$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS149707.roa File: AS149707.roa (raw, json) Hash identifier: SaPhzkz57oiiVRhge6bfwUHmABpdpJxZSFMhXdShQAQ= Subject key identifier: 6C:8C:F1:DA:34:06:3E:16:A9:E8:29:4A:68:11:CC:65:C8:33:B0:FC Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 22D41551FBEBEA014B64AE523D6EC0B7319E9267 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149707.roa Signing time: Sat 02 May 2026 21:26:13 +0000 ROA not before: Sat 02 May 2026 21:21:13 +0000 ROA not after: Sat 01 May 2027 21:26:13 +0000 asID: 149707 IP address blocks: 2001:df1:ee40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:d4:15:51:fb:eb:ea:01:4b:64:ae:52:3d:6e:c0:b7:31:9e:92:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:21:13 2026 GMT Not After : May 1 21:26:13 2027 GMT Subject: CN=6C8CF1DA34063E16A9E8294A6811CC65C833B0FC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:4c:02:57:29:ce:d9:5b:9a:33:c3:88:2c:fe: d3:b9:01:f2:31:78:2f:4c:f6:2c:f1:a5:00:84:13: 82:16:f9:45:20:6b:a0:c2:96:86:9b:44:c0:2c:1b: be:f8:dc:61:af:c0:ad:80:c0:88:14:5d:31:04:90: e4:7f:93:ab:92:16:99:a5:77:a1:3f:5c:f0:46:90: 16:dc:f3:43:2b:d8:6b:a8:84:b9:ed:33:ae:e9:3f: ca:38:00:04:01:20:01:24:22:94:a8:3e:ff:07:ce: e3:2a:73:c6:04:08:a6:95:9c:03:bd:67:07:2d:fe: 07:ac:8e:a6:74:7c:12:1a:0c:5f:6c:4e:4e:91:2e: 24:4b:f8:91:71:91:ed:fd:1e:a3:ea:fc:34:12:26: 8f:54:43:e5:82:b2:a5:c9:dd:f5:42:60:82:d8:b0: 02:67:ae:74:dc:1b:97:77:db:69:3c:a6:38:06:3d: 80:91:8a:ef:30:1f:37:b8:07:22:80:62:11:1e:fc: 7d:a3:39:53:55:96:d9:b5:bf:96:45:97:a3:48:81: 93:e3:9b:a7:59:44:15:7d:27:87:86:a7:ec:9b:56: 9f:4d:70:8d:6d:ce:14:2a:31:95:99:87:bd:d4:31: 04:dc:70:b2:30:e3:42:66:e1:8e:b9:ec:be:ca:9c: 3a:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:8C:F1:DA:34:06:3E:16:A9:E8:29:4A:68:11:CC:65:C8:33:B0:FC X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149707.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:ee40::/48 Signature Algorithm: sha256WithRSAEncryption 29:be:a9:eb:f5:16:21:0e:dc:33:c4:41:d8:23:e3:a5:f4:f0: 42:c0:5f:3d:c7:32:b5:e8:17:ab:9e:45:6a:0a:cf:54:57:31: 1c:b5:44:96:a3:ca:73:a5:92:56:29:be:ba:14:cb:3f:68:72: 52:21:6f:a7:64:bb:7c:f6:f8:a5:f1:8e:af:64:84:de:fb:5d: 98:e9:1f:b2:c6:b6:04:62:ca:b6:ee:7c:7b:10:88:80:2d:56: 3c:77:9a:f2:48:d1:ba:98:dc:60:21:90:82:92:a0:1e:fd:c8: 47:b8:a3:fc:44:93:17:d9:22:15:9c:b2:c7:49:97:db:46:b1: c3:3f:b2:28:42:3c:49:b5:e5:ce:35:19:e5:c9:ff:4c:bf:40: cd:69:0e:23:ac:6e:26:83:96:24:88:c1:0d:87:ad:d2:78:63: 34:74:f3:77:5c:f9:f4:26:52:bf:11:bc:c0:20:b9:40:19:15: dc:8d:a6:bb:2d:14:3f:e8:75:59:0c:3e:7b:58:db:9f:3a:bf: 88:f0:e7:80:da:ec:5b:05:a2:fa:bd:da:f8:8b:41:ac:1e:e3: 49:26:11:83:f4:d4:37:27:02:6d:67:05:53:6c:96:bc:58:4c: 6a:a2:50:cc:9e:c7:c7:4e:a7:db:1c:0d:2d:ba:fa:e0:ec:c9: 49:ea:cd:81 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUItQVUfvr6gFLZK5SPW7AtzGekmcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMjExM1oX DTI3MDUwMTIxMjYxM1owMzExMC8GA1UEAxMoNkM4Q0YxREEzNDA2M0UxNkE5RTgy OTRBNjgxMUNDNjVDODMzQjBGQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALFMAlcpztlbmjPDiCz+07kB8jF4L0z2LPGlAIQTghb5RSBroMKWhptEwCwb vvjcYa/ArYDAiBRdMQSQ5H+Tq5IWmaV3oT9c8EaQFtzzQyvYa6iEue0zruk/yjgA BAEgASQilKg+/wfO4ypzxgQIppWcA71nBy3+B6yOpnR8EhoMX2xOTpEuJEv4kXGR 7f0eo+r8NBImj1RD5YKypcnd9UJggtiwAmeudNwbl3fbaTymOAY9gJGK7zAfN7gH IoBiER78faM5U1WW2bW/lkWXo0iBk+Obp1lEFX0nh4an7JtWn01wjW3OFCoxlZmH vdQxBNxwsjDjQmbhjrnsvsqcOs0CAwEAAaOCAc8wggHLMB0GA1UdDgQWBBRsjPHa NAY+FqnoKUpoEcxlyDOw/DAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQ5NzA3LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN8e5AMA0GCSqGSIb3DQEBCwUAA4IBAQApvqnr9RYhDtwzxEHYI+Ol 9PBCwF89xzK16BernkVqCs9UVzEctUSWo8pzpZJWKb66FMs/aHJSIW+nZLt89vil 8Y6vZITe+12Y6R+yxrYEYsq27nx7EIiALVY8d5rySNG6mNxgIZCCkqAe/chHuKP8 RJMX2SIVnLLHSZfbRrHDP7IoQjxJteXONRnlyf9Mv0DNaQ4jrG4mg5YkiMENh63S eGM0dPN3XPn0JlK/EbzAILlAGRXcjaa7LRQ/6HVZDD57WNufOr+I8OeA2uxbBaL6 vdr4i0GsHuNJJhGD9NQ3JwJtZwVTbJa8WExqolDMnsfHTqfbHA0tuvrg7MlJ6s2B -----END CERTIFICATE-----Generated at Sun May 3 00:39:48 2026 by rpki-client