$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS149972.roa File: AS149972.roa (raw, json) Hash identifier: GOB1SVSPeJgFwZ4/wW50vjKPzDq1+OKlRxXpIo9G5WQ= Subject key identifier: 00:6F:88:2C:BD:D9:7F:9A:74:92:B2:11:04:08:49:72:7D:96:04:D6 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 66CFB65928826C8F13B5C375DD4A557DF09EE8C2 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149972.roa Signing time: Sat 02 May 2026 21:24:48 +0000 ROA not before: Sat 02 May 2026 21:19:48 +0000 ROA not after: Sat 01 May 2027 21:24:48 +0000 asID: 149972 IP address blocks: 2001:df1:3340::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:cf:b6:59:28:82:6c:8f:13:b5:c3:75:dd:4a:55:7d:f0:9e:e8:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:19:48 2026 GMT Not After : May 1 21:24:48 2027 GMT Subject: CN=006F882CBDD97F9A7492B211040849727D9604D6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:c0:90:b9:04:e2:3f:07:9d:81:2b:72:a1:8b: d0:ce:d6:d1:a9:1c:cb:6a:f3:a7:8b:e8:66:b0:31: 40:c5:96:fd:1d:51:29:46:1b:0a:8c:3d:3b:41:20: 61:ae:05:20:17:a7:e7:9c:3c:26:5a:c5:7f:98:ab: a4:df:f6:1d:d4:84:90:2b:18:84:0c:6f:32:9c:df: ae:1f:98:6a:2b:c7:00:a2:cd:e7:42:ca:d7:f1:fa: 63:4b:f5:7c:8e:57:1c:1e:36:f6:a9:5c:fd:4c:ce: 2e:0c:32:e4:71:e1:58:6c:63:7f:4e:6e:61:4f:9a: e5:31:c8:d0:6d:a6:4a:42:c6:b7:d3:77:3e:73:77: a9:b4:a6:bb:65:61:fd:ff:24:d6:50:60:03:2c:c2: 76:33:af:9a:a7:75:9c:ff:91:26:a2:4c:fa:70:35: 42:6c:a4:4f:ae:41:33:ec:13:67:6b:18:9c:5b:cf: 5c:aa:67:d5:47:79:b6:37:d8:e3:01:53:86:95:47: 07:62:0a:6e:ab:e8:ef:de:5a:31:67:e1:00:f8:3f: 07:7d:71:29:e7:50:e7:60:48:48:0f:b1:17:02:9f: c8:78:f3:c7:92:31:b4:3d:24:55:3c:ba:f3:04:72: f2:c2:6c:de:ac:ff:53:f7:7c:22:f0:22:3e:4e:cd: a7:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:6F:88:2C:BD:D9:7F:9A:74:92:B2:11:04:08:49:72:7D:96:04:D6 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149972.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:3340::/48 Signature Algorithm: sha256WithRSAEncryption 2e:88:c7:ca:67:e1:fa:4a:26:c7:b2:9f:11:a2:d7:02:28:68: d0:08:17:29:fc:4c:de:24:67:9e:52:7f:67:09:0b:90:22:2b: 29:86:ae:84:3c:71:86:a4:24:11:73:83:87:62:d9:ab:cb:38: 9b:f3:2e:83:bd:96:03:79:8c:80:64:ba:8b:2b:5c:cc:26:fb: 64:d4:ca:8c:20:51:86:fc:41:a7:45:66:3a:97:8c:ce:17:97: ee:ba:a8:09:77:e5:6a:00:be:45:8c:fc:26:e4:3c:4c:e5:01: c0:c7:9c:46:83:9d:56:a5:f9:14:d7:99:fc:f3:52:a9:e7:6c: a7:c5:1b:cb:70:96:9d:74:49:f4:75:d1:ac:50:e2:8a:b6:1f: 87:ef:81:69:4a:31:79:0a:bf:89:ad:13:e1:06:3e:d4:67:60: 88:d0:95:c2:d3:4c:09:34:a6:f3:38:e4:ab:b3:c2:3d:e7:a4: e4:ef:a1:06:4c:fb:bc:42:ae:db:d5:fd:e6:73:fb:ed:a5:1d: b3:c8:e2:d7:4d:72:c0:0f:cf:4f:6d:a7:c7:e9:22:1f:b0:19: 69:2b:bf:7c:20:d9:b4:bc:34:0a:b8:14:fc:f9:1c:c4:ed:84: 82:af:55:a9:39:b7:2c:d6:2b:26:86:bb:50:b0:5d:09:27:26: 33:53:ad:52 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUZs+2WSiCbI8TtcN13UpVffCe6MIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMTk0OFoX DTI3MDUwMTIxMjQ0OFowMzExMC8GA1UEAxMoMDA2Rjg4MkNCREQ5N0Y5QTc0OTJC MjExMDQwODQ5NzI3RDk2MDRENjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM/AkLkE4j8HnYErcqGL0M7W0akcy2rzp4voZrAxQMWW/R1RKUYbCow9O0Eg Ya4FIBen55w8JlrFf5irpN/2HdSEkCsYhAxvMpzfrh+YaivHAKLN50LK1/H6Y0v1 fI5XHB429qlc/UzOLgwy5HHhWGxjf05uYU+a5THI0G2mSkLGt9N3PnN3qbSmu2Vh /f8k1lBgAyzCdjOvmqd1nP+RJqJM+nA1QmykT65BM+wTZ2sYnFvPXKpn1Ud5tjfY 4wFThpVHB2IKbqvo795aMWfhAPg/B31xKedQ52BISA+xFwKfyHjzx5IxtD0kVTy6 8wRy8sJs3qz/U/d8IvAiPk7Np+cCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBQAb4gs vdl/mnSSshEECElyfZYE1jAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQ5OTcyLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN8TNAMA0GCSqGSIb3DQEBCwUAA4IBAQAuiMfKZ+H6SibHsp8RotcC KGjQCBcp/EzeJGeeUn9nCQuQIisphq6EPHGGpCQRc4OHYtmryzib8y6DvZYDeYyA ZLqLK1zMJvtk1MqMIFGG/EGnRWY6l4zOF5fuuqgJd+VqAL5FjPwm5DxM5QHAx5xG g51WpfkU15n881Kp52ynxRvLcJaddEn0ddGsUOKKth+H74FpSjF5Cr+JrRPhBj7U Z2CI0JXC00wJNKbzOOSrs8I956Tk76EGTPu8Qq7b1f3mc/vtpR2zyOLXTXLAD89P bafH6SIfsBlpK798INm0vDQKuBT8+RzE7YSCr1WpObcs1ismhrtQsF0JJyYzU61S -----END CERTIFICATE-----Generated at Sun May 3 00:40:29 2026 by rpki-client