$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150191.roa File: AS150191.roa (raw, json) Hash identifier: isNNFiXO4XmrEG7HxRz1/wjxGbechyEBUEISP44V7B0= Subject key identifier: C2:89:56:49:28:DE:57:38:E1:A9:02:8C:D2:39:CD:CA:FA:CB:44:FF Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5CA8FC2B05668480EF40CA6CE37B1B884DB88BAD Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150191.roa Signing time: Tue 18 Jun 2024 07:00:00 +0000 ROA not before: Tue 18 Jun 2024 06:55:00 +0000 ROA not after: Tue 17 Jun 2025 07:00:00 +0000 asID: 150191 IP address blocks: 103.152.21.0/24 maxlen: 24 2001:df2:5dc0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:a8:fc:2b:05:66:84:80:ef:40:ca:6c:e3:7b:1b:88:4d:b8:8b:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 18 06:55:00 2024 GMT Not After : Jun 17 07:00:00 2025 GMT Subject: CN=C289564928DE5738E1A9028CD239CDCAFACB44FF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:a7:d9:35:65:1c:96:f2:47:17:e6:84:75:b5: 84:8c:c1:7b:0a:db:e5:11:b4:3a:75:29:ad:e8:94: 22:d1:c3:6f:1e:f1:02:59:3a:88:0d:e5:4f:ff:6f: 45:7e:32:97:7b:09:d1:04:62:c5:3d:05:83:04:f3: 55:73:67:0c:b4:8f:ea:47:d3:09:99:13:f6:da:dd: cb:c0:86:c0:2b:7f:ef:95:0a:82:55:d8:0f:f5:d8: 44:50:15:1c:9a:05:08:7d:fc:78:c5:99:aa:73:9f: 27:5d:e5:1e:ca:7d:ea:1f:57:17:c4:04:cd:31:af: 98:35:a7:2a:8c:76:8e:41:20:15:78:05:b3:10:9b: 8d:83:80:ec:97:7b:10:e9:16:45:aa:2e:fb:b2:5f: 22:86:36:07:79:c6:9e:a9:ad:ee:39:87:ac:ea:75: b2:4a:d1:71:08:ed:24:0c:60:e6:8d:22:14:c7:6c: f6:b8:f3:b5:b9:87:8e:31:d4:63:a3:d5:eb:41:77: f2:bb:d8:f0:c9:bf:db:bd:66:7f:0b:9e:c0:66:18: b7:5d:98:c6:bf:49:8b:7a:96:c8:da:49:62:3c:d0: 12:3b:ea:ca:0b:fa:52:21:db:70:18:d1:78:dd:84: 5c:7a:2e:c0:73:6c:f8:5c:e2:ed:2a:99:31:fa:a4: 54:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:89:56:49:28:DE:57:38:E1:A9:02:8C:D2:39:CD:CA:FA:CB:44:FF X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150191.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.152.21.0/24 IPv6: 2001:df2:5dc0::/48 Signature Algorithm: sha256WithRSAEncryption 68:14:69:14:9b:95:20:4f:cb:06:5a:aa:61:be:ca:9f:85:1d: 65:93:10:e4:ca:0f:cf:cf:01:66:77:11:b5:58:00:1c:fc:20: 46:05:80:8e:34:bf:9b:06:69:24:39:c3:3a:c8:79:a7:82:2d: 1f:70:0b:1b:83:f8:3a:ab:eb:57:d0:5d:d0:f7:87:ba:45:1e: ad:aa:8a:df:c8:ad:dd:7e:9a:b9:d9:a9:bc:da:3c:57:be:a9: 0c:4d:0b:37:65:19:10:69:da:02:c8:90:70:e3:86:1c:68:68: 68:d3:50:8f:45:74:f4:58:76:61:8d:63:03:c7:ed:3e:e9:27: 66:d8:99:63:e7:91:c7:ed:3c:32:a9:9d:c1:d6:36:79:19:18: f6:8e:a0:16:25:ed:a6:92:07:d4:12:1d:86:40:5d:68:22:7c: 4f:a5:c0:96:f6:a1:4d:e7:f2:a8:a4:bc:d9:1a:51:75:dc:4a: 04:8a:a7:3b:3b:dc:6a:87:39:4b:61:78:5f:c8:b6:a8:60:9a: 17:1a:3c:1b:d7:92:29:0d:e0:4f:6d:e3:2a:01:81:12:98:2a: c1:5d:94:49:06:2b:48:c8:22:ba:b1:bb:03:8a:af:de:8f:b4: c9:44:99:6b:02:2b:4f:8f:ac:9d:dc:5f:9f:8d:87:18:e9:cb: 47:b0:27:a9 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUXKj8KwVmhIDvQMps43sbiE24i60wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDYxODA2NTUwMFoX DTI1MDYxNzA3MDAwMFowMzExMC8GA1UEAxMoQzI4OTU2NDkyOERFNTczOEUxQTkw MjhDRDIzOUNEQ0FGQUNCNDRGRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANin2TVlHJbyRxfmhHW1hIzBewrb5RG0OnUpreiUItHDbx7xAlk6iA3lT/9v RX4yl3sJ0QRixT0FgwTzVXNnDLSP6kfTCZkT9trdy8CGwCt/75UKglXYD/XYRFAV HJoFCH38eMWZqnOfJ13lHsp96h9XF8QEzTGvmDWnKox2jkEgFXgFsxCbjYOA7Jd7 EOkWRaou+7JfIoY2B3nGnqmt7jmHrOp1skrRcQjtJAxg5o0iFMds9rjztbmHjjHU Y6PV60F38rvY8Mm/271mfwuewGYYt12Yxr9Ji3qWyNpJYjzQEjvqygv6UiHbcBjR eN2EXHouwHNs+Fzi7SqZMfqkVAUCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBTCiVZJ KN5XOOGpAozSOc3K+stE/zAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MDE5MS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAGeYFTAPBAIAAjAJAwcAIAEN8l3AMA0GCSqGSIb3DQEBCwUAA4IB AQBoFGkUm5UgT8sGWqphvsqfhR1lkxDkyg/PzwFmdxG1WAAc/CBGBYCONL+bBmkk OcM6yHmngi0fcAsbg/g6q+tX0F3Q94e6RR6tqorfyK3dfpq52am82jxXvqkMTQs3 ZRkQadoCyJBw44YcaGho01CPRXT0WHZhjWMDx+0+6Sdm2Jlj55HH7TwyqZ3B1jZ5 GRj2jqAWJe2mkgfUEh2GQF1oInxPpcCW9qFN5/KopLzZGlF13EoEiqc7O9xqhzlL YXhfyLaoYJoXGjwb15IpDeBPbeMqAYESmCrBXZRJBitIyCK6sbsDiq/ej7TJRJlr AitPj6yd3F+fjYcY6ctHsCep -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:27 2024 by rpki-client on console-fra.rpki-client.org