$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150238.roa File: AS150238.roa (raw, json) Hash identifier: 5LQdYj9DPcxdBIPNCZi6esqIrZZXehszAdJNvZV58uw= Subject key identifier: 52:AD:94:EE:DD:6E:36:44:81:C1:3D:61:3E:57:3C:30:8D:86:E3:E5 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5FC2C6F0D6ACE55557FE41444D04CE16729B70A1 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150238.roa Signing time: Thu 29 Aug 2024 10:00:00 +0000 ROA not before: Thu 29 Aug 2024 09:55:00 +0000 ROA not after: Thu 28 Aug 2025 10:00:00 +0000 asID: 150238 IP address blocks: 2001:df1:70c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:c2:c6:f0:d6:ac:e5:55:57:fe:41:44:4d:04:ce:16:72:9b:70:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Aug 29 09:55:00 2024 GMT Not After : Aug 28 10:00:00 2025 GMT Subject: CN=52AD94EEDD6E364481C13D613E573C308D86E3E5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:3b:91:b7:27:a4:c1:2e:b1:d7:ae:30:82:e2: 64:a0:dc:7f:e4:5d:2c:a9:49:b9:59:a6:97:7a:95: a6:85:3b:9e:db:b6:bd:45:a8:27:e7:e8:4b:93:2f: d3:f5:1d:c3:67:2c:2a:4d:a8:51:f9:74:fb:53:13: 9e:b6:cc:b4:e9:61:64:04:2e:88:7b:98:17:a5:f4: 96:69:d4:e0:71:a8:e4:61:b9:1e:91:8e:87:a0:43: 57:52:23:23:3d:0f:e9:18:66:53:f8:ba:5c:b1:35: da:b6:81:3a:c0:33:19:e9:22:94:9b:59:3d:76:d2: 4d:a9:9f:2e:07:4c:c1:73:24:f3:5e:c1:e4:7e:0c: f3:b9:a3:0e:8e:16:64:fd:eb:10:3e:26:8d:79:f0: 4f:05:6a:4a:c5:dd:18:62:fb:fd:9b:f6:da:67:23: 0d:68:d2:01:5b:4d:e8:be:40:e9:62:97:39:08:43: d4:a1:59:c4:98:3d:4d:d9:67:8c:b1:e4:2e:4b:78: 6f:b6:66:ac:b4:cd:8e:c5:0e:86:28:3f:4f:65:04: 89:d6:60:8f:0a:c2:9d:75:40:4f:6e:d5:21:e8:67: 2b:64:0a:b7:7d:05:c7:4a:fc:72:81:3a:e0:b7:9b: 26:f2:02:b1:75:1e:d2:59:61:b1:02:e9:e4:d9:cf: e5:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:AD:94:EE:DD:6E:36:44:81:C1:3D:61:3E:57:3C:30:8D:86:E3:E5 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150238.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:70c0::/48 Signature Algorithm: sha256WithRSAEncryption 94:ec:70:d4:26:95:09:a3:ee:43:dc:47:97:2c:28:bf:c2:e5: e2:4d:55:29:e3:d5:e3:bc:ac:a0:a5:6a:c3:d5:af:0e:b2:e0: 56:dd:67:48:af:33:12:cb:ad:a6:6f:9f:3d:bc:f3:48:ad:16: ec:ba:10:d5:37:27:5a:e2:9c:5f:f7:cf:20:cf:62:56:59:59: 41:5d:9b:ad:28:07:49:2e:8a:36:2b:a2:cd:b9:40:cc:4f:ad: 1c:38:bb:e2:2e:95:4b:ad:c2:6a:48:49:b1:b9:3e:d6:28:e4: 07:36:4c:76:c3:3e:d0:ac:ef:f3:b1:74:8b:86:ac:cb:83:cb: 98:3d:f4:5b:44:a2:5a:c9:18:7d:28:1e:47:c7:85:be:c3:9c: 14:8f:90:44:80:46:86:63:28:72:58:cc:3e:ee:62:4a:ea:64: b3:6f:36:31:0a:c4:34:06:e1:6b:42:7b:bd:4f:c4:34:48:8e: 89:d6:34:03:7e:af:79:4d:22:66:46:26:57:00:b8:74:32:2c: 1c:37:b1:21:9a:c2:34:f6:f1:e0:16:2e:69:1e:4b:bd:b3:a4: 02:b8:36:43:74:e8:cf:23:a8:98:16:36:89:fa:05:c8:d5:4b: 81:40:cd:b8:cd:b1:cc:ff:ea:c6:2a:fb:23:74:15:a6:75:c0: f6:c8:02:76 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUX8LG8Nas5VVX/kFETQTOFnKbcKEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDgyOTA5NTUwMFoX DTI1MDgyODEwMDAwMFowMzExMC8GA1UEAxMoNTJBRDk0RUVERDZFMzY0NDgxQzEz RDYxM0U1NzNDMzA4RDg2RTNFNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALM7kbcnpMEusdeuMILiZKDcf+RdLKlJuVmml3qVpoU7ntu2vUWoJ+foS5Mv 0/Udw2csKk2oUfl0+1MTnrbMtOlhZAQuiHuYF6X0lmnU4HGo5GG5HpGOh6BDV1Ij Iz0P6RhmU/i6XLE12raBOsAzGekilJtZPXbSTamfLgdMwXMk817B5H4M87mjDo4W ZP3rED4mjXnwTwVqSsXdGGL7/Zv22mcjDWjSAVtN6L5A6WKXOQhD1KFZxJg9Tdln jLHkLkt4b7ZmrLTNjsUOhig/T2UEidZgjwrCnXVAT27VIehnK2QKt30Fx0r8coE6 4LebJvICsXUe0llhsQLp5NnP5c0CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBRSrZTu 3W42RIHBPWE+VzwwjYbj5TAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MDIzOC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfFwwDANBgkqhkiG9w0BAQsFAAOCAQEAlOxw1CaVCaPuQ9xH lywov8Ll4k1VKePV47ysoKVqw9WvDrLgVt1nSK8zEsutpm+fPbzzSK0W7LoQ1Tcn WuKcX/fPIM9iVllZQV2brSgHSS6KNiuizblAzE+tHDi74i6VS63CakhJsbk+1ijk BzZMdsM+0Kzv87F0i4asy4PLmD30W0SiWskYfSgeR8eFvsOcFI+QRIBGhmMocljM Pu5iSupks282MQrENAbha0J7vU/ENEiOidY0A36veU0iZkYmVwC4dDIsHDexIZrC NPbx4BYuaR5LvbOkArg2Q3TozyOomBY2ifoFyNVLgUDNuM2xzP/qxir7I3QVpnXA 9sgCdg== -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:49 2024 by rpki-client on console-ams.rpki-client.org