$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150222.roa File: AS150222.roa (raw, json) Hash identifier: /gmNEB9WWQI5IJwWOEpLDzKY8LqiPsEVENCtQgGCDfs= Subject key identifier: 93:D8:9E:F0:F9:0B:D5:E8:D0:30:3C:E2:06:26:1E:FF:9D:97:1C:81 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4B3D1900704777F51DF073F27BB14A24545CB3C0 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150222.roa Signing time: Thu 22 May 2025 08:00:00 +0000 ROA not before: Thu 22 May 2025 07:55:00 +0000 ROA not after: Thu 21 May 2026 08:00:00 +0000 asID: 150222 IP address blocks: 2001:df2:9240::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:41:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:3d:19:00:70:47:77:f5:1d:f0:73:f2:7b:b1:4a:24:54:5c:b3:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 22 07:55:00 2025 GMT Not After : May 21 08:00:00 2026 GMT Subject: CN=93D89EF0F90BD5E8D0303CE206261EFF9D971C81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:26:95:f4:50:3f:5b:c3:cf:40:10:77:e0:fc: 8e:65:7c:8c:c3:e8:64:e7:18:3b:7e:e6:fc:76:ff: 19:57:a9:16:c7:9e:ee:b7:a5:7f:7c:2c:c5:06:dc: fe:b1:16:82:f3:a5:30:58:03:90:5e:6f:0a:26:19: e7:9a:9f:53:83:6a:ef:18:de:e8:69:19:1d:4a:43: 40:ba:a2:8b:fe:88:ef:af:58:09:35:0b:b8:84:81: 7d:29:01:fc:2a:e7:72:ea:c5:5d:2b:74:bc:8e:4f: 6c:09:25:57:a0:50:82:c9:1f:9f:c8:26:bf:89:7e: d5:0c:7f:9f:4f:bf:95:70:5e:a2:b9:72:d0:65:a3: ec:aa:0d:8d:bc:d6:82:2e:a6:8c:92:1d:db:00:f1: cd:30:04:b4:d0:67:c8:49:83:ad:5a:6c:95:7f:7f: fb:ce:e6:a7:71:44:6a:85:c9:d4:4d:d5:8d:a4:93: 1a:b3:8a:36:fc:cd:0b:ad:bf:66:9a:1c:e2:24:23: 5e:31:c8:0a:35:5b:ed:78:1e:81:d1:da:c3:5c:24: 1f:90:a0:2d:f6:f6:f8:4a:0a:d7:e6:c7:40:ef:bd: 93:40:ff:a5:77:2c:f2:0b:3d:30:75:34:3d:48:03: 0c:ba:e5:61:d6:82:5c:0b:eb:c0:39:6a:ce:f5:02: f6:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:D8:9E:F0:F9:0B:D5:E8:D0:30:3C:E2:06:26:1E:FF:9D:97:1C:81 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150222.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:9240::/48 Signature Algorithm: sha256WithRSAEncryption 67:3f:a9:93:6b:d5:02:5f:76:4b:ee:55:24:bc:71:f5:cc:9b: 6f:48:17:af:b7:60:1b:e7:c3:57:e5:92:ad:16:65:d0:f7:f7: 28:3b:f5:d8:66:64:f6:9b:df:6f:0d:05:dc:d4:e2:e4:33:64: 5f:bf:e3:4f:30:96:64:ed:ee:cc:ec:17:73:62:8b:09:09:a6: b8:a6:d9:53:5f:81:64:93:eb:be:37:b4:22:90:27:a3:2c:53: b3:2b:0b:89:e4:d7:2f:4d:5b:94:d6:3a:c7:72:cb:1e:74:d2: d0:f5:2c:b4:ab:03:6c:6a:53:af:40:3f:1b:23:5a:22:4c:9e: f7:d6:89:fc:80:52:82:81:67:7d:7f:09:5a:9e:07:d3:5d:7b: 9f:85:24:90:31:33:01:f9:e0:65:49:ca:8f:c4:30:59:53:d2: f4:7b:06:04:f4:2d:d5:1a:7f:be:2a:b2:99:17:1d:da:2a:94: c1:c3:a4:fe:f0:4f:a9:28:87:93:e7:2a:57:83:80:14:5d:d9: 08:eb:86:28:ad:4d:9c:fd:93:f3:89:1f:c1:61:da:84:5e:17: 3b:39:4c:d3:53:52:b4:d8:fb:48:ed:d0:0f:b1:7b:14:88:3e: e0:0c:f5:75:92:3e:ef:74:05:1a:ed:ac:86:bd:8d:89:ed:d9: 2a:0a:37:f5 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUSz0ZAHBHd/Ud8HPye7FKJFRcs8AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUyMjA3NTUwMFoX DTI2MDUyMTA4MDAwMFowMzExMC8GA1UEAxMoOTNEODlFRjBGOTBCRDVFOEQwMzAz Q0UyMDYyNjFFRkY5RDk3MUM4MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN8mlfRQP1vDz0AQd+D8jmV8jMPoZOcYO37m/Hb/GVepFsee7relf3wsxQbc /rEWgvOlMFgDkF5vCiYZ55qfU4Nq7xje6GkZHUpDQLqii/6I769YCTULuISBfSkB /CrncurFXSt0vI5PbAklV6BQgskfn8gmv4l+1Qx/n0+/lXBeorly0GWj7KoNjbzW gi6mjJId2wDxzTAEtNBnyEmDrVpslX9/+87mp3FEaoXJ1E3VjaSTGrOKNvzNC62/ Zpoc4iQjXjHICjVb7XgegdHaw1wkH5CgLfb2+EoK1+bHQO+9k0D/pXcs8gs9MHU0 PUgDDLrlYdaCXAvrwDlqzvUC9v0CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBST2J7w +QvV6NAwPOIGJh7/nZccgTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MDIyMi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfKSQDANBgkqhkiG9w0BAQsFAAOCAQEAZz+pk2vVAl92S+5V JLxx9cybb0gXr7dgG+fDV+WSrRZl0Pf3KDv12GZk9pvfbw0F3NTi5DNkX7/jTzCW ZO3uzOwXc2KLCQmmuKbZU1+BZJPrvje0IpAnoyxTsysLieTXL01blNY6x3LLHnTS 0PUstKsDbGpTr0A/GyNaIkye99aJ/IBSgoFnfX8JWp4H0117n4UkkDEzAfngZUnK j8QwWVPS9HsGBPQt1Rp/viqymRcd2iqUwcOk/vBPqSiHk+cqV4OAFF3ZCOuGKK1N nP2T84kfwWHahF4XOzlM01NStNj7SO3QD7F7FIg+4Az1dZI+73QFGu2shr2Nie3Z Kgo39Q== -----END CERTIFICATE-----Generated at Tue Jun 3 23:12:22 2025 by rpki-client