$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150238.roa File: AS150238.roa (raw, json) Hash identifier: hATqwcPtYFrLIHRTk//A1ImD2YIv3/dzkfXfjBWMNyE= Subject key identifier: CE:C5:F9:8B:6B:26:3F:C6:16:2C:7F:30:0A:DB:70:87:DD:3D:15:37 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1FF5E10684EB486505278EF4856A805E5044ACE1 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150238.roa Signing time: Thu 28 Sep 2023 10:00:00 +0000 ROA not before: Thu 28 Sep 2023 09:55:00 +0000 ROA not after: Thu 26 Sep 2024 10:00:00 +0000 asID: 150238 IP address blocks: 2001:df1:70c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 18:02:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:f5:e1:06:84:eb:48:65:05:27:8e:f4:85:6a:80:5e:50:44:ac:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 28 09:55:00 2023 GMT Not After : Sep 26 10:00:00 2024 GMT Subject: CN=CEC5F98B6B263FC6162C7F300ADB7087DD3D1537 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:f0:8c:08:b1:15:30:d8:75:5e:f8:11:7c:b6: e8:cf:a5:dc:f7:c1:16:50:f4:ec:5c:49:dd:42:f4: f2:fb:b0:8b:71:9b:58:79:94:cc:90:fb:95:f8:62: e7:84:72:59:e1:22:1a:b3:90:94:ae:08:b9:f0:00: 2f:39:e1:cd:95:9a:59:08:1c:56:45:8f:72:ab:f1: 6f:b6:e8:7b:92:3a:88:ba:f6:c0:2d:f9:ff:52:05: 1d:98:ba:bc:88:12:ce:be:3a:0b:ed:da:b6:ed:38: 25:b7:78:03:71:ed:05:f2:3b:70:54:e4:c4:1f:06: a4:2f:b3:34:a4:8c:d9:7e:4e:66:3d:bb:2b:32:a8: f2:09:ce:d6:e3:ed:af:e1:eb:80:ce:85:39:94:d7: a7:25:81:1a:d6:76:52:4f:06:54:85:99:29:1f:29: ea:12:46:d4:d7:21:31:58:82:2c:84:93:53:c2:ad: 6d:22:96:cc:38:59:4e:c9:a3:44:bf:55:75:55:78: 27:14:55:4a:67:58:75:c7:65:9b:1d:aa:6e:02:6c: 34:c0:95:b2:ee:6a:ae:96:ae:34:67:3b:2f:a6:b3: c7:4f:3a:46:12:60:5e:bb:14:ca:bc:27:4f:ca:07: 8a:61:55:cc:fe:52:2a:50:44:e2:de:86:3a:88:d8: 67:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:C5:F9:8B:6B:26:3F:C6:16:2C:7F:30:0A:DB:70:87:DD:3D:15:37 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150238.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:70c0::/48 Signature Algorithm: sha256WithRSAEncryption 34:bb:71:5a:64:48:46:21:22:d8:07:fd:6f:f3:10:01:25:3c: 5e:5e:ec:d4:bc:68:bc:d4:8f:2f:d1:cc:56:8e:1a:a4:10:9f: 1d:e0:e8:04:5d:7d:60:ac:67:f2:86:8f:96:a1:1d:76:c8:9e: 40:0f:3d:b3:b1:a9:ac:4b:5e:ef:58:a3:77:73:99:75:3e:07: 16:49:ff:23:85:f8:ee:59:1e:4e:fa:23:55:c8:27:6f:33:dc: 30:b5:05:93:06:8e:79:b4:26:50:80:78:9b:4c:5e:7f:ec:3c: 93:eb:7d:4f:ad:3a:76:e1:f8:46:63:48:d0:f3:68:92:b3:bc: 2b:21:17:1d:3c:4a:dd:f4:d7:8f:f0:c0:99:b6:67:5b:ae:00: 27:25:5d:d4:f7:2d:e8:b1:13:a1:eb:94:c4:53:46:16:e8:a4: 7f:47:d4:32:b0:f7:e3:64:06:ee:6f:72:86:fd:9e:0d:5b:ae: 71:71:2c:f6:c4:ae:c6:a6:73:71:e0:e0:d2:06:d6:c3:86:67: a2:ba:0e:05:81:87:68:73:7d:c5:c3:ea:9c:32:de:f7:f3:c5: 1f:a3:fb:5e:f6:fc:78:83:1c:ef:f5:5d:9d:e9:d0:3b:53:ae: 71:73:22:03:bc:59:3d:ab:02:98:dd:2a:cc:84:17:94:65:c3: 0a:02:b1:15 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUH/XhBoTrSGUFJ470hWqAXlBErOEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDkyODA5NTUwMFoX DTI0MDkyNjEwMDAwMFowMzExMC8GA1UEAxMoQ0VDNUY5OEI2QjI2M0ZDNjE2MkM3 RjMwMEFEQjcwODdERDNEMTUzNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL7wjAixFTDYdV74EXy26M+l3PfBFlD07FxJ3UL08vuwi3GbWHmUzJD7lfhi 54RyWeEiGrOQlK4IufAALznhzZWaWQgcVkWPcqvxb7boe5I6iLr2wC35/1IFHZi6 vIgSzr46C+3atu04Jbd4A3HtBfI7cFTkxB8GpC+zNKSM2X5OZj27KzKo8gnO1uPt r+HrgM6FOZTXpyWBGtZ2Uk8GVIWZKR8p6hJG1NchMViCLISTU8KtbSKWzDhZTsmj RL9VdVV4JxRVSmdYdcdlmx2qbgJsNMCVsu5qrpauNGc7L6azx086RhJgXrsUyrwn T8oHimFVzP5SKlBE4t6GOojYZ7ECAwEAAaOCAdMwggHPMB0GA1UdDgQWBBTOxfmL ayY/xhYsfzAK23CH3T0VNzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MDIzOC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfFwwDANBgkqhkiG9w0BAQsFAAOCAQEANLtxWmRIRiEi2Af9 b/MQASU8Xl7s1LxovNSPL9HMVo4apBCfHeDoBF19YKxn8oaPlqEddsieQA89s7Gp rEte71ijd3OZdT4HFkn/I4X47lkeTvojVcgnbzPcMLUFkwaOebQmUIB4m0xef+w8 k+t9T606duH4RmNI0PNokrO8KyEXHTxK3fTXj/DAmbZnW64AJyVd1Pct6LEToeuU xFNGFuikf0fUMrD342QG7m9yhv2eDVuucXEs9sSuxqZzceDg0gbWw4ZnoroOBYGH aHN9xcPqnDLe9/PFH6P7Xvb8eIMc7/VdnenQO1OucXMiA7xZPasCmN0qzIQXlGXD CgKxFQ== -----END CERTIFICATE-----Generated at Wed May 8 18:12:17 2024 by rpki-client on console-fra.rpki-client.org