$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS150493.roa File: AS150493.roa (raw, json) Hash identifier: yY0P3Dfe0UhRmiDMFSYtWTOaGQrwD+4mbJRf2ccuLdI= Subject key identifier: BE:8A:87:64:72:11:17:FA:5D:C1:7C:5B:9F:8A:67:15:D9:EC:5D:99 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 1678AA3CEC4A9563F3DED6B06EE3F21B345F520A Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150493.roa Signing time: Sat 02 May 2026 08:34:40 +0000 ROA not before: Sat 02 May 2026 08:29:40 +0000 ROA not after: Sat 01 May 2027 08:34:40 +0000 asID: 150493 IP address blocks: 2001:df1:e8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:78:aa:3c:ec:4a:95:63:f3:de:d6:b0:6e:e3:f2:1b:34:5f:52:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 08:29:40 2026 GMT Not After : May 1 08:34:40 2027 GMT Subject: CN=BE8A8764721117FA5DC17C5B9F8A6715D9EC5D99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:ec:0f:e1:6a:7f:76:55:2b:2e:0b:95:83:d8: 79:43:b9:2c:3a:53:0c:0c:e1:35:a2:fc:51:c6:87: f6:ff:d0:f9:7a:60:72:fe:43:57:19:1a:7e:8d:2b: 7d:da:91:f0:1c:a6:f3:98:87:36:aa:a0:07:a7:73: 23:2e:0a:86:21:92:db:3b:df:2a:fd:53:c9:9a:9a: 80:b4:d8:c3:ca:58:c8:90:c4:fc:1b:b4:3d:a2:94: af:cc:ae:46:d9:02:38:8c:0e:2d:2a:b9:b0:1b:4d: 7c:56:c3:3c:31:b6:7e:e5:b8:4d:ac:b6:7c:e5:b1: 82:f4:04:27:55:63:64:d5:7f:4b:c7:9c:2e:bd:a6: 2e:8e:e5:32:f4:d2:59:e8:c8:0c:77:5b:f0:5c:30: c2:a1:e0:f1:f1:8e:5a:cc:00:95:c4:cb:8e:94:5b: d2:d6:d2:ff:1c:f2:f8:5c:81:f6:1f:4d:9a:6e:d2: 2c:60:15:33:28:1d:0d:8d:11:94:29:3f:bf:3c:ae: 08:29:98:38:26:2f:27:3a:4c:6a:f9:bb:c8:21:95: 5b:1a:f7:fd:82:79:d3:19:99:c7:0c:6f:b3:c0:18: e0:df:71:59:3f:53:28:bd:b6:d2:f4:ac:e1:ae:14: 1a:4c:55:b0:3c:31:1e:eb:63:2d:06:a3:e2:6c:ed: ad:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:8A:87:64:72:11:17:FA:5D:C1:7C:5B:9F:8A:67:15:D9:EC:5D:99 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150493.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:e8c0::/48 Signature Algorithm: sha256WithRSAEncryption 23:5a:17:1f:68:73:27:d4:b2:28:63:a6:01:89:f8:53:39:42: 2a:cd:6b:37:b0:1c:11:ed:72:86:f1:07:fd:51:ef:0f:af:bb: 8b:5c:56:5b:4f:29:21:ce:27:87:97:4a:8e:42:61:15:48:5c: b6:34:33:1b:af:d4:15:1f:cb:ea:55:35:2c:52:ea:96:00:c0: 4b:17:11:cb:9b:9e:04:22:df:8c:0b:36:a9:5f:ad:53:7d:2e: 15:ce:35:44:d2:fd:95:0b:a4:64:14:b8:ba:6b:b0:3b:75:28: 75:f1:b3:9b:e1:e6:0b:fa:fa:60:a0:e5:e9:e8:4f:17:2e:96: 28:7e:82:d2:df:42:ca:92:d0:50:88:48:25:bb:20:e6:b8:b5: 88:17:13:84:b9:e0:03:b2:ba:9b:76:9e:0d:fc:a1:58:88:7d: b9:96:7b:e6:c7:07:52:77:89:c0:af:20:3f:8a:07:0e:91:06: d7:79:24:95:51:0c:f7:ea:05:45:fc:b7:81:09:b6:33:38:a7: 95:31:be:21:db:eb:20:86:55:ad:14:66:b4:04:31:93:4c:f4: d9:aa:cb:f1:1e:84:73:4c:59:3f:2e:0a:11:cf:14:0c:3e:39: 7c:83:d5:a0:a2:2d:15:6c:e4:1e:54:0c:df:98:30:30:2c:a8: b3:75:5d:6b -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUFniqPOxKlWPz3tawbuPyGzRfUgowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA4Mjk0MFoX DTI3MDUwMTA4MzQ0MFowMzExMC8GA1UEAxMoQkU4QTg3NjQ3MjExMTdGQTVEQzE3 QzVCOUY4QTY3MTVEOUVDNUQ5OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMzsD+Fqf3ZVKy4LlYPYeUO5LDpTDAzhNaL8UcaH9v/Q+Xpgcv5DVxkafo0r fdqR8Bym85iHNqqgB6dzIy4KhiGS2zvfKv1TyZqagLTYw8pYyJDE/Bu0PaKUr8yu RtkCOIwOLSq5sBtNfFbDPDG2fuW4Tay2fOWxgvQEJ1VjZNV/S8ecLr2mLo7lMvTS WejIDHdb8FwwwqHg8fGOWswAlcTLjpRb0tbS/xzy+FyB9h9Nmm7SLGAVMygdDY0R lCk/vzyuCCmYOCYvJzpMavm7yCGVWxr3/YJ50xmZxwxvs8AY4N9xWT9TKL220vSs 4a4UGkxVsDwxHutjLQaj4mztrXcCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBS+iodk chEX+l3BfFufimcV2exdmTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUwNDkzLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN8ejAMA0GCSqGSIb3DQEBCwUAA4IBAQAjWhcfaHMn1LIoY6YBifhT OUIqzWs3sBwR7XKG8Qf9Ue8Pr7uLXFZbTykhzieHl0qOQmEVSFy2NDMbr9QVH8vq VTUsUuqWAMBLFxHLm54EIt+MCzapX61TfS4VzjVE0v2VC6RkFLi6a7A7dSh18bOb 4eYL+vpgoOXp6E8XLpYofoLS30LKktBQiEgluyDmuLWIFxOEueADsrqbdp4N/KFY iH25lnvmxwdSd4nAryA/igcOkQbXeSSVUQz36gVF/LeBCbYzOKeVMb4h2+sghlWt FGa0BDGTTPTZqsvxHoRzTFk/LgoRzxQMPjl8g9Wgoi0VbOQeVAzfmDAwLKizdV1r -----END CERTIFICATE-----Generated at Sun May 3 00:42:18 2026 by rpki-client