$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150501.roa File: AS150501.roa (raw, json) Hash identifier: kAPeWTJJakGLfBxAdIk6QLYziLBQW73nSKAwXpGW+hk= Subject key identifier: B5:9B:4E:C1:C9:BF:03:B1:A6:6B:B5:1A:C5:A9:86:EE:44:20:98:77 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 76195042E36CF9F1F27E4CEED81959D0121844A6 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150501.roa Signing time: Wed 30 Aug 2023 07:37:57 +0000 ROA not before: Wed 30 Aug 2023 07:32:57 +0000 ROA not after: Wed 28 Aug 2024 07:37:57 +0000 asID: 150501 IP address blocks: 2001:df2:2140::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 13:23:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:19:50:42:e3:6c:f9:f1:f2:7e:4c:ee:d8:19:59:d0:12:18:44:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Aug 30 07:32:57 2023 GMT Not After : Aug 28 07:37:57 2024 GMT Subject: CN=B59B4EC1C9BF03B1A66BB51AC5A986EE44209877 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:05:6c:85:a9:46:ec:20:72:af:ab:3a:b2:d0: 95:87:25:6a:04:a7:8e:2c:b4:52:f9:b0:ff:cd:7a: 60:e3:ca:8a:64:c3:e8:d6:4a:06:e7:32:88:0d:96: 02:41:ce:41:f0:98:3d:8a:ea:dc:d6:d8:e7:ff:50: 18:b4:2a:7d:38:97:01:54:70:3a:47:05:ec:ac:d3: dd:dd:1d:3d:08:2c:0d:1f:eb:7e:2d:61:97:49:e2: 94:2b:9d:4e:c7:b3:7c:98:71:d4:f2:ef:1d:f5:79: ed:89:b8:ac:4e:6e:1f:9c:33:4e:d3:5f:cc:33:65: ac:a6:e2:2b:a2:30:0d:15:d4:12:be:0f:34:54:ac: 3e:df:99:03:2a:b3:f6:75:f2:8a:d5:f0:61:1e:27: 76:db:c6:0a:e5:0d:a8:11:e6:0e:a9:fb:b1:9f:42: 52:4b:b0:f4:da:86:84:f9:b0:f0:c5:2f:98:79:00: 25:a6:5e:14:de:76:5b:4d:ad:d5:f2:af:93:fe:c6: 64:b3:47:c2:e4:a8:f6:87:52:ab:91:fc:c1:00:c4: c1:25:44:2d:c3:17:f3:42:7c:75:de:be:e6:d0:28: 2c:83:22:a1:2e:8a:a6:4b:81:95:72:56:08:da:d4: 35:5b:7b:91:c0:ea:9c:50:4b:c8:bb:37:a7:e7:de: 26:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:9B:4E:C1:C9:BF:03:B1:A6:6B:B5:1A:C5:A9:86:EE:44:20:98:77 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150501.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:2140::/48 Signature Algorithm: sha256WithRSAEncryption 99:0e:b2:74:c0:b3:d0:6e:b1:5a:6b:9e:90:51:09:47:17:6f: c7:8c:0c:0b:ce:d3:5c:66:33:68:eb:1d:f6:97:d3:69:cd:a9: fe:cb:86:86:14:d3:20:5c:ce:c7:9a:93:08:d4:bc:2f:65:ce: 8b:ab:e2:f7:86:eb:62:b6:04:18:b4:5d:d6:f4:a3:1c:95:58: d3:3a:39:b6:c8:55:ce:8e:57:51:be:44:19:a6:0f:7e:ae:75: 93:78:ab:cf:28:0c:98:65:79:e7:a1:8b:ed:ae:82:4e:bf:91: 55:7f:8a:ea:8a:4c:12:8a:75:e1:26:60:ed:50:67:7c:bb:14: 9d:0a:30:40:aa:44:5b:b2:98:d9:de:e2:d1:68:5f:f1:2d:13: a8:6b:bf:fa:29:6d:62:d0:37:c2:5f:5c:62:f3:4c:1a:39:82: e8:da:a5:d2:c7:43:cb:78:3e:ff:0b:0e:2d:04:cd:af:9b:26: 09:03:1e:43:a1:15:b3:37:13:b1:66:61:1a:fd:ca:c9:f1:8f: d1:0a:74:9e:b0:b5:20:34:8b:38:df:7c:79:c0:50:ac:01:4c: 63:08:34:0b:f0:f6:9f:a6:11:cc:74:81:cc:d1:23:5a:d8:81: 26:cd:63:41:9b:1e:da:7b:15:60:e0:a1:f7:83:e5:80:dc:47: 2f:fe:e8:94 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUdhlQQuNs+fHyfkzu2BlZ0BIYRKYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDgzMDA3MzI1N1oX DTI0MDgyODA3Mzc1N1owMzExMC8GA1UEAxMoQjU5QjRFQzFDOUJGMDNCMUE2NkJC NTFBQzVBOTg2RUU0NDIwOTg3NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL0FbIWpRuwgcq+rOrLQlYclagSnjiy0Uvmw/816YOPKimTD6NZKBucyiA2W AkHOQfCYPYrq3NbY5/9QGLQqfTiXAVRwOkcF7KzT3d0dPQgsDR/rfi1hl0nilCud TsezfJhx1PLvHfV57Ym4rE5uH5wzTtNfzDNlrKbiK6IwDRXUEr4PNFSsPt+ZAyqz 9nXyitXwYR4ndtvGCuUNqBHmDqn7sZ9CUkuw9NqGhPmw8MUvmHkAJaZeFN52W02t 1fKvk/7GZLNHwuSo9odSq5H8wQDEwSVELcMX80J8dd6+5tAoLIMioS6KpkuBlXJW CNrUNVt7kcDqnFBLyLs3p+feJs8CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBS1m07B yb8DsaZrtRrFqYbuRCCYdzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MDUwMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfIhQDANBgkqhkiG9w0BAQsFAAOCAQEAmQ6ydMCz0G6xWmue kFEJRxdvx4wMC87TXGYzaOsd9pfTac2p/suGhhTTIFzOx5qTCNS8L2XOi6vi94br YrYEGLRd1vSjHJVY0zo5tshVzo5XUb5EGaYPfq51k3irzygMmGV556GL7a6CTr+R VX+K6opMEop14SZg7VBnfLsUnQowQKpEW7KY2d7i0Whf8S0TqGu/+iltYtA3wl9c YvNMGjmC6Nql0sdDy3g+/wsOLQTNr5smCQMeQ6EVszcTsWZhGv3KyfGP0Qp0nrC1 IDSLON98ecBQrAFMYwg0C/D2n6YRzHSBzNEjWtiBJs1jQZse2nsVYOCh94PlgNxH L/7olA== -----END CERTIFICATE-----Generated at Wed May 8 09:50:39 2024 by rpki-client on console-fra.rpki-client.org