$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149880.roa File: AS149880.roa (raw, json) Hash identifier: xWNN5VcnMXAsuq69e+zSD6RX0CP1lyxCsmEMxRSnCg8= Subject key identifier: D8:F9:2F:B2:D7:BF:68:23:68:1B:D5:70:AB:66:8B:12:B5:13:AB:35 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 79F3A614A49321ACB5355581B22B2870BFA13D69 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149880.roa Signing time: Fri 18 Jul 2025 10:00:00 +0000 ROA not before: Fri 18 Jul 2025 09:55:00 +0000 ROA not after: Fri 17 Jul 2026 10:00:00 +0000 asID: 149880 IP address blocks: 2001:df2:eac0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Jul 2025 00:11:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:f3:a6:14:a4:93:21:ac:b5:35:55:81:b2:2b:28:70:bf:a1:3d:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 18 09:55:00 2025 GMT Not After : Jul 17 10:00:00 2026 GMT Subject: CN=D8F92FB2D7BF6823681BD570AB668B12B513AB35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:02:e4:7c:ea:a0:3a:14:fa:80:d7:43:52:24: 6e:1e:bd:7d:25:fd:1b:fd:4d:ac:40:8c:48:ef:e3: e3:21:51:f9:e5:e2:70:ad:ca:e2:f2:d6:c2:79:ee: 8a:df:4e:0f:8b:b0:c3:6a:b8:be:10:ce:0c:38:a4: 4a:0d:49:c7:99:cc:24:63:1a:52:99:fd:1d:eb:b0: b6:ea:96:c1:8e:16:ce:8d:40:37:56:a3:f0:e9:c7: 76:21:a3:a4:0c:c8:9f:32:02:f6:56:34:51:44:6e: ea:ea:04:ec:0f:42:a0:ca:71:0e:34:80:fd:50:07: d7:b3:75:d1:ca:cc:34:c0:4f:b7:4d:22:73:b7:be: 34:ab:01:22:cc:16:44:33:dc:f0:0b:a8:dc:1f:54: 5d:77:63:02:c2:5a:2c:c1:59:b6:67:2a:7e:27:68: a2:18:73:f4:19:fe:a0:be:b3:a1:2b:04:17:47:9b: 33:97:b0:7a:2b:0e:3e:12:a2:0d:3a:45:24:eb:cf: 02:70:a9:31:a7:fb:df:f1:40:56:e8:87:d8:32:73: 4b:93:8b:14:cb:30:8d:b0:b3:0b:a8:56:33:5a:ed: a5:89:b9:a0:e4:47:25:22:6e:7f:66:af:d8:31:d6: e6:65:0c:bb:f9:c7:84:46:8f:ad:8b:49:04:72:58: 4e:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:F9:2F:B2:D7:BF:68:23:68:1B:D5:70:AB:66:8B:12:B5:13:AB:35 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149880.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:eac0::/48 Signature Algorithm: sha256WithRSAEncryption 08:69:9b:a8:90:7b:bb:d6:e9:09:4f:80:af:74:3f:f9:b6:63: fa:fe:53:7b:8f:13:d8:e0:d2:5b:21:73:f7:c0:2a:c1:87:2d: e8:77:32:1f:bf:e9:9c:92:a0:cc:ff:4f:43:a6:fe:7d:34:bf: e9:ed:d1:81:7d:03:4e:2d:f5:f8:2c:ed:93:ac:7d:2e:ba:9b: b2:c8:fb:30:9c:3d:da:9d:df:8b:d6:43:1f:89:5e:d7:e4:6a: 29:c7:65:dd:10:1e:67:64:61:97:44:cf:dc:12:fa:41:35:03: 45:88:db:df:e3:6e:e6:be:32:78:55:29:9b:b0:63:8c:d6:db: cf:9c:72:30:94:6d:61:d3:ee:7a:e3:eb:13:fa:74:96:a8:cc: 34:6c:89:15:c9:d8:fb:da:4c:98:85:02:55:d0:7b:26:67:9c: 7d:a4:80:fa:7f:fb:b1:d4:b6:41:39:6e:54:6e:fb:a7:4b:89: 6a:bc:b3:b3:c3:44:de:bb:33:8a:5c:ac:b5:c9:76:5b:0f:14: 2e:55:85:70:ed:2c:02:f0:16:c9:ec:98:22:22:8a:70:fa:46: d2:fb:36:28:06:7f:75:48:3d:73:a5:56:49:01:bd:61:f4:7b: 80:84:5c:df:f9:ca:6f:8f:02:00:91:56:0a:c2:da:7c:1a:3c: 8f:7d:2d:47 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUefOmFKSTIay1NVWBsisocL+hPWkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDcxODA5NTUwMFoX DTI2MDcxNzEwMDAwMFowMzExMC8GA1UEAxMoRDhGOTJGQjJEN0JGNjgyMzY4MUJE NTcwQUI2NjhCMTJCNTEzQUIzNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANYC5HzqoDoU+oDXQ1Ikbh69fSX9G/1NrECMSO/j4yFR+eXicK3K4vLWwnnu it9OD4uww2q4vhDODDikSg1Jx5nMJGMaUpn9HeuwtuqWwY4Wzo1AN1aj8OnHdiGj pAzInzIC9lY0UURu6uoE7A9CoMpxDjSA/VAH17N10crMNMBPt00ic7e+NKsBIswW RDPc8Auo3B9UXXdjAsJaLMFZtmcqfidoohhz9Bn+oL6zoSsEF0ebM5eweisOPhKi DTpFJOvPAnCpMaf73/FAVuiH2DJzS5OLFMswjbCzC6hWM1rtpYm5oORHJSJuf2av 2DHW5mUMu/nHhEaPrYtJBHJYTusCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBTY+S+y 179oI2gb1XCrZosStROrNTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTg4MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfLqwDANBgkqhkiG9w0BAQsFAAOCAQEACGmbqJB7u9bpCU+A r3Q/+bZj+v5Te48T2ODSWyFz98AqwYct6HcyH7/pnJKgzP9PQ6b+fTS/6e3RgX0D Ti31+Cztk6x9Lrqbssj7MJw92p3fi9ZDH4le1+RqKcdl3RAeZ2Rhl0TP3BL6QTUD RYjb3+Nu5r4yeFUpm7BjjNbbz5xyMJRtYdPueuPrE/p0lqjMNGyJFcnY+9pMmIUC VdB7JmecfaSA+n/7sdS2QTluVG77p0uJaryzs8NE3rszilystcl2Ww8ULlWFcO0s AvAWyeyYIiKKcPpG0vs2KAZ/dUg9c6VWSQG9YfR7gIRc3/nKb48CAJFWCsLafBo8 j30tRw== -----END CERTIFICATE-----Generated at Mon Jul 21 00:02:27 2025 by rpki-client