$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150222.roa File: AS150222.roa (raw, json) Hash identifier: 2hsDMV02F7HkTHuyODJMhjWYH5pP4WC5rxQlfvToat8= Subject key identifier: 9F:FF:5B:11:83:73:A3:F5:1B:E7:FF:BE:25:73:A9:D3:98:CE:F7:DA Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 64983B21F844C559D9CC37437670A323A4E90CF4 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150222.roa Signing time: Thu 20 Jun 2024 08:00:00 +0000 ROA not before: Thu 20 Jun 2024 07:55:00 +0000 ROA not after: Thu 19 Jun 2025 08:00:00 +0000 asID: 150222 IP address blocks: 2001:df2:9240::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:98:3b:21:f8:44:c5:59:d9:cc:37:43:76:70:a3:23:a4:e9:0c:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 20 07:55:00 2024 GMT Not After : Jun 19 08:00:00 2025 GMT Subject: CN=9FFF5B118373A3F51BE7FFBE2573A9D398CEF7DA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:58:10:b4:50:aa:9b:a0:3a:5e:f1:2e:ad:e7: f1:a2:40:57:78:7d:f3:f3:44:79:0d:0a:85:83:21: d5:71:c5:f5:66:1f:5d:d1:e7:ca:ca:e4:9e:ba:4b: f6:47:9b:78:03:74:bf:f7:69:be:8f:93:51:b5:f5: 61:02:6d:ea:14:bd:6c:7c:3b:31:ca:3b:33:a8:74: 92:28:8b:ed:ce:3e:e6:59:c1:68:68:c2:80:09:38: 83:ca:1e:79:34:23:6b:a2:03:7b:a1:a5:4a:ad:4e: 1f:12:da:bf:4e:f2:49:a6:fa:8f:60:7d:f2:92:c3: 3a:60:3f:d3:03:a0:4a:ef:99:38:4c:93:3b:48:06: 5a:0e:fb:39:4c:cc:8b:ef:9d:51:7f:a6:eb:a0:c1: 16:50:50:31:7b:01:b8:4f:63:ef:0a:49:3b:1a:3d: 1a:d4:cc:2a:4f:df:b4:bd:b7:39:f0:a5:04:a4:69: 7b:fa:66:aa:3b:58:10:2d:ee:5b:4f:8c:bc:0b:e9: 1d:f8:53:dc:eb:7c:b7:34:41:37:7a:94:0e:28:1d: c9:85:49:2a:e1:59:4f:6c:4e:82:7b:8f:5b:c3:71: 72:93:78:97:00:50:72:98:c9:ef:b1:b6:c3:07:fc: 0b:f6:fe:66:b6:33:91:aa:2a:75:46:51:82:39:ce: e6:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:FF:5B:11:83:73:A3:F5:1B:E7:FF:BE:25:73:A9:D3:98:CE:F7:DA X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150222.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:9240::/48 Signature Algorithm: sha256WithRSAEncryption 0a:c0:77:d9:d0:7e:77:99:71:46:a5:10:7d:e5:17:31:d6:86: 34:72:4d:29:e6:c5:e0:a9:a8:1c:a5:76:6c:de:69:f1:9e:c8: 10:1f:06:ef:84:93:6b:56:19:2e:e0:7a:bf:8c:09:bc:ef:72: 3a:c0:87:6c:34:94:20:52:b3:f3:d5:cc:f0:36:f1:a2:0e:04: 75:8e:14:e3:53:e4:c3:2a:d6:4d:d2:58:f2:5c:22:ae:79:01: 79:e5:40:3b:6e:1a:5b:3c:1d:d2:9d:a7:7c:2d:c5:95:92:82: d4:99:25:76:2d:bb:41:25:ee:1a:e0:4b:d4:cb:98:45:ee:37: 40:cb:f6:a6:07:09:68:db:71:a8:33:ff:f5:3c:de:12:1d:19: c6:62:fa:52:08:59:2f:50:a1:c1:41:bf:86:c4:d7:0c:e7:e8: 5c:dc:dc:8c:a2:96:d1:c2:34:9d:87:f3:14:90:8e:42:97:69: 87:18:7a:6e:62:99:5b:ab:83:ea:29:63:e2:0f:91:54:cb:24: 79:d4:93:80:15:2c:6a:cc:85:7e:2d:10:7d:05:b2:e1:1f:b7: d6:e3:7b:b5:44:c1:e0:c1:60:b3:3c:5f:7c:bc:83:fc:bd:fa: 39:16:6d:29:7b:a0:42:91:12:8d:9f:2f:a2:a2:44:88:a2:39: 9a:de:b5:c0 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUZJg7IfhExVnZzDdDdnCjI6TpDPQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDYyMDA3NTUwMFoX DTI1MDYxOTA4MDAwMFowMzExMC8GA1UEAxMoOUZGRjVCMTE4MzczQTNGNTFCRTdG RkJFMjU3M0E5RDM5OENFRjdEQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPBYELRQqpugOl7xLq3n8aJAV3h98/NEeQ0KhYMh1XHF9WYfXdHnysrknrpL 9kebeAN0v/dpvo+TUbX1YQJt6hS9bHw7Mco7M6h0kiiL7c4+5lnBaGjCgAk4g8oe eTQja6IDe6GlSq1OHxLav07ySab6j2B98pLDOmA/0wOgSu+ZOEyTO0gGWg77OUzM i++dUX+m66DBFlBQMXsBuE9j7wpJOxo9GtTMKk/ftL23OfClBKRpe/pmqjtYEC3u W0+MvAvpHfhT3Ot8tzRBN3qUDigdyYVJKuFZT2xOgnuPW8NxcpN4lwBQcpjJ77G2 wwf8C/b+ZrYzkaoqdUZRgjnO5tECAwEAAaOCAdMwggHPMB0GA1UdDgQWBBSf/1sR g3Oj9Rvn/74lc6nTmM732jAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MDIyMi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfKSQDANBgkqhkiG9w0BAQsFAAOCAQEACsB32dB+d5lxRqUQ feUXMdaGNHJNKebF4KmoHKV2bN5p8Z7IEB8G74STa1YZLuB6v4wJvO9yOsCHbDSU IFKz89XM8Dbxog4EdY4U41PkwyrWTdJY8lwirnkBeeVAO24aWzwd0p2nfC3FlZKC 1Jkldi27QSXuGuBL1MuYRe43QMv2pgcJaNtxqDP/9TzeEh0ZxmL6UghZL1ChwUG/ hsTXDOfoXNzcjKKW0cI0nYfzFJCOQpdphxh6bmKZW6uD6ilj4g+RVMskedSTgBUs asyFfi0QfQWy4R+31uN7tUTB4MFgszxffLyD/L36ORZtKXugQpESjZ8voqJEiKI5 mt61wA== -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:49 2024 by rpki-client on console-ams.rpki-client.org