$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS150228.roa File: AS150228.roa (raw, json) Hash identifier: jdO72CSoPHvqGRHBZRLWFwCZhYMARZBvm/bM4HbEX90= Subject key identifier: 4C:A2:D4:CC:A9:DB:B3:DD:B3:16:1B:69:5E:D4:7A:78:68:F3:92:A7 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 635DB2C6245BED6F47C430225120C5571E48ECEF Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150228.roa Signing time: Sat 02 May 2026 21:27:53 +0000 ROA not before: Sat 02 May 2026 21:22:53 +0000 ROA not after: Sat 01 May 2027 21:27:53 +0000 asID: 150228 IP address blocks: 202.47.66.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 05 May 2026 16:31:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:5d:b2:c6:24:5b:ed:6f:47:c4:30:22:51:20:c5:57:1e:48:ec:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:22:53 2026 GMT Not After : May 1 21:27:53 2027 GMT Subject: CN=4CA2D4CCA9DBB3DDB3161B695ED47A7868F392A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:17:51:d9:b1:43:0d:b4:2e:13:ab:77:fd:cc: 4a:96:0f:b8:6e:cd:b9:68:4e:51:4d:39:bf:4d:fd: f7:cb:e0:53:dd:9a:9e:9a:54:42:a1:cc:bd:04:c3: cb:a4:61:db:de:c8:0e:b5:dc:25:96:57:2c:82:4f: 10:3f:d3:e9:e3:e9:1a:d2:f0:b7:ca:b7:dd:a6:b8: d5:e3:cb:d6:83:3c:97:87:43:64:13:b7:41:4a:f9: 25:24:41:b3:e5:17:33:57:00:46:ae:40:4c:0e:01: d3:c3:67:8b:3b:2d:ab:76:db:eb:88:f8:c9:42:c4: 5c:63:c9:e5:09:81:9c:0f:3d:11:8a:2a:ce:fb:46: 4c:91:22:e5:cd:48:33:62:e6:4a:92:d1:3d:a5:04: 40:fb:44:00:86:93:c7:e7:16:49:ab:e8:44:fc:0f: 5d:22:9d:be:81:48:54:5d:a3:de:2f:f9:e3:2a:6f: 9b:b4:17:50:2d:d2:0b:20:a9:da:e3:c0:27:4c:bc: 26:71:23:69:80:55:7e:f4:bb:7b:82:34:bf:d7:26: a5:aa:b3:24:98:27:46:40:37:65:b9:5b:23:af:8a: 5d:0e:21:c0:6c:ae:70:ea:b2:87:4a:98:9a:a9:d1: 92:2b:89:af:85:7c:a3:0f:d1:c3:1f:3c:4e:06:e0: 55:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:A2:D4:CC:A9:DB:B3:DD:B3:16:1B:69:5E:D4:7A:78:68:F3:92:A7 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150228.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.47.66.0/24 Signature Algorithm: sha256WithRSAEncryption 8f:d1:17:b2:70:5e:9c:0a:fa:6d:e1:89:c4:7c:6f:03:61:67: 6a:cd:57:1e:e0:29:cd:e6:c6:6a:10:80:57:08:a1:23:1e:07: 36:07:26:6f:b0:a4:9a:99:1c:53:20:5d:f2:42:6a:94:3d:c2: 1a:8c:ee:03:19:08:7f:7e:d7:d6:c9:61:a3:1f:21:b0:0d:ba: 11:73:64:67:bb:dc:cc:a0:20:28:cc:1f:1b:fc:b9:0e:45:c4: 38:c9:5e:9e:c7:15:2f:1e:a3:54:ff:eb:3f:0c:2c:45:7a:ec: 79:a2:0b:6a:8a:c6:46:bc:ca:a3:88:22:7a:df:24:a3:e3:88: db:66:45:99:6d:9b:ba:f5:60:ce:3a:db:27:4c:4e:78:48:6e: 9c:8c:7d:a2:d1:ac:8f:57:1c:5a:75:27:19:d8:e6:60:40:8e: 79:ea:db:13:80:95:db:80:4c:66:ea:ff:73:2b:40:bf:9e:6d: 92:0f:a1:0d:5f:41:24:7d:91:dd:31:d9:56:9b:c9:b2:10:2e: 5e:5b:b6:1c:64:94:41:95:0f:72:67:b9:54:aa:30:27:30:3d: 39:83:01:61:30:bc:65:74:5c:84:03:99:c9:5a:78:53:b1:ca: ec:2d:1f:c6:86:9e:bc:db:69:1f:06:6b:46:1c:30:c9:2c:a7: be:be:41:b3 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUY12yxiRb7W9HxDAiUSDFVx5I7O8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMjI1M1oX DTI3MDUwMTIxMjc1M1owMzExMC8GA1UEAxMoNENBMkQ0Q0NBOURCQjNEREIzMTYx QjY5NUVENDdBNzg2OEYzOTJBNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALQXUdmxQw20LhOrd/3MSpYPuG7NuWhOUU05v03998vgU92anppUQqHMvQTD y6Rh297IDrXcJZZXLIJPED/T6ePpGtLwt8q33aa41ePL1oM8l4dDZBO3QUr5JSRB s+UXM1cARq5ATA4B08Nnizstq3bb64j4yULEXGPJ5QmBnA89EYoqzvtGTJEi5c1I M2LmSpLRPaUEQPtEAIaTx+cWSavoRPwPXSKdvoFIVF2j3i/54ypvm7QXUC3SCyCp 2uPAJ0y8JnEjaYBVfvS7e4I0v9cmpaqzJJgnRkA3ZblbI6+KXQ4hwGyucOqyh0qY mqnRkiuJr4V8ow/Rwx88TgbgVT8CAwEAAaOCAcwwggHIMB0GA1UdDgQWBBRMotTM qduz3bMWG2le1Hp4aPOSpzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUwMjI4LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAyi9CMA0GCSqGSIb3DQEBCwUAA4IBAQCP0ReycF6cCvpt4YnEfG8DYWdq zVce4CnN5sZqEIBXCKEjHgc2ByZvsKSamRxTIF3yQmqUPcIajO4DGQh/ftfWyWGj HyGwDboRc2Rnu9zMoCAozB8b/LkORcQ4yV6exxUvHqNU/+s/DCxFeux5ogtqisZG vMqjiCJ63ySj44jbZkWZbZu69WDOOtsnTE54SG6cjH2i0ayPVxxadScZ2OZgQI55 6tsTgJXbgExm6v9zK0C/nm2SD6ENX0EkfZHdMdlWm8myEC5eW7YcZJRBlQ9yZ7lU qjAnMD05gwFhMLxldFyEA5nJWnhTscrsLR/Ghp6822kfBmtGHDDJLKe+vkGz -----END CERTIFICATE-----Generated at Tue May 5 08:43:33 2026 by rpki-client