$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS149712.roa File: AS149712.roa (raw, json) Hash identifier: efhrhcedUXcCNoP/CpUkOz1FE0nLv6B/3SjrBW/UQAc= Subject key identifier: 1E:B3:AE:A2:FA:DF:EA:2B:92:14:FB:A0:A0:55:A6:6E:86:B8:9B:1C Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 7A2032DFD8E76F58CA9D7DFC9E7C0124516D1DF8 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149712.roa Signing time: Sat 02 May 2026 21:24:52 +0000 ROA not before: Sat 02 May 2026 21:19:52 +0000 ROA not after: Sat 01 May 2027 21:24:52 +0000 asID: 149712 IP address blocks: 2001:df1:3d40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:20:32:df:d8:e7:6f:58:ca:9d:7d:fc:9e:7c:01:24:51:6d:1d:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:19:52 2026 GMT Not After : May 1 21:24:52 2027 GMT Subject: CN=1EB3AEA2FADFEA2B9214FBA0A055A66E86B89B1C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:12:cc:bb:ac:cd:bc:6e:d2:a4:3d:b6:e9:a1: 75:fc:3d:5a:80:a0:56:f9:e0:c6:e3:75:f5:8f:43: e2:07:f1:fb:d8:45:43:fc:5f:fc:e0:47:3b:36:e8: 69:21:44:23:d1:68:14:58:37:52:83:cc:09:5f:ec: 1b:b9:05:a5:4f:b4:25:e5:09:24:fa:0c:a5:b4:62: 43:ab:15:ff:ba:12:a7:5c:20:ed:8e:e8:99:54:f5: 28:15:9f:9a:31:f8:dc:f5:78:06:41:65:a9:5e:f5: 45:d9:ff:f8:6a:6c:e0:43:aa:3b:1b:b6:dc:47:f4: 7e:62:dd:8c:7e:d1:8a:6c:af:33:a3:13:ef:1b:9f: 56:dd:1f:f4:83:55:f1:ca:15:a8:ce:e1:c1:94:0d: d0:0f:60:28:c8:3a:fc:2e:39:9b:d3:55:21:f9:75: ef:f9:0e:29:e4:f9:8a:bc:ce:42:db:92:5a:b3:6f: 73:55:d9:95:c0:10:79:d6:e3:c2:25:02:e4:0e:74: 29:15:86:0e:18:27:fe:c3:0e:b9:f8:37:36:51:3d: ff:b8:1c:12:91:26:59:7a:aa:c9:ae:03:4b:e4:f1: 61:48:17:59:fc:3a:85:27:4e:fa:63:51:b0:3d:f8: 3d:a6:d4:4b:26:45:5a:dc:14:45:23:07:e4:f3:b7: cb:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:B3:AE:A2:FA:DF:EA:2B:92:14:FB:A0:A0:55:A6:6E:86:B8:9B:1C X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149712.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:3d40::/48 Signature Algorithm: sha256WithRSAEncryption 7d:97:85:2f:8f:6b:c9:98:e3:70:bb:82:c2:ab:18:36:6f:96: f6:3c:d5:57:b9:90:99:d7:2d:da:3f:d2:d4:ab:c7:66:b7:76: 55:40:a6:64:db:5d:e8:78:8b:03:d8:5a:c0:16:e1:0b:3d:1f: 3b:fd:81:dd:72:14:da:56:9e:1c:b4:18:05:aa:06:f5:bc:8b: d7:85:83:a9:dd:3d:d9:ae:33:da:79:5a:8a:a5:e1:99:c1:e6: 3f:db:e1:d4:a0:9b:7b:b8:96:fe:18:95:d2:54:37:77:90:af: 76:2e:b1:5e:ec:81:74:5a:79:14:17:de:68:39:0f:02:29:e3: c8:9e:cb:8d:60:a9:d0:32:07:9b:5a:28:4c:a6:86:33:6c:03: 3c:cf:21:66:ee:f2:eb:4b:02:68:76:53:f4:62:7e:47:c9:33: 0a:2b:59:f5:45:41:93:ed:c0:56:39:34:fa:2c:97:85:d4:3d: 95:16:1f:10:86:9d:28:71:be:8d:2b:5f:65:8d:f2:4f:d1:81: 4e:e0:92:a5:dc:66:5b:a8:45:42:33:d1:7c:10:2c:8a:56:2b: c7:45:e0:30:10:92:b6:f0:02:8b:56:51:59:74:32:f4:7b:ea: 27:7b:c3:dc:7f:e4:4d:18:51:e4:d4:c1:43:a6:20:c9:68:ec: 3c:3b:0d:03 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUeiAy39jnb1jKnX38nnwBJFFtHfgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMTk1MloX DTI3MDUwMTIxMjQ1MlowMzExMC8GA1UEAxMoMUVCM0FFQTJGQURGRUEyQjkyMTRG QkEwQTA1NUE2NkU4NkI4OUIxQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMESzLuszbxu0qQ9tumhdfw9WoCgVvngxuN19Y9D4gfx+9hFQ/xf/OBHOzbo aSFEI9FoFFg3UoPMCV/sG7kFpU+0JeUJJPoMpbRiQ6sV/7oSp1wg7Y7omVT1KBWf mjH43PV4BkFlqV71Rdn/+Gps4EOqOxu23Ef0fmLdjH7RimyvM6MT7xufVt0f9INV 8coVqM7hwZQN0A9gKMg6/C45m9NVIfl17/kOKeT5irzOQtuSWrNvc1XZlcAQedbj wiUC5A50KRWGDhgn/sMOufg3NlE9/7gcEpEmWXqqya4DS+TxYUgXWfw6hSdO+mNR sD34PabUSyZFWtwURSMH5PO3y5ECAwEAAaOCAc8wggHLMB0GA1UdDgQWBBQes66i +t/qK5IU+6CgVaZuhribHDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQ5NzEyLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN8T1AMA0GCSqGSIb3DQEBCwUAA4IBAQB9l4Uvj2vJmONwu4LCqxg2 b5b2PNVXuZCZ1y3aP9LUq8dmt3ZVQKZk213oeIsD2FrAFuELPR87/YHdchTaVp4c tBgFqgb1vIvXhYOp3T3ZrjPaeVqKpeGZweY/2+HUoJt7uJb+GJXSVDd3kK92LrFe 7IF0WnkUF95oOQ8CKePInsuNYKnQMgebWihMpoYzbAM8zyFm7vLrSwJodlP0Yn5H yTMKK1n1RUGT7cBWOTT6LJeF1D2VFh8Qhp0ocb6NK19ljfJP0YFO4JKl3GZbqEVC M9F8ECyKVivHReAwEJK28AKLVlFZdDL0e+one8Pcf+RNGFHk1MFDpiDJaOw8Ow0D -----END CERTIFICATE-----Generated at Sun May 3 00:41:48 2026 by rpki-client