$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150251.roa File: AS150251.roa (raw, json) Hash identifier: 1wQC3hX1RTbLp5kLzPUc4ke7FN7sK4iDB3S7D+cD/Qs= Subject key identifier: 3A:72:3D:80:F9:6D:49:27:E6:8E:B6:07:C5:35:D8:EE:F7:DC:2B:58 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2A08F961397E309D7D4628EC7528CEF814054936 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150251.roa Signing time: Mon 08 Jul 2024 07:00:00 +0000 ROA not before: Mon 08 Jul 2024 06:55:00 +0000 ROA not after: Mon 07 Jul 2025 07:00:00 +0000 asID: 150251 IP address blocks: 49.156.58.0/23 maxlen: 24 49.156.61.0/24 maxlen: 24 49.156.62.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:08:f9:61:39:7e:30:9d:7d:46:28:ec:75:28:ce:f8:14:05:49:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 8 06:55:00 2024 GMT Not After : Jul 7 07:00:00 2025 GMT Subject: CN=3A723D80F96D4927E68EB607C535D8EEF7DC2B58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:f4:24:16:12:5e:8f:38:f4:a7:e0:f5:6a:bf: 66:3a:45:18:42:1b:46:e7:a4:ae:29:7c:f5:ee:82: 21:8b:06:a4:0e:09:0c:19:fb:4a:84:e3:26:ac:51: 9e:b5:06:25:21:77:76:59:db:60:90:f4:7f:49:a5: 00:ec:e2:9f:61:1d:40:db:58:58:20:61:19:bb:1a: 76:37:f2:64:e8:1f:56:73:2d:e9:fc:5a:cb:b4:26: a6:a2:a1:19:0d:2b:5d:7c:71:f4:fc:b0:c3:8b:00: d4:96:5d:0d:43:bf:5e:64:5b:6d:7d:be:5e:54:4a: 34:6b:d6:d1:94:27:d9:96:f9:7f:75:7e:a7:12:eb: 7b:81:4f:d1:c4:95:3e:01:70:03:b1:84:5b:79:8d: 40:9b:d7:e7:05:65:ad:8f:f3:fb:56:c0:95:8b:c9: b8:36:cf:c9:1a:eb:68:c2:f9:43:97:19:d3:42:3e: 1d:34:db:f8:7e:68:f9:b2:99:49:c6:a2:98:dc:a7: 47:37:0c:fd:7b:86:8b:74:4e:50:d4:c0:80:30:6b: ab:2c:c0:42:00:80:ea:1e:61:0f:c9:76:99:ce:ae: b8:19:5a:a4:34:3e:28:a3:72:6f:00:9c:91:8f:02: c5:46:c0:98:55:d0:1a:07:c7:e5:c9:13:41:77:cc: d1:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:72:3D:80:F9:6D:49:27:E6:8E:B6:07:C5:35:D8:EE:F7:DC:2B:58 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150251.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 49.156.58.0/23 49.156.61.0-49.156.63.255 Signature Algorithm: sha256WithRSAEncryption 0c:36:a6:b7:9b:88:e5:6d:44:d2:21:d8:89:8d:d0:9d:45:6a: 03:7d:a9:d7:0b:2d:fa:05:eb:9e:c9:4c:83:82:a4:6d:04:01: 21:1f:92:fc:7d:ce:18:57:35:11:59:16:e2:4e:16:85:2d:de: 7b:43:83:ff:26:ad:e4:3f:6a:38:f6:81:e8:e0:b4:37:a9:63: b8:45:20:31:8f:e6:5b:cf:4f:a1:35:48:41:6f:9a:01:a3:a6: 1b:21:ce:2c:96:0b:15:aa:cc:fa:c5:5e:8e:5c:18:dd:4e:e5: 29:b7:96:a2:60:42:b0:b7:e3:c8:02:56:f3:31:86:b0:3f:b7: 9b:8c:3e:4a:82:96:e9:e9:2a:1a:32:0b:e4:78:ba:a1:57:70: 47:40:62:0e:f8:ba:c5:50:aa:90:54:9d:f8:21:84:85:b0:c8: 9e:de:c4:d9:ea:40:8b:f3:4b:e0:51:f2:03:c7:fc:14:bb:ec: 60:ca:cf:d8:7f:87:06:9e:27:7c:14:94:d6:34:93:ae:5b:8e: 3b:32:ba:d5:2f:1e:94:d6:2e:59:8d:a8:75:53:11:15:a7:00: 23:07:ac:67:6c:a3:cf:ed:ed:e7:e6:f3:6a:7e:db:d3:6e:b9: 8b:73:6b:6b:1f:01:66:64:68:da:44:a7:6e:33:f2:1c:07:af: 7e:8a:c3:76 -----BEGIN CERTIFICATE----- MIIE6zCCA9OgAwIBAgIUKgj5YTl+MJ19RijsdSjO+BQFSTYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDcwODA2NTUwMFoX DTI1MDcwNzA3MDAwMFowMzExMC8GA1UEAxMoM0E3MjNEODBGOTZENDkyN0U2OEVC NjA3QzUzNUQ4RUVGN0RDMkI1ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANf0JBYSXo849Kfg9Wq/ZjpFGEIbRuekril89e6CIYsGpA4JDBn7SoTjJqxR nrUGJSF3dlnbYJD0f0mlAOzin2EdQNtYWCBhGbsadjfyZOgfVnMt6fxay7QmpqKh GQ0rXXxx9Pyww4sA1JZdDUO/XmRbbX2+XlRKNGvW0ZQn2Zb5f3V+pxLre4FP0cSV PgFwA7GEW3mNQJvX5wVlrY/z+1bAlYvJuDbPyRrraML5Q5cZ00I+HTTb+H5o+bKZ ScaimNynRzcM/XuGi3ROUNTAgDBrqyzAQgCA6h5hD8l2mc6uuBlapDQ+KKNybwCc kY8CxUbAmFXQGgfH5ckTQXfM0dcCAwEAAaOCAd4wggHaMB0GA1UdDgQWBBQ6cj2A +W1JJ+aOtgfFNdju99wrWDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MDI1MS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQeMBww GgQCAAEwFAMEATGcOjAMAwQAMZw9AwQGMZwAMA0GCSqGSIb3DQEBCwUAA4IBAQAM Nqa3m4jlbUTSIdiJjdCdRWoDfanXCy36BeueyUyDgqRtBAEhH5L8fc4YVzURWRbi ThaFLd57Q4P/Jq3kP2o49oHo4LQ3qWO4RSAxj+Zbz0+hNUhBb5oBo6YbIc4slgsV qsz6xV6OXBjdTuUpt5aiYEKwt+PIAlbzMYawP7ebjD5Kgpbp6SoaMgvkeLqhV3BH QGIO+LrFUKqQVJ34IYSFsMie3sTZ6kCL80vgUfIDx/wUu+xgys/Yf4cGnid8FJTW NJOuW447MrrVLx6U1i5Zjah1UxEVpwAjB6xnbKPP7e3n5vNqftvTbrmLc2trHwFm ZGjaRKduM/IcB69+isN2 -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:49 2024 by rpki-client on console-ams.rpki-client.org