$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS149407.roa File: AS149407.roa (raw, json) Hash identifier: iLxJGaYrJeKJqSq/cs64IKFyMaeZt8sUiZpHUA+jq4M= Subject key identifier: 10:1F:65:B2:2A:8F:B7:F0:E8:00:E8:DE:A3:B7:E3:D5:F9:35:3D:80 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 29E9EA481BA0F8E0FC839E81C6BFCAF4A98306F1 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149407.roa Signing time: Sat 02 May 2026 21:24:38 +0000 ROA not before: Sat 02 May 2026 21:19:38 +0000 ROA not after: Sat 01 May 2027 21:24:38 +0000 asID: 149407 IP address blocks: 2001:df1:2140::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:e9:ea:48:1b:a0:f8:e0:fc:83:9e:81:c6:bf:ca:f4:a9:83:06:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:19:38 2026 GMT Not After : May 1 21:24:38 2027 GMT Subject: CN=101F65B22A8FB7F0E800E8DEA3B7E3D5F9353D80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:39:6f:1a:97:ae:4b:9b:6f:94:b3:ed:cd:92: 9a:3f:43:b8:8b:77:ea:fb:df:99:90:75:95:9d:bb: b5:51:fb:6c:17:d7:94:f6:12:6b:74:2b:e1:9c:25: 3e:5d:01:31:d9:75:d2:e2:79:04:2f:93:73:7a:22: 8e:ed:d1:aa:7b:fb:e3:cc:5c:35:97:bc:5e:e2:6d: 4d:95:af:95:a2:95:db:8c:19:44:51:27:64:31:b3: cd:33:e6:ac:ed:c9:f1:c4:e2:68:12:17:2e:d3:18: 95:de:8d:31:fa:07:d3:1c:91:39:74:cc:1a:15:d3: 0e:7e:6a:de:b2:14:c7:e5:62:5b:04:55:c7:06:e0: 5e:19:97:47:a9:19:7f:a2:84:97:14:a9:53:ab:0f: cd:07:e0:40:d9:f6:1b:9d:84:c9:27:c9:a1:33:d7: a8:19:0e:56:28:46:74:54:ac:80:0c:9b:55:d0:c6: 94:af:33:22:a8:4e:96:13:fc:db:24:d2:73:26:d1: 26:3d:99:fa:9e:44:f9:98:1b:9a:8f:39:78:dc:73: e3:18:85:f1:0d:a4:fa:96:f4:13:c2:9d:18:c3:7b: 2c:af:1d:7d:18:5b:f4:6b:b5:4f:78:5b:91:2d:47: d7:eb:b1:6e:ea:8f:d0:21:44:c9:d0:ab:f1:82:3e: 77:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:1F:65:B2:2A:8F:B7:F0:E8:00:E8:DE:A3:B7:E3:D5:F9:35:3D:80 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149407.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:2140::/48 Signature Algorithm: sha256WithRSAEncryption 8a:09:91:49:eb:4f:1b:61:24:00:c2:7d:06:7b:46:94:c3:72: 32:89:de:8a:d8:a8:34:5e:a1:10:38:bf:77:4d:d2:16:b9:bf: 42:f0:3f:b9:79:3d:a8:1a:66:ff:e3:85:8e:03:94:35:8f:18: 2b:39:58:e6:f8:d7:7c:96:24:fc:84:e7:86:ad:1f:4c:a2:a9: de:e3:b7:2f:c2:2e:f6:ea:37:f5:ca:87:ac:5a:3a:4b:7c:dd: b9:4d:cc:b2:b4:12:88:37:22:d5:4b:a7:79:80:10:7c:8a:23: e4:dc:4f:94:3a:a3:9c:4f:3d:66:64:c1:6e:01:fe:fb:a6:22: 76:25:0e:c0:20:8b:8b:74:02:45:d1:20:71:26:bd:72:61:c7: de:1e:a9:91:cb:e8:42:e1:6f:db:c0:28:3d:58:00:1a:ff:53: 85:90:12:89:dc:e3:c6:29:86:c4:3a:fa:24:ff:3a:d9:b2:c5: 00:5e:0e:ec:9d:08:11:fd:08:e2:d5:c0:36:db:06:d3:d0:96: 22:3c:d8:50:7c:98:f9:ce:c9:b7:1d:42:32:9c:e7:ad:2c:9a: 5e:db:4a:ce:bb:b7:a2:54:9c:ac:c8:f2:b6:de:4a:34:d9:c7: 3b:26:46:1f:a0:69:95:54:b2:26:79:96:05:5c:3c:52:07:10: 5d:4f:ac:c7 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUKenqSBug+OD8g56Bxr/K9KmDBvEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMTkzOFoX DTI3MDUwMTIxMjQzOFowMzExMC8GA1UEAxMoMTAxRjY1QjIyQThGQjdGMEU4MDBF OERFQTNCN0UzRDVGOTM1M0Q4MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPQ5bxqXrkubb5Sz7c2Smj9DuIt36vvfmZB1lZ27tVH7bBfXlPYSa3Qr4Zwl Pl0BMdl10uJ5BC+Tc3oiju3Rqnv748xcNZe8XuJtTZWvlaKV24wZRFEnZDGzzTPm rO3J8cTiaBIXLtMYld6NMfoH0xyROXTMGhXTDn5q3rIUx+ViWwRVxwbgXhmXR6kZ f6KElxSpU6sPzQfgQNn2G52EySfJoTPXqBkOVihGdFSsgAybVdDGlK8zIqhOlhP8 2yTScybRJj2Z+p5E+Zgbmo85eNxz4xiF8Q2k+pb0E8KdGMN7LK8dfRhb9Gu1T3hb kS1H1+uxbuqP0CFEydCr8YI+d6kCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBQQH2Wy Ko+38OgA6N6jt+PV+TU9gDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQ5NDA3LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN8SFAMA0GCSqGSIb3DQEBCwUAA4IBAQCKCZFJ608bYSQAwn0Ge0aU w3Iyid6K2Kg0XqEQOL93TdIWub9C8D+5eT2oGmb/44WOA5Q1jxgrOVjm+Nd8liT8 hOeGrR9Moqne47cvwi726jf1yoesWjpLfN25TcyytBKINyLVS6d5gBB8iiPk3E+U OqOcTz1mZMFuAf77piJ2JQ7AIIuLdAJF0SBxJr1yYcfeHqmRy+hC4W/bwCg9WAAa /1OFkBKJ3OPGKYbEOvok/zrZssUAXg7snQgR/Qji1cA22wbT0JYiPNhQfJj5zsm3 HUIynOetLJpe20rOu7eiVJysyPK23ko02cc7JkYfoGmVVLImeZYFXDxSBxBdT6zH -----END CERTIFICATE-----Generated at Sun May 3 00:40:42 2026 by rpki-client