$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149344.roa File: AS149344.roa (raw, json) Hash identifier: DC5zAUcSGiw5A6sMwmgDnGS66XiMXKMOZgxZDjCvVfs= Subject key identifier: 69:62:E2:96:90:F0:7D:5E:39:C0:C2:88:A0:AA:A0:82:DD:40:3C:B1 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 61294D79A359D6F27D76F093A675B71C3919B0AB Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149344.roa Signing time: Tue 16 Sep 2025 05:00:00 +0000 ROA not before: Tue 16 Sep 2025 04:55:00 +0000 ROA not after: Tue 15 Sep 2026 05:00:00 +0000 asID: 149344 IP address blocks: 2001:df0:d240::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 17:51:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:29:4d:79:a3:59:d6:f2:7d:76:f0:93:a6:75:b7:1c:39:19:b0:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 16 04:55:00 2025 GMT Not After : Sep 15 05:00:00 2026 GMT Subject: CN=6962E29690F07D5E39C0C288A0AAA082DD403CB1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:f9:9b:b3:f8:1e:9f:b2:76:af:d6:8f:ef:ea: 1d:35:27:3a:de:df:9c:4c:3d:34:b6:03:e1:ce:f2: 24:8d:44:cf:6e:ac:16:5a:11:a8:fb:59:06:0b:6d: 7f:7f:8a:64:27:e4:a3:a3:f3:e4:09:18:89:95:8d: f2:93:63:d0:b6:02:b7:53:64:95:d5:2f:bf:de:89: e5:e5:89:57:67:37:a5:84:c8:97:7f:e7:c9:8f:4d: 4b:92:1d:0a:33:52:14:3f:cd:8a:53:5e:3f:16:1c: 9f:ac:f7:f9:a6:30:2e:3a:d8:fa:1b:a5:87:30:0b: 7f:8f:31:e1:47:52:ac:8d:5d:50:44:db:20:65:c6: 8a:ae:2c:61:19:6c:68:aa:bb:d4:d5:f0:14:cd:74: 73:72:0a:50:40:12:3a:a4:47:5c:58:46:f4:30:92: 25:8b:cd:ff:9d:74:99:59:85:ea:7c:62:cf:7b:af: 57:7f:ea:95:2b:f1:c5:e2:ac:15:bf:b4:9f:98:85: 96:02:99:3a:e8:ac:15:a0:28:4f:54:5e:56:32:a7: 6d:e1:b0:3e:6f:a2:f2:52:c3:91:6a:87:dd:85:cc: 05:76:d9:e8:78:56:16:04:bb:f0:d6:e0:51:6a:5a: 44:c7:06:6f:a8:83:55:8e:ce:bb:81:81:2b:b6:82: 6b:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:62:E2:96:90:F0:7D:5E:39:C0:C2:88:A0:AA:A0:82:DD:40:3C:B1 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149344.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df0:d240::/48 Signature Algorithm: sha256WithRSAEncryption 11:76:2b:28:d1:5f:6c:5f:46:f3:a0:01:1c:c3:08:24:c5:6e: 78:a1:bd:23:24:c8:84:b1:e9:3b:99:e2:56:35:d4:9f:6a:1b: a5:48:25:68:52:e5:3e:fd:70:c4:7d:52:aa:a7:c3:f8:27:25: dd:28:29:4d:b5:d2:40:45:81:78:91:f6:58:5b:73:13:56:3a: 62:72:aa:2a:1d:2b:81:ea:3c:7c:6b:df:2f:b3:47:b1:be:cf: a4:f0:b8:d6:4c:67:ac:ad:40:35:dd:44:e7:7d:d8:f6:b7:4c: db:32:21:5e:52:a1:aa:14:90:6d:51:2d:0b:63:d8:0e:43:06: 4e:a1:22:78:c0:2f:94:1e:18:18:eb:1e:2a:44:46:db:9a:bf: 44:73:51:45:2e:cb:5b:83:fc:de:14:1c:1b:51:5a:1a:bb:86: 78:e6:d6:59:65:b0:ec:81:f5:ac:f6:cb:7d:0d:fd:25:7f:dd: 6e:08:da:6d:50:de:6d:eb:84:1b:5c:cc:01:63:af:4b:0e:22: aa:5d:60:1f:06:1d:9f:d4:68:62:f1:5e:c0:8e:15:b6:a7:2d: 80:09:de:20:2e:8c:46:f4:25:cc:5a:ee:14:61:dd:ff:a3:e4: 35:85:fd:83:72:03:67:5e:eb:2c:0e:fe:11:c4:22:3b:12:18: 67:9b:d3:b5 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUYSlNeaNZ1vJ9dvCTpnW3HDkZsKswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDkxNjA0NTUwMFoX DTI2MDkxNTA1MDAwMFowMzExMC8GA1UEAxMoNjk2MkUyOTY5MEYwN0Q1RTM5QzBD Mjg4QTBBQUEwODJERDQwM0NCMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKj5m7P4Hp+ydq/Wj+/qHTUnOt7fnEw9NLYD4c7yJI1Ez26sFloRqPtZBgtt f3+KZCfko6Pz5AkYiZWN8pNj0LYCt1NkldUvv96J5eWJV2c3pYTIl3/nyY9NS5Id CjNSFD/NilNePxYcn6z3+aYwLjrY+hulhzALf48x4UdSrI1dUETbIGXGiq4sYRls aKq71NXwFM10c3IKUEASOqRHXFhG9DCSJYvN/510mVmF6nxiz3uvV3/qlSvxxeKs Fb+0n5iFlgKZOuisFaAoT1ReVjKnbeGwPm+i8lLDkWqH3YXMBXbZ6HhWFgS78Nbg UWpaRMcGb6iDVY7Ou4GBK7aCa8kCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBRpYuKW kPB9XjnAwoigqqCC3UA8sTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTM0NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfDSQDANBgkqhkiG9w0BAQsFAAOCAQEAEXYrKNFfbF9G86AB HMMIJMVueKG9IyTIhLHpO5niVjXUn2obpUglaFLlPv1wxH1SqqfD+Ccl3SgpTbXS QEWBeJH2WFtzE1Y6YnKqKh0rgeo8fGvfL7NHsb7PpPC41kxnrK1ANd1E533Y9rdM 2zIhXlKhqhSQbVEtC2PYDkMGTqEieMAvlB4YGOseKkRG25q/RHNRRS7LW4P83hQc G1FaGruGeObWWWWw7IH1rPbLfQ39JX/dbgjabVDebeuEG1zMAWOvSw4iql1gHwYd n9RoYvFewI4VtqctgAneIC6MRvQlzFruFGHd/6PkNYX9g3IDZ17rLA7+EcQiOxIY Z5vTtQ== -----END CERTIFICATE-----Generated at Sun Oct 19 12:51:39 2025 by rpki-client