$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150501.roa File: AS150501.roa (raw, json) Hash identifier: r4bPd7jbCpnWz3KadexMZbc6UHrsoqz5g5xk6l6pzTs= Subject key identifier: 8E:C8:31:C1:E3:5B:4E:BB:F5:6C:AD:CD:8C:F9:9E:D6:9A:3B:DF:74 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4AD4713E4F54F5FDC790D33A94B5A48DD57996C2 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150501.roa Signing time: Wed 02 Jul 2025 08:00:00 +0000 ROA not before: Wed 02 Jul 2025 07:55:00 +0000 ROA not after: Wed 01 Jul 2026 08:00:00 +0000 asID: 150501 IP address blocks: 2001:df2:2140::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Nov 2025 09:50:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:d4:71:3e:4f:54:f5:fd:c7:90:d3:3a:94:b5:a4:8d:d5:79:96:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 2 07:55:00 2025 GMT Not After : Jul 1 08:00:00 2026 GMT Subject: CN=8EC831C1E35B4EBBF56CADCD8CF99ED69A3BDF74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:d7:55:13:1c:a5:a8:67:9c:85:9d:bd:cf:3c: 41:fc:cb:0c:e7:22:ed:e9:5a:b8:92:13:5f:ee:5c: 0c:c9:05:19:59:b3:7d:a5:9a:8f:ed:26:23:de:6e: ba:d6:f6:6c:f1:f2:38:98:00:32:95:e3:9a:91:32: 7a:3b:5f:e9:15:9b:d0:3e:7b:b8:8b:ba:91:5f:63: ae:bd:35:92:18:69:1d:14:e8:3d:51:ae:b1:2a:3c: d0:ca:1b:b3:cf:57:46:43:84:66:4c:5b:3f:09:f3: f9:4c:af:f0:67:8e:51:76:4d:5b:f9:7f:cc:27:9c: bd:f1:f5:db:cc:db:7c:2a:8b:6c:ca:a8:a3:5f:a7: 56:a9:04:89:6f:9b:25:9d:d5:e6:99:c3:16:85:d1: 24:9b:0d:c0:8f:c2:d0:cb:44:c3:fa:0c:a9:b7:1d: bc:82:ab:8a:db:ac:0d:72:81:99:01:b7:95:10:27: 8f:6a:8d:b3:ec:e7:f9:9c:fe:8f:1c:d7:6a:d0:4c: 75:db:22:f0:f4:be:10:16:53:dc:ec:ee:ff:ed:42: 35:eb:12:a2:05:58:b2:dc:a0:ce:b2:a7:d1:60:cd: bb:ec:d3:bb:6b:ee:f2:11:ef:c5:cd:60:a0:65:c8: af:1c:c6:4d:04:8c:e0:aa:e1:98:ff:61:7d:ce:0f: f0:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:C8:31:C1:E3:5B:4E:BB:F5:6C:AD:CD:8C:F9:9E:D6:9A:3B:DF:74 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150501.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:2140::/48 Signature Algorithm: sha256WithRSAEncryption 02:aa:7e:cc:4d:a8:34:5a:15:e1:67:95:96:82:a1:84:3f:34: c1:da:d9:4d:04:52:12:42:82:ed:96:4a:34:ca:1b:a6:8e:ad: cb:66:75:15:1b:47:57:2f:97:55:28:86:5b:2f:fe:06:2e:1e: e0:c2:4e:4c:64:ed:df:bf:e0:e7:4d:bf:18:e5:85:a5:06:94: 33:e3:8d:b4:cb:c0:fa:46:e0:c5:a5:91:88:fe:61:17:2b:ba: 0b:f7:00:f0:bb:a5:78:e9:e6:cd:9a:ef:1f:79:6a:18:f9:5b: b9:74:2c:99:50:27:7a:f9:a8:a0:be:02:d7:bd:43:da:4d:39: b5:45:87:b0:c7:19:96:23:7e:b2:5b:bd:da:e4:bd:96:92:c7: 54:14:b1:d2:e0:bf:d5:64:1b:94:d3:60:27:4f:63:28:2b:fd: 25:bc:3e:24:c7:f5:d7:73:38:53:69:8c:f9:12:fc:55:c4:12: 8f:81:55:dd:b1:4c:1a:83:43:1c:54:d3:9f:61:42:53:76:3d: 02:f1:bc:3f:2e:e6:7b:f0:a8:98:50:ea:a0:a3:6c:71:95:55: cf:61:c1:21:58:a6:f1:f9:ad:8f:3d:e0:fc:db:98:93:39:44: fc:7a:02:8a:53:b8:3a:d8:37:10:36:e5:63:d9:a5:02:28:ff: 99:7a:1c:96 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUStRxPk9U9f3HkNM6lLWkjdV5lsIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDcwMjA3NTUwMFoX DTI2MDcwMTA4MDAwMFowMzExMC8GA1UEAxMoOEVDODMxQzFFMzVCNEVCQkY1NkNB RENEOENGOTlFRDY5QTNCREY3NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALXXVRMcpahnnIWdvc88QfzLDOci7elauJITX+5cDMkFGVmzfaWaj+0mI95u utb2bPHyOJgAMpXjmpEyejtf6RWb0D57uIu6kV9jrr01khhpHRToPVGusSo80Mob s89XRkOEZkxbPwnz+Uyv8GeOUXZNW/l/zCecvfH128zbfCqLbMqoo1+nVqkEiW+b JZ3V5pnDFoXRJJsNwI/C0MtEw/oMqbcdvIKritusDXKBmQG3lRAnj2qNs+zn+Zz+ jxzXatBMddsi8PS+EBZT3Ozu/+1CNesSogVYstygzrKn0WDNu+zTu2vu8hHvxc1g oGXIrxzGTQSM4KrhmP9hfc4P8IsCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBSOyDHB 41tOu/Vsrc2M+Z7WmjvfdDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MDUwMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfIhQDANBgkqhkiG9w0BAQsFAAOCAQEAAqp+zE2oNFoV4WeV loKhhD80wdrZTQRSEkKC7ZZKNMobpo6ty2Z1FRtHVy+XVSiGWy/+Bi4e4MJOTGTt 37/g502/GOWFpQaUM+ONtMvA+kbgxaWRiP5hFyu6C/cA8LuleOnmzZrvH3lqGPlb uXQsmVAnevmooL4C171D2k05tUWHsMcZliN+slu92uS9lpLHVBSx0uC/1WQblNNg J09jKCv9Jbw+JMf113M4U2mM+RL8VcQSj4FV3bFMGoNDHFTTn2FCU3Y9AvG8Py7m e/ComFDqoKNscZVVz2HBIVim8fmtjz3g/NuYkzlE/HoCilO4Otg3EDblY9mlAij/ mXoclg== -----END CERTIFICATE-----Generated at Sat Nov 1 11:03:49 2025 by rpki-client