$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149333.roa File: AS149333.roa (raw, json) Hash identifier: hDAbz2LZ8MHO5VK/GRJeh90youdXwfbue6QR1a7L0zY= Subject key identifier: 88:8B:88:D7:06:27:0B:8D:60:D4:FC:80:50:D5:DD:C6:8D:F6:6D:6A Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 46E4029BB813552F74888341C75D52B013D66A7E Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149333.roa Signing time: Fri 06 Jun 2025 05:00:00 +0000 ROA not before: Fri 06 Jun 2025 04:55:00 +0000 ROA not after: Fri 05 Jun 2026 05:00:00 +0000 asID: 149333 IP address blocks: 2400:a360::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 08:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:e4:02:9b:b8:13:55:2f:74:88:83:41:c7:5d:52:b0:13:d6:6a:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 6 04:55:00 2025 GMT Not After : Jun 5 05:00:00 2026 GMT Subject: CN=888B88D706270B8D60D4FC8050D5DDC68DF66D6A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:0a:93:a2:0c:01:c5:ba:0a:ba:3d:84:4d:27: 6b:44:e0:7f:18:02:c7:3b:93:f2:e1:58:c1:d5:a7: ef:3c:26:d7:60:c4:f6:f3:a5:3c:eb:84:90:ea:d2: ae:f9:18:b0:32:4b:ba:92:ae:9f:72:0d:ab:03:61: c0:ff:b1:00:77:8c:95:25:3e:91:6e:9f:1d:cc:89: e3:a7:04:a5:b9:4b:c2:ca:e9:01:6b:3a:d3:76:69: 50:26:bd:2a:40:e9:37:81:3e:99:07:a1:19:43:54: 6d:ff:24:a2:b6:a7:14:57:13:75:e3:e4:82:ee:93: a3:e1:c1:6b:fa:f8:98:77:46:1f:f3:81:2c:dc:39: fd:39:a3:15:3f:f4:c2:04:4c:cb:1a:27:08:4a:e3: 2e:2f:31:9c:47:a4:7a:b1:48:e3:11:61:44:c4:1d: bc:bc:0b:ae:f7:c0:a3:2f:64:34:e9:5e:eb:87:dd: 2a:1f:03:c3:cf:81:5b:18:e5:e4:74:c5:44:0a:fe: 98:5a:7c:0b:90:a4:98:b2:1d:95:11:92:bf:23:64: 37:fb:54:a1:fc:30:cf:ed:92:7b:e5:15:77:ba:d7: 7c:41:34:f4:59:4e:a7:ae:28:71:ea:75:93:28:fd: d9:9f:fb:7a:f0:e0:dc:3e:78:a5:a0:61:63:55:0d: 68:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:8B:88:D7:06:27:0B:8D:60:D4:FC:80:50:D5:DD:C6:8D:F6:6D:6A X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149333.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:a360::/32 Signature Algorithm: sha256WithRSAEncryption 10:c2:10:02:ec:38:a0:16:6c:db:62:a3:92:bd:6c:1d:f8:5b: aa:94:d4:5b:52:10:1c:c2:13:86:5f:84:05:aa:0c:da:4c:25: 57:f3:10:a1:8e:6b:96:ac:91:92:e7:13:b9:55:3f:45:4f:db: 4f:67:1a:10:30:e9:c4:06:f5:fa:f8:75:44:a4:1d:08:0f:13: 70:8e:12:25:34:f6:ce:67:86:bf:70:9f:67:e6:24:ed:f2:b9: 8e:3d:a4:ec:1a:3a:20:1d:72:8c:4f:c6:95:10:f0:00:8c:70: 11:9a:66:80:2a:e6:b2:16:fc:f2:c9:a2:13:07:3e:0e:eb:9f: 27:a2:32:40:6a:5f:35:4b:97:e5:39:7a:0e:ef:a3:39:7a:af: 02:25:1a:4d:d2:79:dd:4c:57:c5:8d:97:d6:f8:ca:23:8b:b3: 04:2d:5a:46:74:b2:73:f1:c2:85:7e:8e:94:e8:6d:d7:3d:99: 12:ee:be:2c:41:50:b3:f7:ef:71:4f:ac:f2:93:fc:88:80:4b: 94:7b:67:c8:24:c1:92:24:0a:c6:ba:43:ed:34:e5:0a:33:4c: d4:69:bd:4a:b3:ba:ec:9f:a4:31:20:27:25:18:7e:e7:29:da: 35:d0:09:ef:92:88:f1:91:0d:f9:f4:0f:ca:01:4d:97:10:3e: 5e:f3:e1:ba -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIURuQCm7gTVS90iINBx11SsBPWan4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYwNjA0NTUwMFoX DTI2MDYwNTA1MDAwMFowMzExMC8GA1UEAxMoODg4Qjg4RDcwNjI3MEI4RDYwRDRG QzgwNTBENUREQzY4REY2NkQ2QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMkKk6IMAcW6Cro9hE0na0TgfxgCxzuT8uFYwdWn7zwm12DE9vOlPOuEkOrS rvkYsDJLupKun3INqwNhwP+xAHeMlSU+kW6fHcyJ46cEpblLwsrpAWs603ZpUCa9 KkDpN4E+mQehGUNUbf8koranFFcTdePkgu6To+HBa/r4mHdGH/OBLNw5/TmjFT/0 wgRMyxonCErjLi8xnEekerFI4xFhRMQdvLwLrvfAoy9kNOle64fdKh8Dw8+BWxjl 5HTFRAr+mFp8C5CkmLIdlRGSvyNkN/tUofwwz+2Se+UVd7rXfEE09FlOp64ocep1 kyj92Z/7evDg3D54paBhY1UNaBcCAwEAAaOCAdEwggHNMB0GA1UdDgQWBBSIi4jX BicLjWDU/IBQ1d3GjfZtajAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTMzMy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQAo2AwDQYJKoZIhvcNAQELBQADggEBABDCEALsOKAWbNtio5K9 bB34W6qU1FtSEBzCE4ZfhAWqDNpMJVfzEKGOa5askZLnE7lVP0VP209nGhAw6cQG 9fr4dUSkHQgPE3COEiU09s5nhr9wn2fmJO3yuY49pOwaOiAdcoxPxpUQ8ACMcBGa ZoAq5rIW/PLJohMHPg7rnyeiMkBqXzVLl+U5eg7vozl6rwIlGk3Sed1MV8WNl9b4 yiOLswQtWkZ0snPxwoV+jpTobdc9mRLuvixBULP373FPrPKT/IiAS5R7Z8gkwZIk Csa6Q+005QozTNRpvUqzuuyfpDEgJyUYfucp2jXQCe+SiPGRDfn0D8oBTZcQPl7z 4bo= -----END CERTIFICATE-----Generated at Mon Jun 16 04:30:26 2025 by rpki-client