$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS149374.roa File: AS149374.roa (raw, json) Hash identifier: tlo5iZTfW0mA3qo8g/OdLqN5G3wtp/zXAh3O2TLRes0= Subject key identifier: 16:ED:C1:4E:5C:4E:AF:33:72:AE:F3:C1:C5:FE:B6:D0:5E:74:AC:CB Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 4939B27270F4A32AB8909549707C5E4618BF5800 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149374.roa Signing time: Sat 02 May 2026 09:26:04 +0000 ROA not before: Sat 02 May 2026 09:21:04 +0000 ROA not after: Sat 01 May 2027 09:26:04 +0000 asID: 149374 IP address blocks: 2001:df3:8440::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:39:b2:72:70:f4:a3:2a:b8:90:95:49:70:7c:5e:46:18:bf:58:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:21:04 2026 GMT Not After : May 1 09:26:04 2027 GMT Subject: CN=16EDC14E5C4EAF3372AEF3C1C5FEB6D05E74ACCB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:8b:ea:59:c5:fe:95:18:1e:fe:21:92:c2:a7: d2:f6:85:13:63:39:ad:a1:92:4c:9a:f5:66:d1:45: 72:41:d7:c6:5e:8a:6b:45:8f:49:bb:98:ef:8f:79: 1f:7f:5b:17:20:2a:85:c4:3e:08:58:4c:35:fa:a0: 0f:2c:cd:5f:48:5c:18:8e:c8:17:d0:bf:2c:a5:be: 30:97:0c:e1:e2:53:93:3e:db:f4:85:f8:57:fa:92: 72:5c:de:db:c3:76:d1:ae:d0:80:a5:bd:42:08:16: 96:8c:07:90:5b:7f:75:4a:10:d2:9b:45:38:f3:82: 5d:10:0f:67:96:6c:92:b3:f2:83:b4:db:aa:6c:44: 9f:32:1a:12:62:4e:50:0e:ec:23:77:95:5c:91:5d: e8:dd:81:da:28:87:1d:49:c6:c6:41:4c:c2:4b:16: 95:8e:78:4b:9f:63:dd:0b:45:74:61:0b:71:69:18: 62:57:7c:b8:a0:4c:5c:3f:2b:a6:5f:c4:07:5f:c8: 2c:6e:e5:a9:09:5b:eb:a5:7f:bd:5c:ab:47:c1:f7: 84:50:2e:1d:27:65:8e:1a:33:7c:5c:05:11:95:a9: e1:1f:c2:d6:d2:1b:8d:3a:3b:79:c5:40:50:6e:ea: e5:b5:48:9f:e1:5c:56:bf:3e:c9:02:f6:8b:a2:d0: 9d:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:ED:C1:4E:5C:4E:AF:33:72:AE:F3:C1:C5:FE:B6:D0:5E:74:AC:CB X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149374.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:8440::/48 Signature Algorithm: sha256WithRSAEncryption 27:c3:86:47:83:f8:d2:38:e7:ad:ae:50:05:24:9f:24:ce:16: 6c:65:bc:fb:50:06:98:ad:47:9d:2c:e8:ac:7e:f0:c8:fa:46: 3c:76:3e:04:8e:e9:57:61:9e:e6:35:73:7a:bf:75:80:9b:4d: bf:6e:b1:50:56:5c:48:86:66:ed:02:e1:c1:2a:d0:6b:ec:3a: 7c:4e:de:4a:e4:20:25:1d:a3:e4:2e:d9:a4:b5:f7:97:ab:49: 35:d0:c0:47:be:38:4a:1f:74:b6:c3:67:6b:60:40:8e:df:72: 4c:72:0d:23:a5:88:b2:44:5c:53:aa:29:34:ae:5f:0b:6c:8b: 1c:18:16:fc:c7:71:73:e6:bb:79:bd:72:1f:a9:1f:42:96:d2: 56:43:ee:6e:87:ae:3b:bd:bd:26:6a:c7:e9:1b:68:04:fc:47: af:54:f4:c5:1a:07:55:7a:20:ec:8a:77:4e:29:74:91:67:2a: f2:9a:d5:73:77:5c:00:03:ff:b6:0f:97:1a:de:78:f6:5d:a1: 66:5f:8c:c1:c8:2f:51:87:f2:37:1c:41:9d:0e:8b:86:bb:ea: 67:26:c0:03:6a:ac:9b:14:a8:90:c0:2f:1e:87:fb:97:ee:26: 9d:65:d0:19:95:66:6e:42:a3:ae:72:6a:8a:58:51:c7:2c:24: e4:32:cf:f2 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUSTmycnD0oyq4kJVJcHxeRhi/WAAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjEwNFoX DTI3MDUwMTA5MjYwNFowMzExMC8GA1UEAxMoMTZFREMxNEU1QzRFQUYzMzcyQUVG M0MxQzVGRUI2RDA1RTc0QUNDQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK+L6lnF/pUYHv4hksKn0vaFE2M5raGSTJr1ZtFFckHXxl6Ka0WPSbuY7495 H39bFyAqhcQ+CFhMNfqgDyzNX0hcGI7IF9C/LKW+MJcM4eJTkz7b9IX4V/qSclze 28N20a7QgKW9QggWlowHkFt/dUoQ0ptFOPOCXRAPZ5ZskrPyg7TbqmxEnzIaEmJO UA7sI3eVXJFd6N2B2iiHHUnGxkFMwksWlY54S59j3QtFdGELcWkYYld8uKBMXD8r pl/EB1/ILG7lqQlb66V/vVyrR8H3hFAuHSdljhozfFwFEZWp4R/C1tIbjTo7ecVA UG7q5bVIn+FcVr8+yQL2i6LQnXkCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBQW7cFO XE6vM3Ku88HF/rbQXnSsyzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQ5Mzc0LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN84RAMA0GCSqGSIb3DQEBCwUAA4IBAQAnw4ZHg/jSOOetrlAFJJ8k zhZsZbz7UAaYrUedLOisfvDI+kY8dj4EjulXYZ7mNXN6v3WAm02/brFQVlxIhmbt AuHBKtBr7Dp8Tt5K5CAlHaPkLtmktfeXq0k10MBHvjhKH3S2w2drYECO33JMcg0j pYiyRFxTqik0rl8LbIscGBb8x3Fz5rt5vXIfqR9CltJWQ+5uh647vb0masfpG2gE /EevVPTFGgdVeiDsindOKXSRZyrymtVzd1wAA/+2D5ca3nj2XaFmX4zByC9Rh/I3 HEGdDouGu+pnJsADaqybFKiQwC8eh/uX7iadZdAZlWZuQqOucmqKWFHHLCTkMs/y -----END CERTIFICATE-----Generated at Sun May 3 00:40:40 2026 by rpki-client