$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150477.roa File: AS150477.roa (raw, json) Hash identifier: 0mQNiPmWUmGcaRiQtTRuiEnRb0HT77cMPP0zmqmUGuo= Subject key identifier: 58:8D:BD:5D:89:57:1A:01:B3:BA:0E:1B:C9:A4:D8:83:6C:77:6F:9B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3E8DBC54FF23904AAB94C982082E8D0733BDD664 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150477.roa Signing time: Tue 10 Sep 2024 07:00:00 +0000 ROA not before: Tue 10 Sep 2024 06:55:00 +0000 ROA not after: Tue 09 Sep 2025 07:00:00 +0000 asID: 150477 IP address blocks: 103.116.49.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:8d:bc:54:ff:23:90:4a:ab:94:c9:82:08:2e:8d:07:33:bd:d6:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 10 06:55:00 2024 GMT Not After : Sep 9 07:00:00 2025 GMT Subject: CN=588DBD5D89571A01B3BA0E1BC9A4D8836C776F9B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:74:2a:74:76:04:8a:34:a0:75:63:a7:3a:52: 7b:b6:52:f0:50:3e:c6:f0:e3:6b:18:a4:0b:73:94: 74:92:fc:17:10:72:65:9e:c4:47:e8:29:3c:bf:54: 98:d9:9a:9f:44:fc:c8:06:38:dc:a8:1b:3c:2b:11: 2c:36:0d:7e:ce:29:ee:ca:96:93:21:bb:ae:21:18: 87:b3:f2:24:d2:59:23:d5:09:dc:21:09:e0:ed:67: 03:0d:1d:60:e4:90:17:b3:4a:9a:91:65:1d:35:da: 48:b8:48:ae:ab:04:56:66:8e:b9:1c:b5:7e:4c:23: e6:15:a1:53:cf:73:ff:b2:be:c6:c2:8e:5f:ad:f5: 65:db:7e:d5:87:73:68:7a:26:2c:84:54:a6:e1:63: 1c:cc:e5:97:e8:0a:26:9a:02:30:0c:97:12:0f:74: 0f:7c:7c:1b:cb:0f:95:f0:f7:90:5d:f8:d8:2e:ee: 7a:5f:ac:69:f7:6e:e3:eb:29:40:c6:80:1a:f7:f1: af:c9:96:02:8f:e7:f4:c8:b5:9b:cc:96:4e:b9:da: b8:24:57:d0:05:8e:c4:c1:dc:24:b9:00:c6:aa:22: dc:3c:26:b0:a9:9f:ca:d9:7c:78:bf:f4:03:05:96: b3:25:5c:d7:bf:b3:39:3e:78:81:c0:54:4c:88:d2: 7f:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:8D:BD:5D:89:57:1A:01:B3:BA:0E:1B:C9:A4:D8:83:6C:77:6F:9B X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150477.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.116.49.0/24 Signature Algorithm: sha256WithRSAEncryption 26:9e:b3:be:09:b1:85:7a:f9:e6:2f:73:27:d9:12:cf:55:9d: 1a:f5:b1:7f:71:bb:16:60:74:bc:47:b3:58:37:9f:49:b7:52: 48:fe:f4:6d:9b:0b:41:50:45:5f:24:d8:d3:58:8a:30:99:36: 0a:c0:7c:70:99:17:43:a5:c3:c0:50:47:f5:a0:60:61:90:e2: ed:d0:c4:c8:c1:e1:45:ad:ff:34:ed:4f:ba:d4:6d:74:fc:d2: 64:01:75:b6:21:0c:53:15:29:93:b7:a7:f9:73:87:71:41:bf: 35:ab:72:f4:5b:28:13:af:7f:dd:8f:3c:01:c4:b5:98:ba:49: d9:e7:07:61:68:d7:69:82:a9:e9:78:12:3f:9d:4b:bc:bd:11: f0:d5:93:66:25:38:00:45:08:70:fa:cd:cd:73:35:4f:97:25: 22:7e:b3:9a:90:0a:24:0a:f4:05:7f:60:58:65:27:c9:f6:f4: 20:0a:d8:70:2f:c9:97:fb:08:a0:f0:49:28:38:6c:09:bf:45: 4c:24:d5:fa:12:1c:86:6d:13:83:8f:1e:75:65:a6:92:fd:c4: d0:8b:52:95:b0:a6:44:45:f5:0b:a5:e0:2b:9d:31:b1:04:07: 7e:ca:f1:0b:3b:f3:69:ba:3c:df:9f:e3:0d:ad:d4:b2:f4:27: 87:72:32:84 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUPo28VP8jkEqrlMmCCC6NBzO91mQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDkxMDA2NTUwMFoX DTI1MDkwOTA3MDAwMFowMzExMC8GA1UEAxMoNTg4REJENUQ4OTU3MUEwMUIzQkEw RTFCQzlBNEQ4ODM2Qzc3NkY5QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJp0KnR2BIo0oHVjpzpSe7ZS8FA+xvDjaxikC3OUdJL8FxByZZ7ER+gpPL9U mNman0T8yAY43KgbPCsRLDYNfs4p7sqWkyG7riEYh7PyJNJZI9UJ3CEJ4O1nAw0d YOSQF7NKmpFlHTXaSLhIrqsEVmaOuRy1fkwj5hWhU89z/7K+xsKOX631Zdt+1Ydz aHomLIRUpuFjHMzll+gKJpoCMAyXEg90D3x8G8sPlfD3kF342C7uel+safdu4+sp QMaAGvfxr8mWAo/n9Mi1m8yWTrnauCRX0AWOxMHcJLkAxqoi3DwmsKmfytl8eL/0 AwWWsyVc17+zOT54gcBUTIjSfzsCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRYjb1d iVcaAbO6DhvJpNiDbHdvmzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MDQ3Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAGd0MTANBgkqhkiG9w0BAQsFAAOCAQEAJp6zvgmxhXr55i9zJ9kS z1WdGvWxf3G7FmB0vEezWDefSbdSSP70bZsLQVBFXyTY01iKMJk2CsB8cJkXQ6XD wFBH9aBgYZDi7dDEyMHhRa3/NO1PutRtdPzSZAF1tiEMUxUpk7en+XOHcUG/Naty 9FsoE69/3Y88AcS1mLpJ2ecHYWjXaYKp6XgSP51LvL0R8NWTZiU4AEUIcPrNzXM1 T5clIn6zmpAKJAr0BX9gWGUnyfb0IArYcC/Jl/sIoPBJKDhsCb9FTCTV+hIchm0T g48edWWmkv3E0ItSlbCmREX1C6XgK50xsQQHfsrxCzvzabo835/jDa3UsvQnh3Iy hA== -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:49 2024 by rpki-client on console-ams.rpki-client.org