$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150931.roa File: AS150931.roa (raw, json) Hash identifier: 7DnjjE2dflrP6bO0gii5hqFuhrnRW5rI6C+W2KTan6k= Subject key identifier: CC:35:F3:3B:5F:C5:7C:17:9E:8A:45:42:D3:A0:F1:75:71:B5:AC:D1 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 7B95DEE95CB7788EAFC3CF39D70FA054F1EA7B4F Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150931.roa Signing time: Fri 11 Jul 2025 04:00:00 +0000 ROA not before: Fri 11 Jul 2025 03:55:00 +0000 ROA not after: Fri 10 Jul 2026 04:00:00 +0000 asID: 150931 IP address blocks: 2001:df2:e540::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Jul 2025 16:16:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:95:de:e9:5c:b7:78:8e:af:c3:cf:39:d7:0f:a0:54:f1:ea:7b:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 11 03:55:00 2025 GMT Not After : Jul 10 04:00:00 2026 GMT Subject: CN=CC35F33B5FC57C179E8A4542D3A0F17571B5ACD1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:df:d8:49:3d:23:bd:0e:a8:d5:7c:af:75:ce: 6d:f1:2f:77:97:98:be:d7:46:07:2a:3b:67:d7:49: 9e:d7:be:15:06:da:80:3e:00:cf:6f:a2:fc:dc:40: 44:c5:ec:7c:a7:b7:9c:6b:72:2f:43:55:b4:4f:22: 52:cf:69:83:45:a1:38:c1:dc:24:5d:ef:be:af:0b: c9:80:a9:c3:aa:27:21:eb:d4:1e:4d:07:77:0f:c2: 2e:97:53:1d:46:ac:13:58:de:dc:c9:5c:2e:14:96: a7:c2:b1:ca:d4:c0:63:20:2b:d2:b9:45:5a:73:2f: c7:be:26:d5:9f:41:be:b8:1e:b1:cc:d1:7b:79:65: 02:58:92:d6:6b:b1:da:3e:8a:77:f9:a6:54:55:94: 12:55:e4:86:66:ac:e0:9f:3d:7d:9b:33:e3:61:e8: b6:2e:6e:96:c7:9d:9c:2d:b4:c6:3d:ca:92:54:e2: 96:a0:97:4b:07:1c:76:ae:6c:af:7d:76:5a:0f:46: f8:88:27:3c:70:bb:79:b2:65:b9:43:6e:30:80:c1: d8:5f:fe:5e:68:bd:b2:75:fc:b3:fa:38:13:b7:54: a9:59:b0:60:4b:fe:fd:d9:ea:68:82:cd:c1:dc:a5: 78:da:77:be:fa:78:3d:08:c2:e4:91:93:3e:5e:aa: 3f:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:35:F3:3B:5F:C5:7C:17:9E:8A:45:42:D3:A0:F1:75:71:B5:AC:D1 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150931.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:e540::/48 Signature Algorithm: sha256WithRSAEncryption 44:49:0f:f5:da:01:8f:80:11:87:1a:d0:f2:e5:c3:7f:a6:bb: 5d:31:c5:e0:ee:80:c1:4b:02:48:22:fb:42:74:a4:0e:64:30: ea:86:3d:75:3e:1f:2e:f2:cc:b1:f2:f8:89:16:f6:b1:bc:c3: 57:e7:11:34:1b:2b:7c:7c:9d:07:16:83:c1:dc:62:65:7a:09: 57:59:e5:89:ad:62:4b:23:a6:aa:de:58:c0:85:43:40:ff:67: 0c:02:80:8d:b9:1e:c7:b7:a9:35:a4:02:b5:52:30:af:59:f1: f8:f1:18:ff:35:2d:1a:35:ea:6a:06:c6:06:e6:9a:04:cd:da: 32:6e:e2:16:b0:50:1b:15:3c:40:b5:48:2f:5c:6e:c3:02:de: 11:fb:15:2d:72:93:a1:48:61:28:3c:cb:05:5d:7f:57:7b:e3: 6d:f9:f6:b9:dd:28:e2:52:9b:9c:f9:ef:f6:01:b4:7f:af:92: d8:55:d0:5b:3c:ff:0c:dd:78:c5:40:49:17:69:b8:73:9c:cf: 2f:be:94:3c:77:21:d1:41:83:6f:17:fd:90:0c:81:c4:fe:9c: 2c:d7:f5:53:a5:55:11:88:7c:43:d3:cd:a6:00:d4:bd:03:96: 08:2c:49:bb:3d:36:50:e0:a4:03:b2:aa:db:88:2c:51:bb:58: a6:bc:3a:eb -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUe5Xe6Vy3eI6vw8851w+gVPHqe08wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDcxMTAzNTUwMFoX DTI2MDcxMDA0MDAwMFowMzExMC8GA1UEAxMoQ0MzNUYzM0I1RkM1N0MxNzlFOEE0 NTQyRDNBMEYxNzU3MUI1QUNEMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKXf2Ek9I70OqNV8r3XObfEvd5eYvtdGByo7Z9dJnte+FQbagD4Az2+i/NxA RMXsfKe3nGtyL0NVtE8iUs9pg0WhOMHcJF3vvq8LyYCpw6onIevUHk0Hdw/CLpdT HUasE1je3MlcLhSWp8KxytTAYyAr0rlFWnMvx74m1Z9BvrgesczRe3llAliS1mux 2j6Kd/mmVFWUElXkhmas4J89fZsz42Hoti5ulsednC20xj3KklTilqCXSwccdq5s r312Wg9G+IgnPHC7ebJluUNuMIDB2F/+Xmi9snX8s/o4E7dUqVmwYEv+/dnqaILN wdyleNp3vvp4PQjC5JGTPl6qP7sCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBTMNfM7 X8V8F56KRULToPF1cbWs0TAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MDkzMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfLlQDANBgkqhkiG9w0BAQsFAAOCAQEAREkP9doBj4ARhxrQ 8uXDf6a7XTHF4O6AwUsCSCL7QnSkDmQw6oY9dT4fLvLMsfL4iRb2sbzDV+cRNBsr fHydBxaDwdxiZXoJV1nlia1iSyOmqt5YwIVDQP9nDAKAjbkex7epNaQCtVIwr1nx +PEY/zUtGjXqagbGBuaaBM3aMm7iFrBQGxU8QLVIL1xuwwLeEfsVLXKToUhhKDzL BV1/V3vjbfn2ud0o4lKbnPnv9gG0f6+S2FXQWzz/DN14xUBJF2m4c5zPL76UPHch 0UGDbxf9kAyBxP6cLNf1U6VVEYh8Q9PNpgDUvQOWCCxJuz02UOCkA7Kq24gsUbtY prw66w== -----END CERTIFICATE-----Generated at Sun Jul 20 16:53:28 2025 by rpki-client