$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150923.roa File: AS150923.roa (raw, json) Hash identifier: zvNtuCkG/Dk4zia7DiKgwBq+V1RXDPi+7FxBZldQbD0= Subject key identifier: 30:DE:59:90:D0:ED:59:F9:DB:43:B9:82:3E:A7:B1:75:31:69:AE:4D Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 59DFA8DC68FF1820A63DD21BE5E4FB09A0F330DE Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150923.roa Signing time: Tue 24 Sep 2024 07:00:00 +0000 ROA not before: Tue 24 Sep 2024 06:55:00 +0000 ROA not after: Tue 23 Sep 2025 07:00:00 +0000 asID: 150923 IP address blocks: 2001:df2:ffc0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:df:a8:dc:68:ff:18:20:a6:3d:d2:1b:e5:e4:fb:09:a0:f3:30:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 24 06:55:00 2024 GMT Not After : Sep 23 07:00:00 2025 GMT Subject: CN=30DE5990D0ED59F9DB43B9823EA7B1753169AE4D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:b2:0b:ea:2d:6a:cf:a1:4f:d3:09:7b:2c:b0: 7e:55:37:7f:0d:43:b1:2e:e9:3a:74:e6:86:7d:1d: 49:8e:c0:66:c4:8a:85:96:21:e4:3b:7d:03:9e:d2: d7:02:82:4b:b4:e8:5b:df:9b:be:a0:38:df:21:3f: 1a:79:16:b8:0a:e3:d2:eb:6f:e6:4d:68:fa:9a:c3: 63:ef:74:10:23:73:26:7e:8a:c8:2b:c7:c4:d1:c2: 29:4e:44:61:31:21:ff:e0:17:9d:5a:54:03:ca:d0: 2c:e8:fc:e6:2f:05:ce:ba:92:54:6d:54:a8:cb:f7: 98:ab:26:1d:62:e0:95:3e:ea:a9:53:70:d5:ec:9c: cc:d0:62:22:92:38:9c:56:9b:57:d9:20:5d:9b:0f: 65:3a:23:0b:9a:b0:a8:85:75:9f:45:4d:df:ef:19: 20:09:6d:4f:f2:0d:88:4c:44:b5:3b:d7:d2:78:78: ca:53:28:71:b5:bc:2b:dc:35:31:f3:93:33:bf:5c: 23:30:0f:dc:7c:5f:32:17:1c:ab:a7:ab:b9:38:f0: f8:0e:c8:dc:5f:4a:3a:6d:e4:e1:22:01:b1:9b:51: 1b:8e:27:3b:32:6c:a8:43:df:55:26:07:a0:35:30: de:c2:f3:a6:d3:4e:c3:99:69:c3:69:14:35:2f:87: 25:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:DE:59:90:D0:ED:59:F9:DB:43:B9:82:3E:A7:B1:75:31:69:AE:4D X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150923.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:ffc0::/48 Signature Algorithm: sha256WithRSAEncryption 86:75:dd:af:1f:cf:1d:3f:b7:e5:6d:b8:ec:8c:9b:87:46:8d: c6:df:c5:b6:52:a0:b6:ff:e1:91:47:e3:1e:0c:10:80:bf:cd: d2:ab:f9:36:9c:15:c2:1f:cd:ac:b7:02:3c:24:7c:2e:c4:a7: 2a:2a:d8:5c:c8:ac:e6:b9:71:d3:49:ea:8f:12:29:51:47:13: 3e:91:67:85:7e:4e:8b:8d:1c:41:e1:f2:d4:48:34:22:94:5f: 3e:06:61:9f:11:4c:6d:0b:e9:d2:a0:c4:1f:d6:f3:e4:c0:de: b8:9d:6e:af:63:33:7c:29:b1:9e:c8:31:aa:c0:f4:a2:e4:29: eb:0a:c2:cf:bf:13:c2:f6:7a:53:d0:e7:22:05:60:89:f2:e8: 20:7c:f6:78:1e:7f:4a:21:e5:35:fb:f3:1a:93:7e:82:be:fb: 9b:5e:10:c3:19:f3:21:e1:d4:ea:4f:d8:4c:7c:fe:30:f3:78: 76:61:b3:7f:3a:ef:30:9b:f1:75:4a:20:17:0e:7c:d2:c5:fe: 47:b8:8d:3a:dd:37:5a:c4:0c:96:9d:f4:6d:73:60:46:57:08: a0:ea:d5:84:cd:01:c3:85:3b:cb:e9:9b:9e:95:bc:4d:61:c2: 35:8d:cc:46:bb:c5:4c:b5:ec:0a:af:3e:88:3b:ed:6e:8d:a4: 59:36:d5:2c -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUWd+o3Gj/GCCmPdIb5eT7CaDzMN4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDkyNDA2NTUwMFoX DTI1MDkyMzA3MDAwMFowMzExMC8GA1UEAxMoMzBERTU5OTBEMEVENTlGOURCNDNC OTgyM0VBN0IxNzUzMTY5QUU0RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANmyC+otas+hT9MJeyywflU3fw1DsS7pOnTmhn0dSY7AZsSKhZYh5Dt9A57S 1wKCS7ToW9+bvqA43yE/GnkWuArj0utv5k1o+prDY+90ECNzJn6KyCvHxNHCKU5E YTEh/+AXnVpUA8rQLOj85i8FzrqSVG1UqMv3mKsmHWLglT7qqVNw1eyczNBiIpI4 nFabV9kgXZsPZTojC5qwqIV1n0VN3+8ZIAltT/INiExEtTvX0nh4ylMocbW8K9w1 MfOTM79cIzAP3HxfMhccq6eruTjw+A7I3F9KOm3k4SIBsZtRG44nOzJsqEPfVSYH oDUw3sLzptNOw5lpw2kUNS+HJUMCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQw3lmQ 0O1Z+dtDuYI+p7F1MWmuTTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MDkyMy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfL/wDANBgkqhkiG9w0BAQsFAAOCAQEAhnXdrx/PHT+35W24 7Iybh0aNxt/FtlKgtv/hkUfjHgwQgL/N0qv5NpwVwh/NrLcCPCR8LsSnKirYXMis 5rlx00nqjxIpUUcTPpFnhX5Oi40cQeHy1Eg0IpRfPgZhnxFMbQvp0qDEH9bz5MDe uJ1ur2MzfCmxnsgxqsD0ouQp6wrCz78TwvZ6U9DnIgVgifLoIHz2eB5/SiHlNfvz GpN+gr77m14QwxnzIeHU6k/YTHz+MPN4dmGzfzrvMJvxdUogFw580sX+R7iNOt03 WsQMlp30bXNgRlcIoOrVhM0Bw4U7y+mbnpW8TWHCNY3MRrvFTLXsCq8+iDvtbo2k WTbVLA== -----END CERTIFICATE-----Generated at Mon Nov 25 13:14:29 2024 by rpki-client on console-ams.rpki-client.org