$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS149324.roa File: AS149324.roa (raw, json) Hash identifier: z72XJAR38FgOACCu/fFgr62+0JYQ6WpgvzVsMK6SlfQ= Subject key identifier: CD:0D:CA:2D:A9:5F:8E:19:10:BC:AA:05:E2:56:E0:E2:71:72:9D:E8 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 091750DD080D17CC89185A51E6CECFD4716311A9 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149324.roa Signing time: Sat 02 May 2026 21:23:40 +0000 ROA not before: Sat 02 May 2026 21:18:40 +0000 ROA not after: Sat 01 May 2027 21:23:40 +0000 asID: 149324 IP address blocks: 2001:df0:5dc0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:17:50:dd:08:0d:17:cc:89:18:5a:51:e6:ce:cf:d4:71:63:11:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:18:40 2026 GMT Not After : May 1 21:23:40 2027 GMT Subject: CN=CD0DCA2DA95F8E1910BCAA05E256E0E271729DE8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:ae:54:ca:da:e8:63:7d:3e:5a:02:86:58:be: a7:e5:3b:6e:59:39:3a:2f:3c:e9:fc:2f:ff:f0:b7: 42:5c:c3:de:14:bd:58:85:dd:75:b3:78:24:7e:32: ca:60:5c:c7:7f:e6:35:22:e2:53:2f:af:68:5c:d4: cc:1f:d5:2e:62:37:9c:2a:a3:b1:dc:d9:fc:79:90: e8:ac:0d:19:8e:eb:44:43:71:14:0c:a8:fa:50:7e: 0d:f3:a9:d9:97:0a:16:75:3e:4a:fa:24:a9:f9:22: 3b:53:15:b3:35:2f:e3:56:f3:ed:b6:aa:a7:c7:29: 59:31:d0:7c:21:ff:ba:d0:94:d2:fc:fa:10:48:59: 91:9a:f2:97:c1:b2:c8:41:be:57:66:a9:57:7e:80: 56:3d:a1:61:c8:a9:27:34:d6:bb:eb:0b:f1:af:88: b3:f4:7e:ee:65:d7:bc:af:59:f5:f9:b5:bd:a6:ed: d8:79:f4:28:5b:a2:85:be:49:37:1d:cf:9f:df:6c: 6f:8a:bb:0c:5c:6f:e8:da:26:92:ea:84:ca:c6:5c: df:ae:47:bc:be:bb:e1:e0:41:5a:ee:12:23:35:2c: 75:df:71:ea:bc:84:67:28:46:72:71:dd:46:36:a7: 1e:da:b5:72:89:c2:b2:89:0a:bc:f5:1d:f4:44:2c: 5e:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:0D:CA:2D:A9:5F:8E:19:10:BC:AA:05:E2:56:E0:E2:71:72:9D:E8 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149324.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df0:5dc0::/48 Signature Algorithm: sha256WithRSAEncryption 56:a4:85:66:82:9a:d0:de:a2:e9:96:65:0d:f2:80:77:c3:ba: 3b:a2:d1:0a:7f:3e:e9:a9:79:9a:e2:46:42:8b:0f:c3:79:6b: b7:2c:24:5b:aa:ae:5b:de:3b:18:06:39:ac:13:2f:65:a8:c5: d8:79:d0:ac:98:24:de:4b:12:cb:78:7e:80:f3:b6:45:d6:4a: 56:47:78:6f:ea:39:93:c1:46:c1:87:4d:b0:94:14:ee:ce:e3: 2c:ab:cb:e7:1c:ac:fe:00:38:ce:e6:f5:2a:88:0b:d2:9d:70: bc:3b:81:b3:24:89:9a:42:52:1c:3e:4d:04:d3:cc:0b:9b:4e: 1b:25:75:5d:a0:57:5e:19:fe:1b:8d:24:b2:ac:35:25:cd:dd: 1d:d5:db:2a:12:4e:87:f7:16:32:e1:86:ba:dd:ed:65:29:68: 54:22:47:7a:c5:8d:64:61:68:7f:b0:01:ce:a1:f7:98:9a:3b: 4c:39:ad:0a:cd:c7:b4:73:5d:02:e5:82:a0:a1:1b:9e:5c:2d: 20:bd:f0:1e:fa:73:50:da:76:76:d2:57:4d:eb:0a:65:17:fc: 6b:c0:0b:f1:ad:f0:1a:68:7f:56:0b:c5:cf:07:ac:86:b1:ce: 89:f0:ec:ec:39:be:79:9a:76:16:43:cc:e2:1a:54:6f:fb:5a: 6f:f1:cf:d5 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUCRdQ3QgNF8yJGFpR5s7P1HFjEakwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMTg0MFoX DTI3MDUwMTIxMjM0MFowMzExMC8GA1UEAxMoQ0QwRENBMkRBOTVGOEUxOTEwQkNB QTA1RTI1NkUwRTI3MTcyOURFODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOCuVMra6GN9PloChli+p+U7blk5Oi886fwv//C3QlzD3hS9WIXddbN4JH4y ymBcx3/mNSLiUy+vaFzUzB/VLmI3nCqjsdzZ/HmQ6KwNGY7rRENxFAyo+lB+DfOp 2ZcKFnU+SvokqfkiO1MVszUv41bz7baqp8cpWTHQfCH/utCU0vz6EEhZkZryl8Gy yEG+V2apV36AVj2hYcipJzTWu+sL8a+Is/R+7mXXvK9Z9fm1vabt2Hn0KFuihb5J Nx3Pn99sb4q7DFxv6NomkuqEysZc365HvL674eBBWu4SIzUsdd9x6ryEZyhGcnHd RjanHtq1conCsokKvPUd9EQsXrsCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBTNDcot qV+OGRC8qgXiVuDicXKd6DAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQ5MzI0LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN8F3AMA0GCSqGSIb3DQEBCwUAA4IBAQBWpIVmgprQ3qLplmUN8oB3 w7o7otEKfz7pqXma4kZCiw/DeWu3LCRbqq5b3jsYBjmsEy9lqMXYedCsmCTeSxLL eH6A87ZF1kpWR3hv6jmTwUbBh02wlBTuzuMsq8vnHKz+ADjO5vUqiAvSnXC8O4Gz JImaQlIcPk0E08wLm04bJXVdoFdeGf4bjSSyrDUlzd0d1dsqEk6H9xYy4Ya63e1l KWhUIkd6xY1kYWh/sAHOofeYmjtMOa0Kzce0c10C5YKgoRueXC0gvfAe+nNQ2nZ2 0ldN6wplF/xrwAvxrfAaaH9WC8XPB6yGsc6J8OzsOb55mnYWQ8ziGlRv+1pv8c/V -----END CERTIFICATE-----Generated at Sun May 3 00:42:05 2026 by rpki-client