$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS150208.roa File: AS150208.roa (raw, json) Hash identifier: ps0kdhHFL3WyR3RncDw5rjldrKSo79h7aH/qr5yRucQ= Subject key identifier: A2:10:DF:57:39:91:97:58:4C:9C:76:96:A5:DA:31:B3:76:02:90:2F Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 7914F99EEE771B77857DF98E922BAFB6560780BF Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150208.roa Signing time: Sat 02 May 2026 09:26:03 +0000 ROA not before: Sat 02 May 2026 09:21:03 +0000 ROA not after: Sat 01 May 2027 09:26:03 +0000 asID: 150208 IP address blocks: 2001:df3:c440::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 05 May 2026 16:31:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:14:f9:9e:ee:77:1b:77:85:7d:f9:8e:92:2b:af:b6:56:07:80:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:21:03 2026 GMT Not After : May 1 09:26:03 2027 GMT Subject: CN=A210DF57399197584C9C7696A5DA31B37602902F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:f0:8b:b8:91:f8:e7:24:d8:50:63:cd:0a:04: 0e:0f:90:8c:4a:87:ec:49:da:2f:f0:f0:8b:f1:f6: 9a:cd:93:aa:7b:63:1f:74:c8:d6:b6:21:43:ff:8f: d6:51:5e:df:6c:33:95:f5:99:03:ea:02:a6:a4:d4: a7:b1:be:51:73:6c:16:5b:7a:a4:12:7f:81:cd:10: cb:24:2b:2d:37:09:8e:29:d1:2c:1b:38:4e:14:cb: d1:a8:85:f7:5a:1b:ca:75:47:9d:b8:d0:f1:2d:97: e0:6a:da:13:49:6e:37:ab:fe:a5:38:80:a4:22:be: 95:61:7d:8b:9b:cf:ac:44:8b:31:59:66:c2:34:5f: 61:8e:fa:c0:a7:4b:ef:cf:9d:a8:95:9f:21:a7:e4: 86:63:2d:8f:cb:ec:0e:a9:10:9d:e5:c7:74:08:cc: 7b:03:b9:a2:54:35:dd:09:2f:97:fe:85:c6:c6:d4: 24:ba:b8:9a:42:9d:19:11:57:5e:ca:ed:66:5a:b2: d2:52:0a:f5:1c:33:3f:6d:e2:87:9a:ac:19:80:a0: 1f:ad:73:18:09:70:64:75:a0:60:8f:f3:9f:97:0e: 8d:5d:d3:e3:66:c4:53:14:6b:b1:a4:04:79:61:ec: 14:27:0b:85:89:40:c2:b8:60:28:c7:76:0f:98:52: 03:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:10:DF:57:39:91:97:58:4C:9C:76:96:A5:DA:31:B3:76:02:90:2F X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150208.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:c440::/48 Signature Algorithm: sha256WithRSAEncryption 57:ea:05:bf:13:4f:4e:47:fe:88:81:0b:03:c1:02:78:59:1e: 4d:70:cd:56:34:8d:aa:0a:0e:b2:8c:f0:76:c4:33:97:9e:b1: f0:fa:78:ef:fd:53:d7:4b:1b:b3:1d:a8:cc:cc:b7:8e:21:4f: c0:80:80:e8:78:5c:0b:6e:c0:c9:bd:ac:75:1b:d2:31:d6:5f: 19:cb:4f:92:dd:78:08:07:b2:69:32:17:39:2b:23:95:d0:06: a3:16:04:a3:35:09:1f:a4:72:8b:e0:c6:86:10:08:75:15:f6: 38:d1:25:a9:df:a0:66:0b:6f:07:06:b9:3b:8c:86:57:0e:7f: 6b:ff:8c:ec:e3:35:1f:65:ed:90:e8:43:23:90:ba:34:c2:c8: 45:95:36:e4:2c:cc:41:7c:26:46:30:65:05:e4:b4:68:c3:1c: ca:9f:65:07:cc:46:f3:e0:82:2c:77:e6:b2:00:55:46:32:e6: e5:ee:0b:27:f9:df:aa:cc:8c:c0:65:c3:f3:01:f6:a9:bd:c7: f1:2a:2c:46:cc:e7:8a:a2:7a:29:e0:ff:c1:a9:8a:11:71:e5: 8d:ed:06:44:36:79:99:19:d3:4a:a6:a8:23:11:3b:c7:eb:51: d0:b3:13:d4:6d:8b:68:f1:84:58:ce:0e:f5:ea:3d:0f:7c:cf: b1:11:41:56 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUeRT5nu53G3eFffmOkiuvtlYHgL8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjEwM1oX DTI3MDUwMTA5MjYwM1owMzExMC8GA1UEAxMoQTIxMERGNTczOTkxOTc1ODRDOUM3 Njk2QTVEQTMxQjM3NjAyOTAyRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKPwi7iR+Ock2FBjzQoEDg+QjEqH7EnaL/Dwi/H2ms2TqntjH3TI1rYhQ/+P 1lFe32wzlfWZA+oCpqTUp7G+UXNsFlt6pBJ/gc0QyyQrLTcJjinRLBs4ThTL0aiF 91obynVHnbjQ8S2X4GraE0luN6v+pTiApCK+lWF9i5vPrESLMVlmwjRfYY76wKdL 78+dqJWfIafkhmMtj8vsDqkQneXHdAjMewO5olQ13Qkvl/6FxsbUJLq4mkKdGRFX XsrtZlqy0lIK9RwzP23ih5qsGYCgH61zGAlwZHWgYI/zn5cOjV3T42bEUxRrsaQE eWHsFCcLhYlAwrhgKMd2D5hSA6sCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBSiEN9X OZGXWEycdpal2jGzdgKQLzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUwMjA4LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN88RAMA0GCSqGSIb3DQEBCwUAA4IBAQBX6gW/E09OR/6IgQsDwQJ4 WR5NcM1WNI2qCg6yjPB2xDOXnrHw+njv/VPXSxuzHajMzLeOIU/AgIDoeFwLbsDJ vax1G9Ix1l8Zy0+S3XgIB7JpMhc5KyOV0AajFgSjNQkfpHKL4MaGEAh1FfY40SWp 36BmC28HBrk7jIZXDn9r/4zs4zUfZe2Q6EMjkLo0wshFlTbkLMxBfCZGMGUF5LRo wxzKn2UHzEbz4IIsd+ayAFVGMubl7gsn+d+qzIzAZcPzAfapvcfxKixGzOeKonop 4P/BqYoRceWN7QZENnmZGdNKpqgjETvH61HQsxPUbYto8YRYzg716j0PfM+xEUFW -----END CERTIFICATE-----Generated at Tue May 5 08:31:37 2026 by rpki-client