$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149930.roa File: AS149930.roa (raw, json) Hash identifier: 0Zbqr8TFkgFZEaj7j1Hcdum4rpc7YrNODtzj04e/EEk= Subject key identifier: A4:3E:4E:6A:65:F5:D8:61:DE:F2:2C:DA:FF:0C:FA:89:87:38:82:9A Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 278D9FE1E68F84FCDD42A91F5D674F02E12DA510 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149930.roa Signing time: Mon 12 May 2025 07:00:00 +0000 ROA not before: Mon 12 May 2025 06:55:00 +0000 ROA not after: Mon 11 May 2026 07:00:00 +0000 asID: 149930 IP address blocks: 2001:df2:a940::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 21:09:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:8d:9f:e1:e6:8f:84:fc:dd:42:a9:1f:5d:67:4f:02:e1:2d:a5:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 12 06:55:00 2025 GMT Not After : May 11 07:00:00 2026 GMT Subject: CN=A43E4E6A65F5D861DEF22CDAFF0CFA898738829A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:ab:11:38:bf:f4:96:62:bb:05:93:ae:83:c3: f9:d5:e2:5c:9b:48:db:a2:3e:e6:73:05:4a:f7:1b: 5d:61:87:c6:b2:93:1e:06:33:f1:20:10:4a:de:9c: c3:8b:c0:f6:76:f0:40:fb:42:69:e7:24:7e:bd:9a: 88:24:79:b7:33:41:3a:d3:a9:6b:b9:43:5e:e5:e5: d1:4a:07:2e:99:5d:86:09:88:43:ca:fd:e1:f8:a5: 73:95:82:42:7a:c6:cb:1d:78:0e:0d:dd:2e:c1:69: 7b:ce:68:16:1e:6a:58:ef:f1:fe:3c:b7:93:56:ee: 79:00:f5:70:7c:45:db:f3:96:71:51:34:24:3b:64: 42:c5:32:bb:f5:88:d8:c9:07:4c:cb:f0:cc:3d:b5: 7c:87:4f:c3:c7:1d:e1:dd:f3:b0:9d:86:9d:1c:f1: 63:8e:62:a3:84:d7:7d:43:a8:8b:cf:a5:64:ac:0d: f0:eb:5b:de:7b:11:60:68:31:5c:45:fe:1c:6a:0c: c3:21:f8:fc:c9:64:1b:c5:5e:db:23:3e:0f:08:04: 90:d6:ee:52:67:86:01:07:67:36:ef:fd:87:3c:87: 60:80:5d:73:47:44:00:aa:12:8f:ad:fb:35:31:3f: 6d:12:68:64:79:1c:2e:73:ce:b1:a2:7e:c8:7c:e8: e2:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:3E:4E:6A:65:F5:D8:61:DE:F2:2C:DA:FF:0C:FA:89:87:38:82:9A X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149930.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:a940::/48 Signature Algorithm: sha256WithRSAEncryption 00:d2:be:91:c5:19:de:7b:78:dd:fc:27:62:31:9a:47:f6:08: 6b:e1:7f:8c:6a:a3:83:30:6f:84:6e:5f:87:d2:21:85:da:79: 2e:70:6a:ce:a5:51:07:a1:4f:61:c9:82:75:64:08:7d:02:05: 2f:82:91:14:53:30:02:c2:d5:14:6a:e6:22:cd:a7:9a:8f:94: ad:dd:3b:0e:cc:d8:5a:0b:b2:41:34:bc:aa:45:94:7c:a7:26: 41:c5:a8:a9:c6:d7:1e:58:8d:75:80:c9:d8:c8:a4:be:73:25: 80:10:18:35:ff:cc:12:4d:05:b4:26:00:5d:89:1a:3f:00:e8: b5:d3:27:9d:1a:3f:1d:79:f3:b0:4b:b2:a4:79:e8:34:1b:3c: 3a:7d:83:e3:2d:48:5f:cf:f7:9f:21:f2:93:3e:47:da:1f:cc: ff:cb:e2:1a:0a:41:d9:44:8b:84:9a:55:cb:43:5b:39:af:5c: 91:07:95:06:4d:1d:6f:42:9d:f9:04:65:93:fc:1b:95:f6:8c: 05:32:e1:51:97:52:d2:dd:5d:ad:f2:49:11:bd:9c:ee:a3:fe: 32:6c:f3:cd:1e:78:44:1f:5f:b2:94:27:4a:49:59:98:05:07: 7e:20:0a:ad:2f:1c:2b:37:9d:ed:36:4d:98:88:17:86:4f:29: 2d:03:ac:4d -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUJ42f4eaPhPzdQqkfXWdPAuEtpRAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUxMjA2NTUwMFoX DTI2MDUxMTA3MDAwMFowMzExMC8GA1UEAxMoQTQzRTRFNkE2NUY1RDg2MURFRjIy Q0RBRkYwQ0ZBODk4NzM4ODI5QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMGrETi/9JZiuwWTroPD+dXiXJtI26I+5nMFSvcbXWGHxrKTHgYz8SAQSt6c w4vA9nbwQPtCaeckfr2aiCR5tzNBOtOpa7lDXuXl0UoHLpldhgmIQ8r94filc5WC QnrGyx14Dg3dLsFpe85oFh5qWO/x/jy3k1bueQD1cHxF2/OWcVE0JDtkQsUyu/WI 2MkHTMvwzD21fIdPw8cd4d3zsJ2GnRzxY45io4TXfUOoi8+lZKwN8Otb3nsRYGgx XEX+HGoMwyH4/MlkG8Ve2yM+DwgEkNbuUmeGAQdnNu/9hzyHYIBdc0dEAKoSj637 NTE/bRJoZHkcLnPOsaJ+yHzo4m8CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBSkPk5q ZfXYYd7yLNr/DPqJhziCmjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTkzMC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfKpQDANBgkqhkiG9w0BAQsFAAOCAQEAANK+kcUZ3nt43fwn YjGaR/YIa+F/jGqjgzBvhG5fh9Ihhdp5LnBqzqVRB6FPYcmCdWQIfQIFL4KRFFMw AsLVFGrmIs2nmo+Urd07DszYWguyQTS8qkWUfKcmQcWoqcbXHliNdYDJ2MikvnMl gBAYNf/MEk0FtCYAXYkaPwDotdMnnRo/HXnzsEuypHnoNBs8On2D4y1IX8/3nyHy kz5H2h/M/8viGgpB2USLhJpVy0NbOa9ckQeVBk0db0Kd+QRlk/wblfaMBTLhUZdS 0t1drfJJEb2c7qP+MmzzzR54RB9fspQnSklZmAUHfiAKrS8cKzed7TZNmIgXhk8p LQOsTQ== -----END CERTIFICATE-----Generated at Tue Jun 3 23:10:55 2025 by rpki-client