$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS150509.roa File: AS150509.roa (raw, json) Hash identifier: j6bd4aXlobYd+WxnI+IPOr8Dj0ShnKpd8sX8R6W7SHo= Subject key identifier: 84:4E:9B:19:9A:3D:A1:10:52:68:00:40:FF:8D:0E:FD:3E:3E:DD:2B Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 52F1FAF8A9EC87459AD61CEC700BB39EEE2DF95C Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150509.roa Signing time: Sat 02 May 2026 09:25:51 +0000 ROA not before: Sat 02 May 2026 09:20:51 +0000 ROA not after: Sat 01 May 2027 09:25:51 +0000 asID: 150509 IP address blocks: 2001:df2:dc40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 03:13:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:f1:fa:f8:a9:ec:87:45:9a:d6:1c:ec:70:0b:b3:9e:ee:2d:f9:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:20:51 2026 GMT Not After : May 1 09:25:51 2027 GMT Subject: CN=844E9B199A3DA11052680040FF8D0EFD3E3EDD2B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:b4:1b:07:5d:00:33:b9:9a:ee:a7:20:c4:a0: 3b:ca:2f:bd:3a:f9:06:74:b4:c9:67:79:53:7a:0a: 5b:ec:8d:7d:f2:ac:d0:1e:1b:bc:96:0a:8d:4f:67: 3d:e3:cb:9a:bc:e1:a4:9c:da:fe:e9:10:35:f0:7f: 30:04:ac:78:94:5b:17:9b:d3:f4:9e:5d:f5:6c:f3: f6:ae:cb:41:0c:79:97:42:84:7b:8f:3c:fb:a5:49: 71:6e:52:c7:99:f0:68:14:28:6f:fa:13:8f:3f:f2: 3a:04:4f:1d:ac:b2:79:dc:1c:0f:20:95:e1:92:56: b2:14:29:fe:ae:be:ed:a9:6f:05:c3:b1:36:b1:aa: 5b:b1:8a:8c:45:0b:ed:ad:c1:13:d6:56:5c:e2:00: ca:a5:c1:ba:5d:33:50:71:f5:6b:f3:8b:f2:38:c4: e1:ad:d5:e9:18:ca:5b:c9:44:b0:be:0f:3b:5a:8c: 65:53:be:ce:e6:dd:f5:7e:64:ab:9f:9c:9f:be:de: 09:8f:ec:f8:6f:14:74:dd:3c:60:90:5f:cd:0a:42: 36:cb:ff:ef:ca:18:45:04:56:db:d0:ce:64:3b:ed: 21:e2:9d:9d:44:22:d5:cb:39:32:c5:b0:18:eb:f6: db:79:f4:42:19:a5:94:e6:07:32:52:41:9e:19:7c: 62:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:4E:9B:19:9A:3D:A1:10:52:68:00:40:FF:8D:0E:FD:3E:3E:DD:2B X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:dc40::/48 Signature Algorithm: sha256WithRSAEncryption a5:18:7e:42:ce:e8:93:c6:c3:d9:9c:98:bf:83:63:19:75:62: af:ba:dd:1f:57:5d:c3:d7:ae:93:e5:d1:25:aa:44:0d:70:c0: 0d:05:3f:62:81:bd:a2:0e:b7:38:18:75:dc:d1:f3:60:e4:a3: 67:e6:13:01:54:d8:9c:91:d9:3c:51:5a:e5:5a:16:77:12:46: e2:13:9d:88:87:c9:40:0d:27:ff:c6:51:0d:64:88:99:f8:23: 26:fd:7d:b3:01:77:af:37:85:56:34:d9:69:5f:c1:42:44:2c: 5e:36:4f:0a:d6:50:7c:79:05:28:0f:aa:fd:e5:0b:1a:4f:a0: ea:71:dd:f8:bf:27:d2:b8:22:44:40:ad:93:b5:ab:29:e2:a4: 93:ac:e6:fb:07:0e:de:36:81:42:29:0a:bd:63:42:97:4b:8d: 33:07:7f:ca:0d:7f:0d:59:b0:4f:e2:11:cd:37:9d:5b:fb:fa: 0e:02:e9:64:9d:6f:19:d7:6e:56:50:18:e0:1c:ab:81:c8:0a: 4c:98:35:bc:a2:02:8c:ca:68:eb:d4:b1:97:5f:f4:d5:75:ed: de:4f:e9:dd:d8:1c:ed:dc:8d:34:f7:49:a4:f9:2a:af:aa:ac: cc:eb:60:e3:80:6d:cd:33:29:f6:67:31:3d:fe:e7:83:16:85: b9:cd:69:d6 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUUvH6+Knsh0Wa1hzscAuznu4t+VwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjA1MVoX DTI3MDUwMTA5MjU1MVowMzExMC8GA1UEAxMoODQ0RTlCMTk5QTNEQTExMDUyNjgw MDQwRkY4RDBFRkQzRTNFREQyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALG0GwddADO5mu6nIMSgO8ovvTr5BnS0yWd5U3oKW+yNffKs0B4bvJYKjU9n PePLmrzhpJza/ukQNfB/MASseJRbF5vT9J5d9Wzz9q7LQQx5l0KEe488+6VJcW5S x5nwaBQob/oTjz/yOgRPHayyedwcDyCV4ZJWshQp/q6+7alvBcOxNrGqW7GKjEUL 7a3BE9ZWXOIAyqXBul0zUHH1a/OL8jjE4a3V6RjKW8lEsL4PO1qMZVO+zubd9X5k q5+cn77eCY/s+G8UdN08YJBfzQpCNsv/78oYRQRW29DOZDvtIeKdnUQi1cs5MsWw GOv223n0QhmllOYHMlJBnhl8YhcCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBSETpsZ mj2hEFJoAED/jQ79Pj7dKzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUwNTA5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN8txAMA0GCSqGSIb3DQEBCwUAA4IBAQClGH5CzuiTxsPZnJi/g2MZ dWKvut0fV13D166T5dElqkQNcMANBT9igb2iDrc4GHXc0fNg5KNn5hMBVNickdk8 UVrlWhZ3EkbiE52Ih8lADSf/xlENZIiZ+CMm/X2zAXevN4VWNNlpX8FCRCxeNk8K 1lB8eQUoD6r95QsaT6Dqcd34vyfSuCJEQK2Ttasp4qSTrOb7Bw7eNoFCKQq9Y0KX S40zB3/KDX8NWbBP4hHNN51b+/oOAulknW8Z125WUBjgHKuByApMmDW8ogKMymjr 1LGXX/TVde3eT+nd2Bzt3I0090mk+SqvqqzM62DjgG3NMyn2ZzE9/ueDFoW5zWnW -----END CERTIFICATE-----Generated at Sun May 3 01:44:15 2026 by rpki-client