:fb:a2:56:60:45:27:25:34:d0: a0:4b:52:4d:94:18:96:cf:f1:0b:c0:b2:c1:ed:07: 00:62:bf:ee:a8:b6:8f:27:4f:e3:23:cf:12:0a:30: 0c:e8:8a:10:52:45:13:e4:d8:83:95:1e:75:de:75: 75:75:5f:0b:f8:8d:b0:b3:1b:63:d4:cf:7e:0b:91: 79:7c:0b:6a:73:ad:bc:97:b5:4a:73:42:ca:6d:98: 77:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:9C:10:7C:AB:5C:1A:66:86:1E:D6:AA:BC:D4:8A:C6:9F:10:D8:BE X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149976.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:91c0::/48 Signature Algorithm: sha256WithRSAEncryption 97:84:b4:a9:e1:bf:da:83:59:52:8c:fc:e7:fa:2c:5f:da:1a: 9a:93:ab:ad:6a:96:8c:8e:e4:1d:e8:a3:eb:b2:44:a0:77:ab: 68:d5:3e:ae:64:c6:8d:0c:16:05:08:aa:9a:61:ea:64:fa:5a: aa:25:49:96:de:5b:25:a9:64:ea:a8:4c:60:cb:31:61:14:3c: 40:64:ac:88:93:6c:d9:4d:4c:68:aa:b1:12:5f:7f:f6:5a:b3: c5:00:b5:bb:d1:5c:b3:31:68:41:d9:a0:3f:cb:6c:9b:29:70: b5:f7:70:e8:e9:a4:6f:f1:63:78:eb:d5:12:42:30:ee:f9:ff: a2:f5:18:ea:77:53:ca:b7:45:fd:2f:80:3c:d1:9a:27:66:8b: ce:5a:46:c9:4e:e6:b1:e3:23:26:5b:f0:3f:c4:4b:db:ea:bf: b0:f1:90:5d:7e:1e:56:4b:2e:37:c3:20:ba:0a:61:60:b3:59: fd:81:cb:be:46:1e:c8:5f:7d:be:1d:c1:f4:2a:0a:7b:e1:c5: 9d:8e:82:f0:5a:25:e7:80:a9:b3:12:5d:d3:40:09:bd:de:db: 64:78:e4:f1:b5:3c:39:72:5f:00:8d:8f:49:a8:b5:09:65:4b: ce:19:ae:01:6b:05:b2:aa:69:f8:1b:bb:c5:85:13:a5:6b:28: 4c:af:dc:25 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIURXx8sBMpPejabpCnsVDi+Pu8MDwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDUxNTAyNTUwMFoX DTI1MDUxNDAzMDAwMFowMzExMC8GA1UEAxMoODg5QzEwN0NBQjVDMUE2Njg2MUVE NkFBQkNENDhBQzY5RjEwRDhCRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMPmWs+l1katptzeuMYMUXN6AiN51UA+xnTAXnyr17jZ0xL94Xhmx1+TnfnI IvKc1l28eNDFO6uhgLwy0HhssXgxRX+RWaDL9PErFoNV0lAdRj+NmYhvesotAsYF BfPjIWbaOHxBYj4z/xotbyl79Civf62eXIzVrCE1LqnO3TqJ4F+ykm9I1knLCqZJ 9G0Q3viZkN8u6ngJ33NCxSLuZp82IrmatnERig47+6JWYEUnJTTQoEtSTZQYls/x C8Cywe0HAGK/7qi2jydP4yPPEgowDOiKEFJFE+TYg5Uedd51dXVfC/iNsLMbY9TP fguReXwLanOtvJe1SnNCym2Yd2sCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBSInBB8 q1waZoYe1qq81IrGnxDYvjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTk3Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfKRwDANBgkqhkiG9w0BAQsFAAOCAQEAl4S0qeG/2oNZUoz8 5/osX9oampOrrWqWjI7kHeij67JEoHeraNU+rmTGjQwWBQiqmmHqZPpaqiVJlt5b Jalk6qhMYMsxYRQ8QGSsiJNs2U1MaKqxEl9/9lqzxQC1u9FcszFoQdmgP8tsmylw tfdw6Omkb/FjeOvVEkIw7vn/ovUY6ndTyrdF/S+APNGaJ2aLzlpGyU7mseMjJlvw P8RL2+q/sPGQXX4eVksuN8MgugphYLNZ/YHLvkYeyF99vh3B9CoKe+HFnY6C8Fol 54CpsxJd00AJvd7bZHjk8bU8OXJfAI2PSai1CWVLzhmuAWsFsqpp+Bu7xYUTpWso TK/cJQ== -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:49 2024 by rpki-client on console-ams.rpki-client.org