$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS149976.roa File: AS149976.roa (raw, json) Hash identifier: UbKLgl7h9DeeLFPg2ZWP/30I87ffbnCBixOAj5r+Zys= Subject key identifier: 8E:7F:F0:AD:34:DC:20:3E:A2:85:07:EF:EA:98:00:AE:4A:DF:BE:0B Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 7593E56F632A61C3EE9891DF32E1D7C2D9B3684C Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149976.roa Signing time: Sat 02 May 2026 09:26:07 +0000 ROA not before: Sat 02 May 2026 09:21:07 +0000 ROA not after: Sat 01 May 2027 09:26:07 +0000 asID: 149976 IP address blocks: 2001:df2:91c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:93:e5:6f:63:2a:61:c3:ee:98:91:df:32:e1:d7:c2:d9:b3:68:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:21:07 2026 GMT Not After : May 1 09:26:07 2027 GMT Subject: CN=8E7FF0AD34DC203EA28507EFEA9800AE4ADFBE0B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:93:42:b9:57:ea:cb:2f:57:b0:f9:5c:ea:0b: d8:ef:c6:be:71:ac:d0:09:53:f4:a6:98:d1:0f:05: 98:84:88:a2:6d:8c:b6:f9:15:eb:1e:4f:36:c9:74: 72:b5:e3:57:f7:be:3c:e2:51:05:c7:e9:33:f8:7a: 16:95:75:32:1a:dc:58:75:35:1a:3e:77:a0:20:fb: f5:85:35:ee:dd:77:97:1e:1a:da:8f:c9:4b:18:ef: e3:28:bd:f2:54:e1:aa:58:b3:af:5f:dc:3a:4a:39: c1:7c:9a:4e:bb:03:b0:88:4c:91:df:9c:aa:20:dd: 19:e4:bb:3c:20:62:9e:9e:3c:79:34:a3:75:76:cd: c1:0e:92:d2:08:80:10:29:03:ea:0f:4a:20:d6:56: 98:e0:8e:dd:b2:40:ff:b2:15:19:45:e2:e4:6d:30: 47:e1:8f:5f:89:49:77:9e:a4:99:5b:d0:7c:56:55: 14:61:4f:13:74:0f:c4:07:7b:43:71:51:e1:ee:94: d5:72:0c:97:d8:c2:f9:d4:0e:f4:5b:68:ff:f1:8a: 0b:35:22:d0:ae:27:72:2e:7e:c2:f8:48:25:f5:1f: 55:40:0f:44:6c:9b:85:98:86:48:83:92:87:26:eb: 76:4a:55:f8:00:aa:bb:91:2b:34:8c:44:f2:77:0d: c6:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:7F:F0:AD:34:DC:20:3E:A2:85:07:EF:EA:98:00:AE:4A:DF:BE:0B X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149976.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:91c0::/48 Signature Algorithm: sha256WithRSAEncryption 19:2c:e5:0a:df:a3:d0:c2:64:ac:d3:e3:b7:2d:97:e3:a3:03: 46:59:36:aa:9d:7c:aa:61:e9:e3:ed:ac:83:f6:64:0a:36:b1: cb:6b:30:b0:98:ce:4b:7f:fc:f8:6f:cc:12:ea:c4:dc:f7:94: c2:06:33:be:e6:e3:31:54:24:ec:61:5e:63:3f:6d:fd:6b:38: 3f:20:7c:41:9b:6d:03:44:21:62:07:69:54:73:c7:99:3d:44: 73:2f:69:ef:f6:87:a0:b0:91:ce:50:73:da:b8:65:a4:da:b8: 06:f3:e8:aa:da:36:0b:62:b4:38:fc:fe:da:c9:a7:94:40:8e: 0d:1e:0f:e7:df:6f:75:a5:26:ed:67:52:44:09:67:31:4c:00: 68:ec:0a:52:ef:4b:b2:06:82:b4:7c:e4:76:28:e8:0e:d4:d2: f7:e9:a7:f2:41:c5:fb:4c:e4:a1:16:b5:cd:21:6f:34:fc:2a: 86:a7:57:b0:ec:59:25:75:ee:73:90:c0:c8:0f:59:9f:60:7c: 13:03:71:e4:79:be:7d:d7:7f:b8:dd:2e:8d:91:84:0f:c5:4c: cc:c3:13:6b:9f:49:dc:51:56:0f:bd:87:75:42:06:ec:fb:ab: 22:6f:03:96:10:35:6b:d7:b5:fb:dd:b3:8c:7f:5f:81:53:9c: 61:c5:e3:b9 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUdZPlb2MqYcPumJHfMuHXwtmzaEwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjEwN1oX DTI3MDUwMTA5MjYwN1owMzExMC8GA1UEAxMoOEU3RkYwQUQzNERDMjAzRUEyODUw N0VGRUE5ODAwQUU0QURGQkUwQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALiTQrlX6ssvV7D5XOoL2O/GvnGs0AlT9KaY0Q8FmISIom2MtvkV6x5PNsl0 crXjV/e+POJRBcfpM/h6FpV1MhrcWHU1Gj53oCD79YU17t13lx4a2o/JSxjv4yi9 8lThqlizr1/cOko5wXyaTrsDsIhMkd+cqiDdGeS7PCBinp48eTSjdXbNwQ6S0giA ECkD6g9KINZWmOCO3bJA/7IVGUXi5G0wR+GPX4lJd56kmVvQfFZVFGFPE3QPxAd7 Q3FR4e6U1XIMl9jC+dQO9Fto//GKCzUi0K4nci5+wvhIJfUfVUAPRGybhZiGSIOS hybrdkpV+ACqu5ErNIxE8ncNxtMCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBSOf/Ct NNwgPqKFB+/qmACuSt++CzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQ5OTc2LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN8pHAMA0GCSqGSIb3DQEBCwUAA4IBAQAZLOUK36PQwmSs0+O3LZfj owNGWTaqnXyqYenj7ayD9mQKNrHLazCwmM5Lf/z4b8wS6sTc95TCBjO+5uMxVCTs YV5jP239azg/IHxBm20DRCFiB2lUc8eZPURzL2nv9oegsJHOUHPauGWk2rgG8+iq 2jYLYrQ4/P7ayaeUQI4NHg/n3291pSbtZ1JECWcxTABo7ApS70uyBoK0fOR2KOgO 1NL36afyQcX7TOShFrXNIW80/CqGp1ew7Fklde5zkMDID1mfYHwTA3Hkeb5913+4 3S6NkYQPxUzMwxNrn0ncUVYPvYd1Qgbs+6sibwOWEDVr17X73bOMf1+BU5xhxeO5 -----END CERTIFICATE-----Generated at Sun May 3 00:40:30 2026 by rpki-client