$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150997.roa File: AS150997.roa (raw, json) Hash identifier: r5C/WUbFBSBfQosJ8Yq05qM3hHl89AY/p1ituqtHanM= Subject key identifier: D9:D7:3F:6D:28:42:5F:CE:79:A4:B9:4E:5B:40:EF:69:05:21:D9:47 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 200DC4233CF719DECC76249799E90784D13FFFFD Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150997.roa Signing time: Mon 03 Jul 2023 09:26:04 +0000 ROA not before: Mon 03 Jul 2023 09:21:04 +0000 ROA not after: Mon 01 Jul 2024 09:26:04 +0000 asID: 150997 IP address blocks: 103.205.220.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 00:20:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:0d:c4:23:3c:f7:19:de:cc:76:24:97:99:e9:07:84:d1:3f:ff:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 3 09:21:04 2023 GMT Not After : Jul 1 09:26:04 2024 GMT Subject: CN=D9D73F6D28425FCE79A4B94E5B40EF690521D947 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:8a:88:57:51:4d:fa:cd:18:cb:dd:58:fe:89: b1:7a:06:49:ab:d3:c2:dc:78:58:9b:44:49:65:48: ec:6a:75:e7:5f:41:68:46:55:bb:37:69:99:f2:2e: 48:9d:b1:99:10:f8:9c:58:7f:7b:d5:d4:6f:03:bd: 70:46:02:e5:11:13:92:63:cd:09:ec:71:9b:d1:ad: ca:d0:d6:a6:e0:0d:00:4e:30:7e:1f:4b:7a:a7:51: b2:c3:a9:19:21:67:02:bd:3a:66:92:bf:e0:15:bc: 6d:5b:4d:48:5f:2b:08:06:4e:94:5f:d4:03:17:71: f2:fb:4a:f5:69:6e:79:69:0c:e9:46:67:bc:f2:bd: 46:a8:0f:e6:9f:71:3f:90:d3:bb:1a:25:c3:b5:43: 53:36:5b:86:ae:fe:95:2f:f7:1f:af:a7:fe:20:82: 88:d2:c6:73:20:9c:f7:51:12:33:a6:51:3e:98:79: b5:ee:fc:b7:a4:6e:5d:17:82:d9:5c:f4:96:ef:57: 93:58:5c:01:37:ad:64:01:b3:56:7d:81:10:e2:ab: 9c:fe:d3:d1:15:bc:3a:b6:e1:da:ff:9b:24:ea:c1: a1:3e:62:ac:2c:d2:59:9d:a5:95:80:a0:d2:83:ac: ab:46:8e:78:34:91:86:e8:61:5c:57:e3:be:54:58: a5:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:D7:3F:6D:28:42:5F:CE:79:A4:B9:4E:5B:40:EF:69:05:21:D9:47 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150997.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.205.220.0/23 Signature Algorithm: sha256WithRSAEncryption 98:28:f2:6e:14:06:cd:9d:48:f7:21:85:b2:94:79:f5:e7:62: 34:87:12:4c:1d:ee:f2:14:8a:89:8c:5f:d5:8b:94:30:e4:5b: dc:1b:53:cf:4b:21:5b:5e:26:41:23:a3:a7:da:d5:64:7d:0c: ee:86:1a:e0:ac:72:29:c4:b2:b7:b7:73:f8:41:e8:f6:52:a8: 8e:1e:e9:5a:e4:8a:9f:9c:55:ff:fc:31:cb:48:6e:7e:68:a0: 43:a0:38:a4:a5:7b:33:98:16:92:73:e8:2a:72:88:84:ce:ba: df:cc:64:26:ff:0d:dd:d5:0f:47:6f:fb:4b:56:bb:6c:f7:85: 01:cc:e2:67:21:cd:50:39:10:e8:19:13:e4:1b:d0:4c:d6:c4: 8e:f3:8f:0a:03:3e:dd:48:87:58:7e:f3:cb:f4:cf:ed:cd:c1: a0:3d:81:9e:74:a0:1f:e2:ae:5c:d6:c7:55:fb:21:22:52:fb: 56:1a:44:b4:2a:82:58:7e:35:c6:ad:ba:95:96:4a:27:5d:9e: 22:6a:eb:64:92:6e:95:6b:82:fa:06:6a:be:8e:d2:4c:74:ff: fe:66:ed:cb:04:35:22:56:0e:6c:5f:fb:38:ce:6b:33:84:9e: 10:9c:02:f9:a9:95:02:1d:2a:26:59:56:6d:54:55:fc:e2:f3: c5:0d:b1:70 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUIA3EIzz3Gd7MdiSXmekHhNE///0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDcwMzA5MjEwNFoX DTI0MDcwMTA5MjYwNFowMzExMC8GA1UEAxMoRDlENzNGNkQyODQyNUZDRTc5QTRC OTRFNUI0MEVGNjkwNTIxRDk0NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMmKiFdRTfrNGMvdWP6JsXoGSavTwtx4WJtESWVI7Gp1519BaEZVuzdpmfIu SJ2xmRD4nFh/e9XUbwO9cEYC5RETkmPNCexxm9GtytDWpuANAE4wfh9LeqdRssOp GSFnAr06ZpK/4BW8bVtNSF8rCAZOlF/UAxdx8vtK9WlueWkM6UZnvPK9RqgP5p9x P5DTuxolw7VDUzZbhq7+lS/3H6+n/iCCiNLGcyCc91ESM6ZRPph5te78t6RuXReC 2Vz0lu9Xk1hcATetZAGzVn2BEOKrnP7T0RW8Orbh2v+bJOrBoT5irCzSWZ2llYCg 0oOsq0aOeDSRhuhhXFfjvlRYpU0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTZ1z9t KEJfznmkuU5bQO9pBSHZRzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MDk5Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWfN3DANBgkqhkiG9w0BAQsFAAOCAQEAmCjybhQGzZ1I9yGFspR5 9ediNIcSTB3u8hSKiYxf1YuUMORb3BtTz0shW14mQSOjp9rVZH0M7oYa4KxyKcSy t7dz+EHo9lKojh7pWuSKn5xV//wxy0hufmigQ6A4pKV7M5gWknPoKnKIhM6638xk Jv8N3dUPR2/7S1a7bPeFAcziZyHNUDkQ6BkT5BvQTNbEjvOPCgM+3UiHWH7zy/TP 7c3BoD2BnnSgH+KuXNbHVfshIlL7VhpEtCqCWH41xq26lZZKJ12eImrrZJJulWuC +gZqvo7STHT//mbtywQ1IlYObF/7OM5rM4SeEJwC+amVAh0qJllWbVRV/OLzxQ2x cA== -----END CERTIFICATE-----Generated at Thu May 9 00:29:16 2024 by rpki-client on console-ams.rpki-client.org