$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153149.roa File: AS153149.roa (raw, json) Hash identifier: aOw4+TQjHDcD7ThsiTdmGBAqejzP7OBl6QlPeQ+p5y4= Subject key identifier: 17:5E:4D:E3:1B:AB:37:CB:9E:27:F8:F0:A5:B5:C7:4B:75:B0:FC:03 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5A9790B86C15C5A46E80D6AE65F7D90FE0684E92 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153149.roa Signing time: Tue 03 Dec 2024 08:43:07 +0000 ROA not before: Tue 03 Dec 2024 08:38:07 +0000 ROA not after: Tue 02 Dec 2025 08:43:07 +0000 asID: 153149 IP address blocks: 2001:df4:9a40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Apr 2025 09:42:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:97:90:b8:6c:15:c5:a4:6e:80:d6:ae:65:f7:d9:0f:e0:68:4e:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Dec 3 08:38:07 2024 GMT Not After : Dec 2 08:43:07 2025 GMT Subject: CN=175E4DE31BAB37CB9E27F8F0A5B5C74B75B0FC03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:60:4a:4a:78:d9:a4:b0:a6:24:22:42:57:6f: d5:b2:0b:27:45:26:69:2d:50:22:84:b8:25:56:68: 35:74:8e:e9:8f:10:8d:67:56:d4:75:2f:ba:4d:18: b3:31:90:7a:b9:b9:32:fc:7f:ef:cb:ee:ce:27:33: 0a:c4:d8:c3:c9:b5:83:21:ac:e9:b5:a4:ea:09:b0: e6:22:53:84:f8:9a:b2:62:9d:ce:da:9b:b0:f7:64: ff:31:39:23:d7:a1:7a:1e:58:eb:25:7f:5d:ba:ba: af:ca:34:76:1f:d2:04:dd:cd:b0:92:34:be:f2:0d: c4:05:78:d1:34:6f:41:50:14:c7:e6:5c:cb:b7:15: ba:2d:f8:9b:2d:58:50:be:05:a6:4a:23:40:98:39: 9a:04:a9:57:a8:b8:3f:b3:a6:5e:9b:5d:14:67:af: 80:58:b7:22:ac:b1:d4:69:54:b3:b9:93:be:34:22: 4b:3b:b1:0f:94:db:8e:f1:d2:18:5a:7c:62:62:6e: 27:44:89:fb:86:0c:51:41:28:9a:0b:ca:32:02:d7: d0:87:20:bd:05:46:7c:d6:31:98:4c:46:2e:5f:13: 60:c3:7e:89:ce:71:ac:20:19:46:2e:bb:b6:4e:91: 60:bf:0e:16:30:af:f3:c8:a1:84:3e:4c:f7:88:4c: 47:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:5E:4D:E3:1B:AB:37:CB:9E:27:F8:F0:A5:B5:C7:4B:75:B0:FC:03 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153149.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:9a40::/48 Signature Algorithm: sha256WithRSAEncryption 68:cf:bf:53:0a:c8:55:6d:a0:f0:15:39:f5:86:62:97:b5:47: 40:2b:da:37:ab:5a:d3:9b:93:2b:e7:73:53:a0:36:1f:6b:d6: ef:0c:f7:66:86:bf:ec:4a:24:9c:46:66:f1:3b:64:42:66:d7: ba:d6:94:4e:82:5f:5d:49:fc:e7:fa:89:c4:e8:92:ef:fc:e0: 06:54:09:53:28:9a:7b:43:e4:3f:94:74:ac:49:ca:44:62:6f: 51:04:1e:97:00:3d:b1:2e:29:23:e6:83:17:0b:35:04:6e:55: a8:c5:f3:32:51:5c:ab:ba:22:6b:d7:8a:76:7e:cd:de:26:2a: 5a:7b:95:06:67:fb:ce:22:32:f5:fb:65:6e:11:f0:12:81:28: f3:35:5e:18:52:10:90:7b:57:1f:c4:28:d6:b8:d6:aa:2a:f3: 88:83:a2:b4:48:95:99:97:f5:1c:c5:ee:b2:8e:82:c7:41:60: 3d:b0:3e:8c:c5:1a:0c:60:4e:ab:03:c2:e9:52:c5:f2:dd:71: 36:39:8c:47:09:6a:f9:97:bf:f7:76:d3:44:4e:d3:f4:01:43: 64:77:35:05:ad:8e:de:47:de:bd:01:68:c8:02:fa:a8:e8:52: 02:22:12:2e:4a:57:bb:1f:85:9e:7b:e6:e7:27:dc:f7:61:19: 42:68:bb:07 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUWpeQuGwVxaRugNauZffZD+BoTpIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIwMzA4MzgwN1oX DTI1MTIwMjA4NDMwN1owMzExMC8GA1UEAxMoMTc1RTRERTMxQkFCMzdDQjlFMjdG OEYwQTVCNUM3NEI3NUIwRkMwMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ1gSkp42aSwpiQiQldv1bILJ0UmaS1QIoS4JVZoNXSO6Y8QjWdW1HUvuk0Y szGQerm5Mvx/78vuziczCsTYw8m1gyGs6bWk6gmw5iJThPiasmKdztqbsPdk/zE5 I9eheh5Y6yV/Xbq6r8o0dh/SBN3NsJI0vvINxAV40TRvQVAUx+Zcy7cVui34my1Y UL4FpkojQJg5mgSpV6i4P7OmXptdFGevgFi3Iqyx1GlUs7mTvjQiSzuxD5TbjvHS GFp8YmJuJ0SJ+4YMUUEomgvKMgLX0IcgvQVGfNYxmExGLl8TYMN+ic5xrCAZRi67 tk6RYL8OFjCv88ihhD5M94hMR8cCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQXXk3j G6s3y54n+PCltcdLdbD8AzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MzE0OS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfSaQDANBgkqhkiG9w0BAQsFAAOCAQEAaM+/UwrIVW2g8BU5 9YZil7VHQCvaN6ta05uTK+dzU6A2H2vW7wz3Zoa/7EoknEZm8TtkQmbXutaUToJf XUn85/qJxOiS7/zgBlQJUyiae0PkP5R0rEnKRGJvUQQelwA9sS4pI+aDFws1BG5V qMXzMlFcq7oia9eKdn7N3iYqWnuVBmf7ziIy9ftlbhHwEoEo8zVeGFIQkHtXH8Qo 1rjWqirziIOitEiVmZf1HMXuso6Cx0FgPbA+jMUaDGBOqwPC6VLF8t1xNjmMRwlq +Ze/93bTRE7T9AFDZHc1Ba2O3kfevQFoyAL6qOhSAiISLkpXux+Fnnvm5yfc92EZ Qmi7Bw== -----END CERTIFICATE-----Generated at Mon Apr 21 05:27:47 2025 by rpki-client