$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150501.roa File: AS150501.roa (raw, json) Hash identifier: IClhy4knY4121KqRIzNGKZxJs9g8QKzZvR3g0o2Aw/U= Subject key identifier: 86:90:06:75:7E:22:68:C9:B9:3D:04:FD:72:E3:D0:B7:C5:68:B1:1B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 42523F7AA80C134DFC611F707919012CC3F939FC Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150501.roa Signing time: Wed 31 Jul 2024 08:00:00 +0000 ROA not before: Wed 31 Jul 2024 07:55:00 +0000 ROA not after: Wed 30 Jul 2025 08:00:00 +0000 asID: 150501 IP address blocks: 2001:df2:2140::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:52:3f:7a:a8:0c:13:4d:fc:61:1f:70:79:19:01:2c:c3:f9:39:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 31 07:55:00 2024 GMT Not After : Jul 30 08:00:00 2025 GMT Subject: CN=869006757E2268C9B93D04FD72E3D0B7C568B11B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:c8:49:e5:60:fc:2b:64:c6:e1:70:9e:42:23: 33:1a:7c:b9:3b:f8:51:a1:b2:31:1b:7b:c9:65:1f: 39:ee:e2:de:ff:f0:59:2b:36:3b:11:db:fc:41:8b: b4:ce:09:bf:bd:50:d8:82:65:bc:c9:8a:fc:c9:1f: eb:bf:5d:d0:ac:28:a2:c6:ba:60:f3:72:cd:68:eb: c9:bf:76:d2:3a:4d:95:a7:c4:e8:a8:7a:3c:22:a9: aa:e1:94:76:d3:1c:2c:0b:2d:6a:b0:6d:71:11:d6: 74:15:08:6a:a1:41:41:ef:e1:70:0c:7e:ee:62:19: 69:16:30:9b:04:57:5e:32:12:63:27:a2:dd:19:f5: c5:eb:45:0a:13:10:f5:0d:6e:3b:8e:32:23:c8:53: 3f:10:55:11:1d:52:aa:6d:e8:e0:60:ec:5a:86:87: 3f:bd:39:7a:6a:4f:48:b2:a9:7e:af:31:20:f0:11: 75:ca:67:e9:a4:00:07:7e:2d:14:fd:21:85:34:46: 1c:5c:4f:04:63:30:15:4a:25:66:88:d4:28:3a:a0: dc:7c:11:99:24:f9:ab:59:17:d8:0e:b7:fa:15:1b: 11:b7:03:f4:e8:37:7e:c8:8e:92:13:78:48:25:88: 6f:54:90:97:24:db:85:27:17:16:b4:c4:52:c7:9e: df:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:90:06:75:7E:22:68:C9:B9:3D:04:FD:72:E3:D0:B7:C5:68:B1:1B X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150501.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:2140::/48 Signature Algorithm: sha256WithRSAEncryption 08:af:61:8b:c8:bb:4d:ff:bf:39:dc:0c:e6:8c:4b:cf:07:8f: a8:ea:d8:ea:3e:64:6d:f8:ca:bc:76:b4:16:45:c8:6b:fd:c5: 86:d3:8d:2b:f0:2c:1e:f5:32:ef:ed:b0:b1:d2:f4:96:56:69: 29:84:2d:01:33:92:53:60:32:be:aa:81:c5:84:53:f3:30:db: cb:a8:0b:41:e2:5a:2d:ef:29:8b:23:b4:d2:1b:b6:97:c5:ca: 6b:37:f7:f0:e0:d6:e6:02:08:3e:1b:5e:97:8a:b1:65:ff:72: 4c:3a:ff:a4:dd:3f:b3:7d:d0:5f:47:ea:de:23:53:74:bd:86: 3e:0e:46:7d:e3:94:99:d2:00:9a:3b:75:11:96:36:38:c1:ad: c4:44:72:5c:d1:67:d1:c2:a9:2c:43:39:96:ba:18:f7:ae:28: 1c:96:01:4e:e4:af:90:36:fa:e5:c0:7e:87:93:81:66:02:fe: ad:38:c9:c3:5d:11:17:1d:da:82:bf:c1:7d:50:77:cc:cc:f3: f8:b2:50:c5:31:01:04:c3:61:0e:43:b2:35:d4:23:9c:63:7c: dd:fa:e4:e5:69:1b:fc:8c:7e:04:42:25:0e:ac:d5:80:ef:49: a4:51:87:c2:c9:03:2f:90:49:3b:59:9f:ea:87:af:f6:bc:d1: 87:08:86:af -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUQlI/eqgME038YR9weRkBLMP5OfwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDczMTA3NTUwMFoX DTI1MDczMDA4MDAwMFowMzExMC8GA1UEAxMoODY5MDA2NzU3RTIyNjhDOUI5M0Qw NEZENzJFM0QwQjdDNTY4QjExQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANLISeVg/CtkxuFwnkIjMxp8uTv4UaGyMRt7yWUfOe7i3v/wWSs2OxHb/EGL tM4Jv71Q2IJlvMmK/Mkf679d0Kwoosa6YPNyzWjryb920jpNlafE6Kh6PCKpquGU dtMcLAstarBtcRHWdBUIaqFBQe/hcAx+7mIZaRYwmwRXXjISYyei3Rn1xetFChMQ 9Q1uO44yI8hTPxBVER1Sqm3o4GDsWoaHP705empPSLKpfq8xIPARdcpn6aQAB34t FP0hhTRGHFxPBGMwFUolZojUKDqg3HwRmST5q1kX2A63+hUbEbcD9Og3fsiOkhN4 SCWIb1SQlyTbhScXFrTEUsee33cCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBSGkAZ1 fiJoybk9BP1y49C3xWixGzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MDUwMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfIhQDANBgkqhkiG9w0BAQsFAAOCAQEACK9hi8i7Tf+/OdwM 5oxLzwePqOrY6j5kbfjKvHa0FkXIa/3FhtONK/AsHvUy7+2wsdL0llZpKYQtATOS U2AyvqqBxYRT8zDby6gLQeJaLe8piyO00hu2l8XKazf38ODW5gIIPhtel4qxZf9y TDr/pN0/s33QX0fq3iNTdL2GPg5GfeOUmdIAmjt1EZY2OMGtxERyXNFn0cKpLEM5 lroY964oHJYBTuSvkDb65cB+h5OBZgL+rTjJw10RFx3agr/BfVB3zMzz+LJQxTEB BMNhDkOyNdQjnGN83frk5Wkb/Ix+BEIlDqzVgO9JpFGHwskDL5BJO1mf6oev9rzR hwiGrw== -----END CERTIFICATE-----Generated at Mon Nov 25 13:01:57 2024 by rpki-client on console-fra.rpki-client.org