$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149713.roa File: AS149713.roa (raw, json) Hash identifier: cEortDd/iuXWcb5eoAXJupoAr/3NgM+rmjcrUDYwz0E= Subject key identifier: 57:2D:CD:73:88:29:B3:38:03:B5:38:B8:98:57:21:00:7E:C0:72:60 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 748980F57A795DCA8D860784804BBC7E3BECFA3E Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149713.roa Signing time: Fri 18 Jul 2025 10:16:35 +0000 ROA not before: Fri 18 Jul 2025 10:11:35 +0000 ROA not after: Fri 17 Jul 2026 10:16:35 +0000 asID: 149713 IP address blocks: 2406:85c0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Jul 2025 00:11:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:89:80:f5:7a:79:5d:ca:8d:86:07:84:80:4b:bc:7e:3b:ec:fa:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 18 10:11:35 2025 GMT Not After : Jul 17 10:16:35 2026 GMT Subject: CN=572DCD738829B33803B538B8985721007EC07260 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:ce:8c:7a:07:22:9f:f0:94:85:ed:ee:63:23: 93:88:14:9e:cf:c8:c5:fe:ed:ce:79:14:27:1f:11: 1d:b9:6e:ea:92:d4:14:a2:a0:34:6d:25:21:60:82: 26:3d:9c:88:c7:36:6f:d5:7b:e9:b2:f4:d3:14:99: 54:c9:2e:89:26:07:7f:53:88:e8:a9:c5:0e:5a:8a: b4:33:fb:57:5d:27:9c:67:aa:81:b0:1b:9b:c3:bb: 41:d9:1c:1c:d9:80:50:07:94:72:1c:e5:74:b8:c1: 78:b8:a0:b0:16:0d:91:ab:32:70:7e:2e:4a:f8:f6: d3:f0:6a:23:f1:14:a5:e5:a9:79:c1:00:6e:86:d2: 5e:1f:ef:97:bf:46:91:26:4c:9f:80:5c:e0:f6:39: 99:4d:e0:e6:e0:61:92:17:f4:b2:9e:4b:3d:be:a9: ec:8c:86:9b:90:df:29:6c:26:a4:a1:64:be:51:99: c6:94:8d:d0:0b:0b:ca:90:72:33:1f:ca:60:60:dc: 74:04:1e:81:30:61:f4:1f:87:6f:ff:c5:f8:0d:15: 58:97:1f:5a:52:85:8f:12:01:54:ad:11:c2:5b:2d: 6c:5e:35:ca:46:36:15:44:20:2a:c6:8f:45:2c:8c: de:18:99:20:48:d5:df:7f:74:2f:19:55:4a:3c:9d: 21:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:2D:CD:73:88:29:B3:38:03:B5:38:B8:98:57:21:00:7E:C0:72:60 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149713.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:85c0::/32 Signature Algorithm: sha256WithRSAEncryption 8f:d5:20:ea:aa:50:68:95:3e:c2:d8:6d:56:dd:65:63:e5:8a: b0:6c:57:da:93:1f:18:4c:1d:47:72:29:36:90:69:dd:e5:61: 28:12:8e:1a:ab:eb:2b:b2:a7:dc:23:7e:f8:a5:23:66:fb:f9: 66:3f:46:6f:da:1a:d2:11:39:c7:f5:06:a7:a2:74:8d:f9:8b: 27:8a:78:a6:c2:df:f4:08:5c:fc:4f:51:af:1b:83:f5:14:3b: a6:1a:3b:d7:3f:4e:8a:c4:3a:86:84:6c:f8:eb:1c:d2:dd:d3: 15:66:03:ad:c3:e2:f5:75:96:6a:a1:a1:36:ed:dc:9b:83:87: 6d:10:60:ea:46:a3:ee:aa:ea:4b:05:3c:c2:6b:f4:05:10:bf: 9b:07:a8:e6:38:32:af:97:d4:9e:8a:3f:c4:a1:1a:bf:e3:d6: f7:08:37:f0:33:99:9a:ee:ad:e9:50:6a:0a:38:56:cb:7e:6d: a3:80:60:dc:79:4d:75:f8:25:d1:97:73:2c:34:ba:a6:5a:76: 67:24:98:4b:11:d2:13:62:05:54:fe:e8:d9:11:00:3c:0d:bd: 83:62:3e:9d:90:64:d1:af:d2:47:31:80:02:12:ff:19:79:9a: f5:cd:49:07:d8:ea:a6:32:04:b1:ff:79:d7:97:85:af:f8:ca: 19:fd:34:59 -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIUdImA9Xp5XcqNhgeEgEu8fjvs+j4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDcxODEwMTEzNVoX DTI2MDcxNzEwMTYzNVowMzExMC8GA1UEAxMoNTcyRENENzM4ODI5QjMzODAzQjUz OEI4OTg1NzIxMDA3RUMwNzI2MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALTOjHoHIp/wlIXt7mMjk4gUns/Ixf7tznkUJx8RHblu6pLUFKKgNG0lIWCC Jj2ciMc2b9V76bL00xSZVMkuiSYHf1OI6KnFDlqKtDP7V10nnGeqgbAbm8O7Qdkc HNmAUAeUchzldLjBeLigsBYNkasycH4uSvj20/BqI/EUpeWpecEAbobSXh/vl79G kSZMn4Bc4PY5mU3g5uBhkhf0sp5LPb6p7IyGm5DfKWwmpKFkvlGZxpSN0AsLypBy Mx/KYGDcdAQegTBh9B+Hb//F+A0VWJcfWlKFjxIBVK0RwlstbF41ykY2FUQgKsaP RSyM3hiZIEjV3390LxlVSjydIZ8CAwEAAaOCAdEwggHNMB0GA1UdDgQWBBRXLc1z iCmzOAO1OLiYVyEAfsByYDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTcxMy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQGhcAwDQYJKoZIhvcNAQELBQADggEBAI/VIOqqUGiVPsLYbVbd ZWPlirBsV9qTHxhMHUdyKTaQad3lYSgSjhqr6yuyp9wjfvilI2b7+WY/Rm/aGtIR Ocf1BqeidI35iyeKeKbC3/QIXPxPUa8bg/UUO6YaO9c/TorEOoaEbPjrHNLd0xVm A63D4vV1lmqhoTbt3JuDh20QYOpGo+6q6ksFPMJr9AUQv5sHqOY4Mq+X1J6KP8Sh Gr/j1vcIN/AzmZrurelQago4Vst+baOAYNx5TXX4JdGXcyw0uqZadmckmEsR0hNi BVT+6NkRADwNvYNiPp2QZNGv0kcxgAIS/xl5mvXNSQfY6qYyBLH/edeXha/4yhn9 NFk= -----END CERTIFICATE-----Generated at Sun Jul 20 23:56:33 2025 by rpki-client