$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149385.roa File: AS149385.roa (raw, json) Hash identifier: bM6NrJJ4D5JoME8jpJbTUZdwa5Tbe7KrFao900AiyyQ= Subject key identifier: 9D:D4:EA:FE:55:AB:DB:30:B9:5C:3F:24:17:FB:DF:5F:72:71:66:49 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 6FE23E1BF3A335609272D79E9213C3CBD3794F2A Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149385.roa Signing time: Mon 28 Apr 2025 04:00:00 +0000 ROA not before: Mon 28 Apr 2025 03:55:00 +0000 ROA not after: Mon 27 Apr 2026 04:00:00 +0000 asID: 149385 IP address blocks: 103.178.223.0/24 maxlen: 24 103.205.185.0/24 maxlen: 24 2001:df2:1ac0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:41:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:e2:3e:1b:f3:a3:35:60:92:72:d7:9e:92:13:c3:cb:d3:79:4f:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Apr 28 03:55:00 2025 GMT Not After : Apr 27 04:00:00 2026 GMT Subject: CN=9DD4EAFE55ABDB30B95C3F2417FBDF5F72716649 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fd:48:64:b5:6f:e4:c3:2f:f4:d9:6c:23:ea:01: 4f:c0:e8:5f:ae:38:46:d9:f4:d2:c1:d4:4d:6e:10: 5f:3d:22:1b:65:2b:0d:e7:77:94:44:8c:98:5d:9e: e0:e7:c4:85:0e:18:9e:24:ac:54:7c:36:e0:2c:3b: 47:7e:a3:8c:81:50:f6:a2:80:07:f9:99:94:ee:24: 6a:36:dc:af:f7:b2:a5:90:4e:39:31:9f:87:ec:cb: 72:f7:38:96:7e:c1:01:fc:87:3b:34:db:27:90:23: 83:77:8d:9d:6a:e0:e5:93:5f:81:fa:e1:7c:16:35: be:72:2b:dc:ac:fb:5e:80:84:d7:98:82:e6:1d:31: 58:d3:b4:83:d7:59:03:15:fe:0e:90:ad:c6:41:10: a7:f5:76:e5:a3:76:a6:57:ab:a0:e9:b0:e5:e0:6a: 23:62:7f:c9:4c:73:3c:72:ad:19:5d:c3:e5:65:cd: d0:42:98:4d:0e:e5:15:f4:43:b3:3e:46:d7:be:66: 14:d7:7f:dd:5f:fb:8a:20:cb:be:ab:29:fd:9c:8c: 84:7e:93:bf:be:5c:1d:f8:4e:a9:4f:cc:20:76:10: 93:a0:1d:a1:0a:ec:03:25:0c:df:37:cf:de:1c:a6: 34:2b:63:6d:64:ca:f7:c9:e4:c4:be:99:62:8c:1d: 91:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:D4:EA:FE:55:AB:DB:30:B9:5C:3F:24:17:FB:DF:5F:72:71:66:49 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149385.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.178.223.0/24 103.205.185.0/24 IPv6: 2001:df2:1ac0::/48 Signature Algorithm: sha256WithRSAEncryption 8e:a9:6e:17:e0:26:66:39:c6:0d:ad:94:d6:e8:6b:81:e6:1d: 37:69:d5:3c:60:e7:b3:d8:76:95:2c:4d:bf:1f:82:84:a5:f5: 73:49:c4:5a:71:ca:b5:f2:ff:35:e5:98:73:40:8b:de:62:bc: 7a:b4:cd:39:df:3b:55:29:3e:e3:d5:c7:5d:85:70:a9:55:41: 4b:92:22:7e:19:4d:2d:bc:46:c6:db:82:9e:b2:79:50:66:26: 8e:46:ae:87:cb:7d:70:ef:3d:90:60:83:ec:4d:d3:fe:d5:93: a0:e2:bd:cd:7f:7a:86:57:66:c8:87:3a:b1:92:05:7a:07:ee: 2e:f0:cf:e0:15:e9:9d:fa:48:e0:0f:65:12:a8:79:9f:4e:a4: d0:be:30:1c:50:bb:99:d9:a1:b3:ea:0a:84:42:98:e5:6f:4e: ef:11:e4:0b:01:28:ec:13:da:69:28:b4:bb:52:72:63:b0:09: 79:04:1c:f4:b3:64:52:ae:e3:b6:f6:d9:8c:34:4c:68:2c:e6: 19:a4:a6:aa:aa:27:80:a5:f4:38:91:cd:bb:4a:cb:f2:af:4b: fe:0a:82:eb:a0:b4:b1:cd:d8:63:f2:ce:e6:a4:66:fb:4f:b8: 25:64:5c:e2:d3:1f:73:fa:b7:3b:0f:88:40:0a:00:1d:fe:2b: a5:ea:5c:ee -----BEGIN CERTIFICATE----- MIIE9DCCA9ygAwIBAgIUb+I+G/OjNWCScteekhPDy9N5TyowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDQyODAzNTUwMFoX DTI2MDQyNzA0MDAwMFowMzExMC8GA1UEAxMoOURENEVBRkU1NUFCREIzMEI5NUMz RjI0MTdGQkRGNUY3MjcxNjY0OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAP1IZLVv5MMv9NlsI+oBT8DoX644Rtn00sHUTW4QXz0iG2UrDed3lESMmF2e 4OfEhQ4YniSsVHw24Cw7R36jjIFQ9qKAB/mZlO4kajbcr/eypZBOOTGfh+zLcvc4 ln7BAfyHOzTbJ5Ajg3eNnWrg5ZNfgfrhfBY1vnIr3Kz7XoCE15iC5h0xWNO0g9dZ AxX+DpCtxkEQp/V25aN2pleroOmw5eBqI2J/yUxzPHKtGV3D5WXN0EKYTQ7lFfRD sz5G175mFNd/3V/7iiDLvqsp/ZyMhH6Tv75cHfhOqU/MIHYQk6AdoQrsAyUM3zfP 3hymNCtjbWTK98nkxL6ZYowdkRECAwEAAaOCAecwggHjMB0GA1UdDgQWBBSd1Or+ VavbMLlcPyQX+99fcnFmSTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTM4NS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2BggrBgEFBQcBBwEB/wQnMCUw EgQCAAEwDAMEAGey3wMEAGfNuTAPBAIAAjAJAwcAIAEN8hrAMA0GCSqGSIb3DQEB CwUAA4IBAQCOqW4X4CZmOcYNrZTW6GuB5h03adU8YOez2HaVLE2/H4KEpfVzScRa ccq18v815ZhzQIveYrx6tM053ztVKT7j1cddhXCpVUFLkiJ+GU0tvEbG24KesnlQ ZiaORq6Hy31w7z2QYIPsTdP+1ZOg4r3Nf3qGV2bIhzqxkgV6B+4u8M/gFemd+kjg D2USqHmfTqTQvjAcULuZ2aGz6gqEQpjlb07vEeQLASjsE9ppKLS7UnJjsAl5BBz0 s2RSruO29tmMNExoLOYZpKaqqieApfQ4kc27Ssvyr0v+CoLroLSxzdhj8s7mpGb7 T7glZFzi0x9z+rc7D4hACgAd/iul6lzu -----END CERTIFICATE-----Generated at Tue Jun 3 23:11:18 2025 by rpki-client