$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS149971.roa File: AS149971.roa (raw, json) Hash identifier: D7sZUZxLzDpgRXl91aP6hr2MNpSJZRj0EscmRO0Do5Q= Subject key identifier: 6D:45:C5:68:66:02:4C:1D:7F:58:2E:93:90:3B:92:9A:51:70:6A:50 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 0B9DDDFF069F363CAB9182336574B284EB93D8A3 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149971.roa Signing time: Sat 02 May 2026 09:25:51 +0000 ROA not before: Sat 02 May 2026 09:20:51 +0000 ROA not after: Sat 01 May 2027 09:25:51 +0000 asID: 149971 IP address blocks: 2001:df2:b440::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:9d:dd:ff:06:9f:36:3c:ab:91:82:33:65:74:b2:84:eb:93:d8:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:20:51 2026 GMT Not After : May 1 09:25:51 2027 GMT Subject: CN=6D45C56866024C1D7F582E93903B929A51706A50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:03:28:43:40:95:f4:6a:bd:04:4a:65:92:eb: 38:27:bd:62:f4:7b:9e:d9:b9:8e:13:97:81:2d:20: c2:d8:6a:da:34:e7:83:95:5f:cf:66:bf:e8:b3:a6: 44:cd:f7:a5:de:88:5b:bb:ae:ab:cf:0f:53:d9:98: 31:1e:7c:4e:75:2e:70:57:d5:1d:cb:78:f2:a1:f2: 71:21:b3:86:88:22:90:68:1e:23:72:44:a6:31:fe: 40:d6:23:e9:7f:5c:00:40:7c:55:73:2f:bb:fa:10: f5:f5:2c:91:bf:6a:15:0a:9f:c3:55:73:ba:8a:44: ba:6f:7e:5c:e7:6c:ce:79:86:f3:d5:72:3e:32:52: c8:16:32:d8:61:20:77:25:31:f1:89:bb:77:7d:d9: c3:6d:6d:e5:18:ec:ee:27:6c:e7:1a:50:d9:bd:6d: 78:10:34:49:f8:90:fa:c2:cf:f2:56:8d:37:d7:a3: c1:97:86:ea:11:76:cc:ca:c4:c3:08:41:57:e2:be: 12:e8:4f:c5:75:f5:ee:98:82:5e:27:0f:c6:12:e8: 26:d7:b0:05:70:0d:8b:b7:e2:35:5c:8b:62:c3:9b: e1:f8:03:70:9b:37:fd:9e:a9:31:14:87:fa:dd:b9: c5:b8:c0:e7:10:68:e6:53:16:9c:07:6a:a0:6b:37: 35:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:45:C5:68:66:02:4C:1D:7F:58:2E:93:90:3B:92:9A:51:70:6A:50 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149971.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:b440::/48 Signature Algorithm: sha256WithRSAEncryption 04:0d:65:51:ce:d0:dd:62:64:2c:90:79:d1:0d:ea:32:40:95: 04:8d:ae:9e:40:7d:27:7c:b5:de:72:6b:3a:76:4d:47:ea:83: 3b:41:99:b6:a0:9d:9e:ac:ad:3e:5c:ad:da:c9:0e:bc:ca:92: 93:54:21:db:d1:fc:34:3d:d2:4e:34:b7:0c:94:f1:7d:00:01: 44:97:fa:99:88:2f:90:f7:58:2d:00:8f:26:1e:4b:e4:2b:71: c1:7b:25:86:e1:9a:b4:2b:25:f5:ce:3b:07:06:c8:d4:a5:ec: 98:12:59:be:f0:a3:0e:ae:02:9c:07:1f:3d:57:65:2a:0e:f7: c1:aa:aa:5d:8e:59:8c:47:28:68:c0:21:17:c1:1e:24:18:99: 5a:63:7c:3d:37:4d:2b:3b:df:6b:e7:ea:6c:ce:46:f1:e6:59: df:13:f3:40:44:c5:97:ce:34:20:d6:b8:2f:f8:a1:63:94:11: cd:15:2b:43:52:34:61:e7:f9:35:1e:aa:39:c7:26:53:b8:a7: fa:81:46:ec:18:b2:b3:aa:90:49:72:52:28:72:c2:b4:1f:22: 03:2e:a1:3e:78:b6:1d:ef:a1:8f:ba:14:38:9a:86:01:60:bc: 0e:37:6e:5c:e9:c9:67:8a:b8:d5:25:10:9e:8f:30:a3:ae:a6: 4f:be:7a:59 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUC53d/wafNjyrkYIzZXSyhOuT2KMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjA1MVoX DTI3MDUwMTA5MjU1MVowMzExMC8GA1UEAxMoNkQ0NUM1Njg2NjAyNEMxRDdGNTgy RTkzOTAzQjkyOUE1MTcwNkE1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJYDKENAlfRqvQRKZZLrOCe9YvR7ntm5jhOXgS0gwthq2jTng5Vfz2a/6LOm RM33pd6IW7uuq88PU9mYMR58TnUucFfVHct48qHycSGzhogikGgeI3JEpjH+QNYj 6X9cAEB8VXMvu/oQ9fUskb9qFQqfw1VzuopEum9+XOdsznmG89VyPjJSyBYy2GEg dyUx8Ym7d33Zw21t5Rjs7ids5xpQ2b1teBA0SfiQ+sLP8laNN9ejwZeG6hF2zMrE wwhBV+K+EuhPxXX17piCXicPxhLoJtewBXANi7fiNVyLYsOb4fgDcJs3/Z6pMRSH +t25xbjA5xBo5lMWnAdqoGs3NcECAwEAAaOCAc8wggHLMB0GA1UdDgQWBBRtRcVo ZgJMHX9YLpOQO5KaUXBqUDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQ5OTcxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN8rRAMA0GCSqGSIb3DQEBCwUAA4IBAQAEDWVRztDdYmQskHnRDeoy QJUEja6eQH0nfLXecms6dk1H6oM7QZm2oJ2erK0+XK3ayQ68ypKTVCHb0fw0PdJO NLcMlPF9AAFEl/qZiC+Q91gtAI8mHkvkK3HBeyWG4Zq0KyX1zjsHBsjUpeyYElm+ 8KMOrgKcBx89V2UqDvfBqqpdjlmMRyhowCEXwR4kGJlaY3w9N00rO99r5+pszkbx 5lnfE/NARMWXzjQg1rgv+KFjlBHNFStDUjRh5/k1Hqo5xyZTuKf6gUbsGLKzqpBJ clIocsK0HyIDLqE+eLYd76GPuhQ4moYBYLwON25c6clnirjVJRCejzCjrqZPvnpZ -----END CERTIFICATE-----Generated at Sun May 3 00:40:33 2026 by rpki-client