$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149705.roa File: AS149705.roa (raw, json) Hash identifier: izwD3SpAOOgJE60qezdro5WbLE8++bF76cjhEqB4cMM= Subject key identifier: ED:5A:27:ED:E1:CA:F6:83:C6:02:81:FB:7B:4F:56:BB:9A:A9:5F:7C Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 565CD9BC496C109CC3B5C933D4FB6E3962EC5A02 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149705.roa Signing time: Fri 05 Sep 2025 03:00:00 +0000 ROA not before: Fri 05 Sep 2025 02:55:00 +0000 ROA not after: Fri 04 Sep 2026 03:00:00 +0000 asID: 149705 IP address blocks: 2001:df2:1b40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 17:31:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:5c:d9:bc:49:6c:10:9c:c3:b5:c9:33:d4:fb:6e:39:62:ec:5a:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 5 02:55:00 2025 GMT Not After : Sep 4 03:00:00 2026 GMT Subject: CN=ED5A27EDE1CAF683C60281FB7B4F56BB9AA95F7C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:5e:3a:6b:ed:e9:7a:f2:9a:51:aa:1b:1a:b9: 07:4f:a2:68:ce:b8:e8:28:d2:a6:6b:1f:13:37:07: a6:b3:26:6d:60:b2:fc:05:59:64:e6:01:a0:7f:b4: 89:6d:83:82:24:14:77:3b:38:fe:02:45:88:b8:1c: d9:a7:f7:73:3d:de:4f:de:fc:17:d9:de:7d:87:42: 9a:70:f6:5c:a6:c9:2a:a6:42:eb:c3:3d:e0:21:71: fa:26:12:3b:97:8f:37:85:e7:9c:3c:11:39:50:3c: 48:b5:b1:47:30:cd:c1:ed:3a:17:d1:2f:05:f7:e5: 4e:43:91:de:91:f4:04:39:b9:4f:80:ae:0b:a0:23: 31:db:f8:c3:5c:c7:5f:41:99:38:5d:8f:d2:88:ce: ac:97:50:7d:0f:61:03:48:fb:b1:83:a1:93:08:cf: 86:87:b3:05:13:10:72:61:81:1a:b1:a3:7a:2f:7b: 35:84:f7:70:e5:b4:16:74:6a:e3:0f:78:a6:20:75: 8b:0f:42:b1:86:5d:0c:b5:ca:36:af:e8:65:97:ac: 45:11:8c:aa:73:0a:47:de:e0:fb:c2:bd:db:fa:9d: d5:5f:0f:9c:d3:e0:01:76:c5:61:da:a1:d7:0c:3b: 5e:1b:d2:24:37:76:7a:c0:c1:1e:bb:3a:53:08:ee: 67:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:5A:27:ED:E1:CA:F6:83:C6:02:81:FB:7B:4F:56:BB:9A:A9:5F:7C X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149705.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:1b40::/48 Signature Algorithm: sha256WithRSAEncryption 54:bc:10:68:d1:4f:bf:31:68:19:16:0c:37:22:55:5a:b6:c2: 59:c7:00:e0:17:4f:fb:f9:49:a2:91:95:3a:a5:7b:e0:6c:13: 47:c4:fa:02:ef:31:a0:0d:f2:9e:d6:24:e0:73:42:73:8a:41: e8:a7:ad:f1:8d:2e:e4:5b:95:ec:6c:cf:8e:cd:c3:36:05:fd: 89:b7:4d:24:13:5b:ea:af:fb:21:c4:e6:b6:7d:b8:4a:4a:29: 8c:a8:cd:21:8b:78:fd:90:c0:8f:33:fc:91:6f:b6:7c:db:e0: ff:0b:d6:49:89:b2:64:d2:cf:b4:20:6e:a9:ab:f6:4b:75:70: ac:ff:d8:9a:2a:da:18:b0:39:0d:52:73:6d:e9:e3:b6:c5:b5: 59:95:08:2d:53:a9:c9:50:a5:4e:26:bb:50:4f:22:2c:68:7d: 0c:45:fd:94:5e:ac:36:5a:06:ab:b1:75:81:a7:3e:ce:e0:94: 7c:ae:36:98:1a:4c:04:d3:61:1b:75:fa:ec:83:ff:75:f1:69: 2c:03:c8:d5:6d:41:a8:99:c3:f5:e6:b1:ae:33:77:60:04:05: ed:c2:ec:60:dc:7e:ef:0e:d2:82:08:c1:fb:50:a6:55:a0:73: 21:f8:5f:bd:10:f0:e5:0d:4d:16:f8:f9:f8:8a:ca:a5:1d:0d: f0:3b:3a:94 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUVlzZvElsEJzDtckz1PtuOWLsWgIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDkwNTAyNTUwMFoX DTI2MDkwNDAzMDAwMFowMzExMC8GA1UEAxMoRUQ1QTI3RURFMUNBRjY4M0M2MDI4 MUZCN0I0RjU2QkI5QUE5NUY3QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMpeOmvt6XrymlGqGxq5B0+iaM646CjSpmsfEzcHprMmbWCy/AVZZOYBoH+0 iW2DgiQUdzs4/gJFiLgc2af3cz3eT978F9nefYdCmnD2XKbJKqZC68M94CFx+iYS O5ePN4XnnDwROVA8SLWxRzDNwe06F9EvBfflTkOR3pH0BDm5T4CuC6AjMdv4w1zH X0GZOF2P0ojOrJdQfQ9hA0j7sYOhkwjPhoezBRMQcmGBGrGjei97NYT3cOW0FnRq 4w94piB1iw9CsYZdDLXKNq/oZZesRRGMqnMKR97g+8K92/qd1V8PnNPgAXbFYdqh 1ww7XhvSJDd2esDBHrs6UwjuZxkCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBTtWift 4cr2g8YCgft7T1a7mqlffDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTcwNS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfIbQDANBgkqhkiG9w0BAQsFAAOCAQEAVLwQaNFPvzFoGRYM NyJVWrbCWccA4BdP+/lJopGVOqV74GwTR8T6Au8xoA3yntYk4HNCc4pB6Ket8Y0u 5FuV7GzPjs3DNgX9ibdNJBNb6q/7IcTmtn24SkopjKjNIYt4/ZDAjzP8kW+2fNvg /wvWSYmyZNLPtCBuqav2S3VwrP/YmiraGLA5DVJzbenjtsW1WZUILVOpyVClTia7 UE8iLGh9DEX9lF6sNloGq7F1gac+zuCUfK42mBpMBNNhG3X67IP/dfFpLAPI1W1B qJnD9eaxrjN3YAQF7cLsYNx+7w7SggjB+1CmVaBzIfhfvRDw5Q1NFvj5+IrKpR0N 8Ds6lA== -----END CERTIFICATE-----Generated at Fri Sep 5 08:17:29 2025 by rpki-client