$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150989.roa File: AS150989.roa (raw, json) Hash identifier: kbLQDs2Nxh8uCBn2eheBBWI5rPCZzl8NR6MHeka4QDQ= Subject key identifier: CD:FB:C9:A0:B6:A8:8B:3E:AB:2A:A7:1C:0E:BC:D1:5B:11:17:24:DC Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 247FD2FB5016057E877CAC799FDAA912F774648D Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150989.roa Signing time: Wed 30 Aug 2023 02:44:18 +0000 ROA not before: Wed 30 Aug 2023 02:39:18 +0000 ROA not after: Wed 28 Aug 2024 02:44:18 +0000 asID: 150989 IP address blocks: 2001:df2:dcc0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 03:34:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:7f:d2:fb:50:16:05:7e:87:7c:ac:79:9f:da:a9:12:f7:74:64:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Aug 30 02:39:18 2023 GMT Not After : Aug 28 02:44:18 2024 GMT Subject: CN=CDFBC9A0B6A88B3EAB2AA71C0EBCD15B111724DC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:f7:1e:4b:22:81:1c:3f:77:0b:9f:d0:e5:d5: e0:f2:61:02:8e:a1:d7:58:ea:b5:17:f9:d8:02:f2: 8b:fa:0b:60:fb:74:83:13:73:8d:f6:ed:0a:ab:1b: e7:54:0b:dd:36:a8:ee:5e:9a:cb:a5:bb:58:4f:5c: 69:3a:cb:81:8b:d9:58:19:32:81:51:81:94:3e:6b: c5:7f:10:fc:f4:98:e5:40:0c:68:eb:3c:63:e0:2d: 45:67:34:a7:75:72:e2:c8:8f:30:8f:05:22:fa:4d: 22:33:02:6a:f3:86:f0:fd:c8:e3:b5:6b:4c:8a:e2: 9a:b5:5b:4d:36:13:0c:c3:80:d8:e3:21:66:d6:e2: 69:06:37:43:a3:3d:ba:80:e1:1b:7b:6e:f9:b4:37: a0:59:6b:92:89:87:f2:6f:81:61:5e:c0:b2:19:01: df:d6:df:c3:db:18:ee:31:5d:18:d1:81:e4:bd:55: be:20:a5:ce:33:8a:77:5c:a3:7c:b3:d6:34:42:04: 64:bc:11:fe:c2:40:4f:68:7e:b4:61:1e:0b:86:6f: c8:1d:d0:10:e7:ba:0f:27:66:9e:ae:1e:f5:76:d4: 41:88:00:ae:30:1a:b8:67:ad:91:6d:54:62:8c:22: 5d:8c:88:db:d6:0f:26:48:38:d5:07:74:4d:ec:af: 8c:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:FB:C9:A0:B6:A8:8B:3E:AB:2A:A7:1C:0E:BC:D1:5B:11:17:24:DC X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150989.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:dcc0::/48 Signature Algorithm: sha256WithRSAEncryption 46:12:f0:43:bd:ac:2e:f7:cd:6e:7d:7f:96:a9:b6:c5:fa:3f: c7:f6:03:85:84:7d:5a:2a:a3:e0:ba:be:7a:57:de:15:da:73: 83:42:06:e5:6b:ba:27:8f:34:7c:e7:17:2c:78:e1:6d:83:f9: 85:59:85:e4:d9:9c:7c:84:be:21:c6:e9:a3:16:3b:0f:2b:1b: 04:44:7e:20:10:50:24:a5:fa:58:dd:27:09:6a:a1:c4:f2:4e: 31:23:60:a7:41:4c:66:02:6b:42:5c:d2:b1:f0:e0:5c:2c:9d: be:f1:ac:04:89:95:7e:46:a8:8b:fb:c5:ec:b0:3f:51:3b:37: 64:ee:79:d7:78:ad:22:da:d8:b4:25:f3:4b:76:41:20:6d:59: 37:14:68:d6:9b:b1:06:43:a2:39:41:55:4c:c5:9b:27:dc:a1: 5e:04:a3:3f:57:6a:b5:46:43:14:22:d1:0c:4c:1b:c5:eb:a9: 78:75:6d:a2:a3:52:47:9f:52:33:7d:44:d7:53:b7:b0:0f:5d: 18:3f:de:d5:28:d2:a8:f7:8d:ed:8e:71:f1:c9:3a:d0:6f:63: d9:0e:9b:3c:78:46:42:73:b0:59:6d:44:ad:09:4d:68:8a:33: 7a:19:d1:84:2b:cd:8c:40:1d:79:3f:71:90:47:f2:fa:44:70: fd:d0:0d:40 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUJH/S+1AWBX6HfKx5n9qpEvd0ZI0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDgzMDAyMzkxOFoX DTI0MDgyODAyNDQxOFowMzExMC8GA1UEAxMoQ0RGQkM5QTBCNkE4OEIzRUFCMkFB NzFDMEVCQ0QxNUIxMTE3MjREQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALz3HksigRw/dwuf0OXV4PJhAo6h11jqtRf52ALyi/oLYPt0gxNzjfbtCqsb 51QL3Tao7l6ay6W7WE9caTrLgYvZWBkygVGBlD5rxX8Q/PSY5UAMaOs8Y+AtRWc0 p3Vy4siPMI8FIvpNIjMCavOG8P3I47VrTIrimrVbTTYTDMOA2OMhZtbiaQY3Q6M9 uoDhG3tu+bQ3oFlrkomH8m+BYV7AshkB39bfw9sY7jFdGNGB5L1VviClzjOKd1yj fLPWNEIEZLwR/sJAT2h+tGEeC4ZvyB3QEOe6Dydmnq4e9XbUQYgArjAauGetkW1U YowiXYyI29YPJkg41Qd0TeyvjMsCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBTN+8mg tqiLPqsqpxwOvNFbERck3DAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MDk4OS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfLcwDANBgkqhkiG9w0BAQsFAAOCAQEARhLwQ72sLvfNbn1/ lqm2xfo/x/YDhYR9Wiqj4Lq+elfeFdpzg0IG5Wu6J480fOcXLHjhbYP5hVmF5Nmc fIS+IcbpoxY7DysbBER+IBBQJKX6WN0nCWqhxPJOMSNgp0FMZgJrQlzSsfDgXCyd vvGsBImVfkaoi/vF7LA/UTs3ZO5513itItrYtCXzS3ZBIG1ZNxRo1puxBkOiOUFV TMWbJ9yhXgSjP1dqtUZDFCLRDEwbxeupeHVtoqNSR59SM31E11O3sA9dGD/e1SjS qPeN7Y5x8ck60G9j2Q6bPHhGQnOwWW1ErQlNaIozehnRhCvNjEAdeT9xkEfy+kRw /dANQA== -----END CERTIFICATE-----Generated at Wed May 8 21:02:24 2024 by rpki-client on console-fra.rpki-client.org