$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS149675.roa File: AS149675.roa (raw, json) Hash identifier: vYoxOuN0V+6dsS+y7muM56LN/s1s/MKKXtU0hlu6yy8= Subject key identifier: 6A:A8:00:EE:BF:32:F9:18:07:20:F2:2E:92:AF:65:E2:95:55:75:BC Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 52261CCB877E32D740894E8BF35B87AEA4B3E2D5 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149675.roa Signing time: Sat 02 May 2026 08:36:00 +0000 ROA not before: Sat 02 May 2026 08:31:00 +0000 ROA not after: Sat 01 May 2027 08:36:00 +0000 asID: 149675 IP address blocks: 2001:df2:5c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:26:1c:cb:87:7e:32:d7:40:89:4e:8b:f3:5b:87:ae:a4:b3:e2:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 08:31:00 2026 GMT Not After : May 1 08:36:00 2027 GMT Subject: CN=6AA800EEBF32F9180720F22E92AF65E2955575BC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:5a:99:62:83:4b:56:18:48:98:75:6d:fd:88: 09:8b:91:06:ee:e8:b3:39:03:82:23:d8:ae:ce:9b: 3a:07:ac:fb:f8:37:a2:63:fc:8f:bc:bf:4e:a5:b8: f1:82:2f:b6:75:8b:7e:bd:5b:da:6d:c3:59:16:3d: 1e:9f:1c:7d:6e:d5:2d:c5:59:a5:8c:15:d0:20:cf: d1:b2:04:6a:c7:84:9c:85:6b:2e:6c:1d:3b:00:ea: e0:27:0d:2b:f2:43:b9:2e:b8:e3:c8:34:c0:83:81: 96:0c:48:f3:4d:a8:88:d6:1d:fc:f8:d6:ab:ab:bb: e8:38:19:97:ee:cb:fa:e1:d7:a8:5f:d0:4d:20:c2: b0:6a:08:10:0e:83:89:59:74:47:47:0d:d6:7e:6c: c4:44:ae:60:7a:40:c7:6d:4c:7b:11:75:a7:9a:5f: f4:e9:e0:7d:e0:60:db:dc:4e:2f:ef:66:18:fe:ea: 1e:d7:bc:f0:76:54:b8:86:b9:fb:5c:be:c7:8e:5c: fc:01:ef:ee:1c:76:11:b8:dc:00:9f:bd:e4:d2:8c: 91:70:7d:80:8c:89:2c:06:71:0c:47:1f:3f:d3:ab: 9a:31:8f:a8:57:c5:97:0d:bc:b8:ea:f7:d1:23:d9: 14:b9:3d:29:8e:af:ed:cf:75:cd:2f:4f:90:0f:73: 32:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:A8:00:EE:BF:32:F9:18:07:20:F2:2E:92:AF:65:E2:95:55:75:BC X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149675.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:5c0::/48 Signature Algorithm: sha256WithRSAEncryption 08:b8:62:5e:51:e7:4b:91:dc:c0:91:34:a6:9c:34:a4:62:6a: b8:c6:c7:8e:46:de:2b:e8:1d:3c:b8:ef:b9:da:1a:ac:7e:28: 83:a5:8c:78:8d:6b:67:c0:44:6e:15:c3:4b:47:49:66:c0:98: 3b:c9:74:be:1c:71:b2:dd:43:1c:5d:bf:b3:10:7c:24:81:d2: 06:bd:02:55:3c:a1:14:fe:62:47:04:ba:e1:02:a0:fa:dd:be: 2f:79:63:88:fb:3c:a5:f8:5f:26:26:16:f0:0e:8a:72:ea:78: 88:11:6f:8e:d0:70:df:1c:52:95:33:40:31:aa:a3:05:fe:88: 86:f3:e4:f2:f6:cf:69:e7:85:ac:d5:ad:ac:04:e7:fa:24:42: 51:c3:86:41:f7:02:6b:be:d3:4b:06:10:3c:36:dd:78:0a:6a: db:b6:bc:b9:d4:7c:32:9c:a9:d0:8b:a6:32:a3:80:45:60:c1: 13:12:82:d9:d4:dc:85:14:b6:18:b8:1b:9a:39:27:e5:87:e9: fe:d5:c4:ac:f3:fb:1d:b0:f9:05:1a:e1:dd:cc:cf:49:88:27: f2:e1:16:ec:6c:9d:6c:2b:9e:9f:df:d3:9a:fb:b9:4a:bf:20: 75:12:be:14:a6:dd:03:e7:95:22:dc:83:a9:88:db:65:eb:89: f9:bb:b3:24 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUUiYcy4d+MtdAiU6L81uHrqSz4tUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA4MzEwMFoX DTI3MDUwMTA4MzYwMFowMzExMC8GA1UEAxMoNkFBODAwRUVCRjMyRjkxODA3MjBG MjJFOTJBRjY1RTI5NTU1NzVCQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKNamWKDS1YYSJh1bf2ICYuRBu7oszkDgiPYrs6bOges+/g3omP8j7y/TqW4 8YIvtnWLfr1b2m3DWRY9Hp8cfW7VLcVZpYwV0CDP0bIEaseEnIVrLmwdOwDq4CcN K/JDuS6448g0wIOBlgxI802oiNYd/PjWq6u76DgZl+7L+uHXqF/QTSDCsGoIEA6D iVl0R0cN1n5sxESuYHpAx21MexF1p5pf9OngfeBg29xOL+9mGP7qHte88HZUuIa5 +1y+x45c/AHv7hx2EbjcAJ+95NKMkXB9gIyJLAZxDEcfP9OrmjGPqFfFlw28uOr3 0SPZFLk9KY6v7c91zS9PkA9zMn8CAwEAAaOCAc8wggHLMB0GA1UdDgQWBBRqqADu vzL5GAcg8i6Sr2XilVV1vDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQ5Njc1LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN8gXAMA0GCSqGSIb3DQEBCwUAA4IBAQAIuGJeUedLkdzAkTSmnDSk Ymq4xseORt4r6B08uO+52hqsfiiDpYx4jWtnwERuFcNLR0lmwJg7yXS+HHGy3UMc Xb+zEHwkgdIGvQJVPKEU/mJHBLrhAqD63b4veWOI+zyl+F8mJhbwDopy6niIEW+O 0HDfHFKVM0AxqqMF/oiG8+Ty9s9p54Ws1a2sBOf6JEJRw4ZB9wJrvtNLBhA8Nt14 Cmrbtry51HwynKnQi6Yyo4BFYMETEoLZ1NyFFLYYuBuaOSflh+n+1cSs8/sdsPkF GuHdzM9JiCfy4RbsbJ1sK56f39Oa+7lKvyB1Er4Upt0D55Ui3IOpiNtl64n5u7Mk -----END CERTIFICATE-----Generated at Sun May 3 00:41:42 2026 by rpki-client