$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150517.roa File: AS150517.roa (raw, json) Hash identifier: 9nYeK67WWm+XyLjDOyr5Ps+8jT4xq1KrU9EdC4BmvcI= Subject key identifier: D5:CE:42:71:08:C8:A4:3B:62:17:DC:ED:7C:5A:6E:EE:6D:C5:31:8C Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4007BD5AA313D84506B146D695DCD1E3879D3061 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150517.roa Signing time: Thu 18 Jan 2024 04:00:00 +0000 ROA not before: Thu 18 Jan 2024 03:55:00 +0000 ROA not after: Thu 16 Jan 2025 04:00:00 +0000 asID: 150517 IP address blocks: 103.68.214.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 00:20:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:07:bd:5a:a3:13:d8:45:06:b1:46:d6:95:dc:d1:e3:87:9d:30:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 18 03:55:00 2024 GMT Not After : Jan 16 04:00:00 2025 GMT Subject: CN=D5CE427108C8A43B6217DCED7C5A6EEE6DC5318C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:98:59:41:eb:d6:3d:f0:c2:63:b4:0c:24:a1: ca:0e:26:9f:90:b7:33:c4:1b:1f:42:67:df:ca:08: 67:2b:31:83:5f:a7:09:6e:81:5a:5c:91:bc:16:ce: 6e:31:72:a2:d2:3a:3a:03:4b:0e:4e:53:21:f9:5a: 5a:e9:1f:e1:ee:9c:f2:64:84:e3:df:94:91:54:67: c6:ff:17:24:f3:fb:64:48:e8:e5:17:55:a1:5c:31: 82:6c:0a:a6:b4:e4:cd:ca:43:9d:32:3a:1b:d9:b7: c3:5e:71:1b:cf:e6:e9:1d:54:d2:cc:3d:ce:fc:8f: 77:85:98:9f:da:e5:99:18:4a:ca:e7:ec:3c:f5:8d: 21:0a:14:2d:f4:30:f1:0f:cc:aa:e1:2b:bf:97:2b: ed:4c:49:68:ec:9a:f3:75:ab:05:b6:63:30:72:8c: c5:2e:5c:76:bf:d9:7a:34:e8:56:f5:10:b6:35:7e: a9:99:c4:1b:7d:55:b4:15:89:d8:35:55:41:82:49: 13:85:48:29:4b:3a:7d:bf:d2:e7:e3:6a:a5:e8:fc: 77:a4:33:da:de:e7:ba:e9:9f:8f:79:63:de:32:e9: 34:4a:b4:82:9d:be:34:cc:cf:07:af:64:74:b9:99: 91:62:59:d7:e0:8a:54:b5:1d:b2:c2:59:71:34:2e: cf:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:CE:42:71:08:C8:A4:3B:62:17:DC:ED:7C:5A:6E:EE:6D:C5:31:8C X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150517.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.68.214.0/23 Signature Algorithm: sha256WithRSAEncryption 5d:5f:b8:42:e9:cc:09:05:3f:74:8d:1e:09:95:39:13:89:6d: 4c:54:98:d6:d4:2a:eb:d3:7f:52:ef:a7:35:e3:6b:a7:c5:ac: b8:a7:5d:4e:42:ca:40:8e:5f:07:78:53:1a:49:b1:01:c4:67: c4:ea:c8:fe:c3:d1:56:07:62:31:ff:2f:70:e5:95:b9:97:28: 4a:e9:fb:ef:e1:57:94:4e:07:73:87:ed:49:7c:41:ba:6a:e5: 08:c4:c6:70:14:b3:9a:77:d3:11:72:de:05:9d:3d:a1:b0:5e: 4f:09:c5:5f:dc:e9:d9:03:89:17:76:68:ad:ba:18:5d:34:7f: e0:cf:75:a3:23:01:cd:dd:f2:4b:94:9d:db:8c:07:52:cd:a1: c8:4a:b5:67:41:42:84:77:47:c9:57:07:ce:95:c3:04:05:77: 06:f4:0b:4b:72:10:a6:69:57:41:d1:7a:92:25:9e:c2:f1:0e: 2f:0f:62:1a:30:68:e1:4d:c4:c9:0f:17:e6:a6:e9:86:75:ae: 8d:22:77:36:de:12:6b:14:b0:ef:75:db:d2:eb:f2:ba:7a:e9: b5:97:0c:64:af:7d:59:80:3b:dc:e5:f2:1a:ce:86:89:34:e5: 7c:f1:31:56:3f:0d:33:8d:e7:fa:b1:37:bc:4a:ef:02:82:85: 08:47:9f:0c -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUQAe9WqMT2EUGsUbWldzR44edMGEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDExODAzNTUwMFoX DTI1MDExNjA0MDAwMFowMzExMC8GA1UEAxMoRDVDRTQyNzEwOEM4QTQzQjYyMTdE Q0VEN0M1QTZFRUU2REM1MzE4QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMuYWUHr1j3wwmO0DCShyg4mn5C3M8QbH0Jn38oIZysxg1+nCW6BWlyRvBbO bjFyotI6OgNLDk5TIflaWukf4e6c8mSE49+UkVRnxv8XJPP7ZEjo5RdVoVwxgmwK prTkzcpDnTI6G9m3w15xG8/m6R1U0sw9zvyPd4WYn9rlmRhKyufsPPWNIQoULfQw 8Q/MquErv5cr7UxJaOya83WrBbZjMHKMxS5cdr/ZejToVvUQtjV+qZnEG31VtBWJ 2DVVQYJJE4VIKUs6fb/S5+Nqpej8d6Qz2t7nuumfj3lj3jLpNEq0gp2+NMzPB69k dLmZkWJZ1+CKVLUdssJZcTQuzzMCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTVzkJx CMikO2IX3O18Wm7ubcUxjDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MDUxNy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWdE1jANBgkqhkiG9w0BAQsFAAOCAQEAXV+4QunMCQU/dI0eCZU5 E4ltTFSY1tQq69N/Uu+nNeNrp8WsuKddTkLKQI5fB3hTGkmxAcRnxOrI/sPRVgdi Mf8vcOWVuZcoSun77+FXlE4Hc4ftSXxBumrlCMTGcBSzmnfTEXLeBZ09obBeTwnF X9zp2QOJF3ZorboYXTR/4M91oyMBzd3yS5Sd24wHUs2hyEq1Z0FChHdHyVcHzpXD BAV3BvQLS3IQpmlXQdF6kiWewvEOLw9iGjBo4U3EyQ8X5qbphnWujSJ3Nt4SaxSw 73Xb0uvyunrptZcMZK99WYA73OXyGs6GiTTlfPExVj8NM43n+rE3vErvAoKFCEef DA== -----END CERTIFICATE-----Generated at Thu May 9 00:29:16 2024 by rpki-client on console-ams.rpki-client.org