$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150509.roa File: AS150509.roa (raw, json) Hash identifier: Ksc3LhtvnnhGlgbbUrX7RzeH6A66gcNTJmmlHxWm2dU= Subject key identifier: E1:74:2D:BB:43:90:6A:6D:70:6F:CC:FB:D8:9A:AF:6B:17:7D:34:51 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 0C842BA5E4D383DA373F1CE676C1859227B61681 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150509.roa Signing time: Fri 26 Sep 2025 08:20:59 +0000 ROA not before: Fri 26 Sep 2025 08:15:59 +0000 ROA not after: Fri 25 Sep 2026 08:20:59 +0000 asID: 150509 IP address blocks: 2001:df2:dc40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 17:51:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:84:2b:a5:e4:d3:83:da:37:3f:1c:e6:76:c1:85:92:27:b6:16:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 26 08:15:59 2025 GMT Not After : Sep 25 08:20:59 2026 GMT Subject: CN=E1742DBB43906A6D706FCCFBD89AAF6B177D3451 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:15:43:79:17:29:b8:d4:21:c8:71:a1:55:4e: 1e:d4:41:d7:2c:eb:d5:a4:f6:2e:d6:5b:cd:9e:77: f9:18:2e:c3:33:14:c2:c5:fc:e2:2c:d1:84:37:4f: 51:bb:0a:16:eb:d1:42:dd:e2:36:63:6b:7e:c3:b6: 3e:74:7a:f2:7a:da:19:59:49:53:7e:16:a3:29:4a: b6:ca:68:35:e0:aa:02:32:e9:56:14:02:a7:60:93: 5a:ec:61:dd:a1:40:ae:21:73:0a:19:a4:f3:75:90: 13:7a:51:c7:99:07:d0:86:53:28:d5:da:c5:32:87: 98:5f:a2:2a:4b:dd:0c:f1:5b:78:14:91:43:b6:29: 53:32:14:7d:3d:df:e7:b9:f1:1d:7b:3b:45:ee:7e: 91:95:a0:a8:fc:71:17:8b:9f:f4:1c:cd:9c:ac:6e: fa:68:f6:ec:fe:2f:a4:0a:de:2a:47:d1:c3:9c:01: f8:8d:f0:db:7a:3b:3e:55:b7:d0:59:e9:aa:1c:e2: a4:79:fa:a5:7d:0d:14:45:7c:96:e8:74:c4:42:36: 21:c2:31:44:c0:d4:07:e4:17:e4:2b:a9:d6:0e:50: ed:11:f3:82:9c:82:f0:a9:dd:b9:72:94:37:51:26: ce:b4:f8:54:da:e1:c3:3e:5c:98:ea:a7:f3:7f:e4: 12:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:74:2D:BB:43:90:6A:6D:70:6F:CC:FB:D8:9A:AF:6B:17:7D:34:51 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:dc40::/48 Signature Algorithm: sha256WithRSAEncryption 13:98:64:b2:4a:6e:35:e0:91:84:33:bb:a0:b4:27:4f:33:9c: 08:65:0e:5f:4d:80:c4:40:77:db:8c:60:38:93:54:7a:89:3b: 65:53:f1:2b:16:9c:18:14:4a:4d:e1:d9:48:8b:0b:a1:73:50: 7c:13:f0:64:3c:cc:01:17:d7:fc:8b:51:39:56:48:28:1f:7c: 94:c5:43:f4:5a:49:27:15:21:25:9d:fd:ff:f1:93:cd:73:73: 75:4e:90:88:1f:7f:b8:79:d7:b1:8f:a9:8a:e7:fc:3f:2e:ce: ea:c4:c8:07:3a:3d:3f:59:13:ed:1a:1f:2b:1b:60:9d:56:90: 76:bf:27:c7:ea:f5:8c:25:0e:d5:7d:ef:97:e0:29:59:88:eb: bb:d6:f7:7e:7f:d0:74:a7:01:bb:a5:0f:61:54:cc:be:ce:3f: e3:22:13:51:66:76:7c:51:b2:55:9e:fa:f8:d6:50:9f:48:30: ac:03:03:e8:8d:fb:9a:28:ad:8c:40:41:26:c8:06:98:c1:17: f0:d8:80:0a:95:26:e1:86:75:0f:a8:64:e6:d1:45:10:27:76: f7:cb:5a:4e:fb:26:0e:c7:01:a4:e3:c6:c9:d9:e2:5d:d1:a5: a4:7a:30:2e:2d:7a:c0:c7:49:c6:d4:63:f3:34:36:39:9a:5d: 78:79:3f:09 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUDIQrpeTTg9o3PxzmdsGFkie2FoEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDkyNjA4MTU1OVoX DTI2MDkyNTA4MjA1OVowMzExMC8GA1UEAxMoRTE3NDJEQkI0MzkwNkE2RDcwNkZD Q0ZCRDg5QUFGNkIxNzdEMzQ1MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANUVQ3kXKbjUIchxoVVOHtRB1yzr1aT2LtZbzZ53+RguwzMUwsX84izRhDdP UbsKFuvRQt3iNmNrfsO2PnR68nraGVlJU34WoylKtspoNeCqAjLpVhQCp2CTWuxh 3aFAriFzChmk83WQE3pRx5kH0IZTKNXaxTKHmF+iKkvdDPFbeBSRQ7YpUzIUfT3f 57nxHXs7Re5+kZWgqPxxF4uf9BzNnKxu+mj27P4vpAreKkfRw5wB+I3w23o7PlW3 0FnpqhzipHn6pX0NFEV8luh0xEI2IcIxRMDUB+QX5Cup1g5Q7RHzgpyC8KnduXKU N1EmzrT4VNrhwz5cmOqn83/kEncCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBThdC27 Q5BqbXBvzPvYmq9rF300UTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MDUwOS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfLcQDANBgkqhkiG9w0BAQsFAAOCAQEAE5hkskpuNeCRhDO7 oLQnTzOcCGUOX02AxEB324xgOJNUeok7ZVPxKxacGBRKTeHZSIsLoXNQfBPwZDzM ARfX/ItROVZIKB98lMVD9FpJJxUhJZ39//GTzXNzdU6QiB9/uHnXsY+piuf8Py7O 6sTIBzo9P1kT7RofKxtgnVaQdr8nx+r1jCUO1X3vl+ApWYjru9b3fn/QdKcBu6UP YVTMvs4/4yITUWZ2fFGyVZ76+NZQn0gwrAMD6I37miitjEBBJsgGmMEX8NiACpUm 4YZ1D6hk5tFFECd298taTvsmDscBpOPGydniXdGlpHowLi16wMdJxtRj8zQ2OZpd eHk/CQ== -----END CERTIFICATE-----Generated at Sun Oct 19 12:51:40 2025 by rpki-client