$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS150923.roa File: AS150923.roa (raw, json) Hash identifier: ZCHkNhhvXhDbMCITm0AEQgNuKkpljkbMzoWK7cYD5p4= Subject key identifier: CB:07:85:75:0F:C0:CF:BA:F0:81:DD:FB:D1:CA:D3:C9:C7:DE:AE:E2 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 487AFA2B64E05232EFDE79D0D21E3038E70B4ADA Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150923.roa Signing time: Sat 02 May 2026 09:26:08 +0000 ROA not before: Sat 02 May 2026 09:21:08 +0000 ROA not after: Sat 01 May 2027 09:26:08 +0000 asID: 150923 IP address blocks: 2001:df2:ffc0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:27:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:7a:fa:2b:64:e0:52:32:ef:de:79:d0:d2:1e:30:38:e7:0b:4a:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:21:08 2026 GMT Not After : May 1 09:26:08 2027 GMT Subject: CN=CB0785750FC0CFBAF081DDFBD1CAD3C9C7DEAEE2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:5d:e2:ec:c3:8b:44:37:f6:78:c4:e6:da:19: aa:2f:51:35:34:04:b9:9e:54:4d:c7:0f:65:b4:e1: 3e:e6:c6:a8:c7:8d:8c:a5:18:72:37:d5:9d:2b:31: a9:e8:7f:88:3e:17:8b:53:54:2e:93:ad:8c:70:5b: 32:79:3c:17:ab:e1:6e:27:ee:16:07:01:da:1f:a0: 88:a1:4c:26:9b:f0:5f:74:5d:b5:e0:ea:36:b6:38: 7f:1a:c7:e6:a6:05:c0:f7:40:b3:c9:52:85:fc:5d: 8c:ac:da:12:2f:6f:22:d3:20:c8:7b:0e:75:fd:60: ec:10:12:1c:80:78:78:82:de:23:17:0a:f9:bb:4e: 17:50:6e:2e:12:8c:74:2f:94:ea:56:9c:81:08:0a: 7f:42:03:1c:0e:05:02:32:d0:75:0c:6e:e3:f3:40: 56:93:48:49:3a:b3:27:a1:8f:be:41:45:64:ec:13: c9:e8:b1:18:10:23:87:e9:36:12:83:ed:93:36:ca: 2a:b6:07:bf:9a:46:1a:61:1d:09:0f:11:4e:c6:d6: 55:b9:cc:fe:6d:77:68:f3:d6:b8:a4:ee:ef:f3:95: dd:81:d2:4a:dc:17:bc:58:1e:3b:8b:44:14:6d:8a: c0:80:80:55:3f:31:64:a4:8a:6a:8c:07:e3:04:98: 1a:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:07:85:75:0F:C0:CF:BA:F0:81:DD:FB:D1:CA:D3:C9:C7:DE:AE:E2 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150923.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:ffc0::/48 Signature Algorithm: sha256WithRSAEncryption 68:72:49:cd:bd:6a:66:95:e4:30:26:a0:ab:1d:c5:b2:60:6b: c9:a4:eb:9f:a9:2f:02:8f:a3:7f:52:97:9d:5e:49:81:3a:c9: 18:b0:92:2b:fb:60:b6:ff:e8:cd:f2:75:2b:a2:11:2a:e9:11: c0:df:14:24:75:28:0e:6b:a1:fc:79:6d:46:9e:2e:c6:35:94: 58:a1:c8:d7:af:89:2b:c0:e0:8d:be:f7:cd:5c:bc:f0:15:72: e5:92:f7:07:5b:69:c7:3a:0d:2a:5f:3f:fd:92:07:09:87:f6: 57:58:1b:70:53:2f:79:02:a1:6a:6c:e6:b7:76:72:93:31:44: c7:3b:ae:02:73:f0:f1:3c:f8:dc:0f:d1:ca:0b:93:da:58:45: 31:53:07:59:70:d7:43:32:d9:bf:4d:dc:3c:a3:7e:7a:92:c3: cc:08:94:1c:83:0a:7a:fe:ea:b9:98:8c:3e:f6:0e:70:1a:f6: 9c:41:6f:54:56:b6:d1:e1:7e:13:9d:07:b2:6e:37:eb:f7:bd: c8:b5:ad:dc:da:d6:fe:e3:a7:d9:37:ba:0d:aa:8f:cd:74:81: 31:2d:af:06:70:f0:47:09:8b:55:83:23:7a:30:10:fc:f8:03: 35:48:dd:61:b1:c8:55:55:de:8b:1e:00:31:aa:47:01:fb:90: 52:47:56:dc -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUSHr6K2TgUjLv3nnQ0h4wOOcLStowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjEwOFoX DTI3MDUwMTA5MjYwOFowMzExMC8GA1UEAxMoQ0IwNzg1NzUwRkMwQ0ZCQUYwODFE REZCRDFDQUQzQzlDN0RFQUVFMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALpd4uzDi0Q39njE5toZqi9RNTQEuZ5UTccPZbThPubGqMeNjKUYcjfVnSsx qeh/iD4Xi1NULpOtjHBbMnk8F6vhbifuFgcB2h+giKFMJpvwX3RdteDqNrY4fxrH 5qYFwPdAs8lShfxdjKzaEi9vItMgyHsOdf1g7BASHIB4eILeIxcK+btOF1BuLhKM dC+U6lacgQgKf0IDHA4FAjLQdQxu4/NAVpNISTqzJ6GPvkFFZOwTyeixGBAjh+k2 EoPtkzbKKrYHv5pGGmEdCQ8RTsbWVbnM/m13aPPWuKTu7/OV3YHSStwXvFgeO4tE FG2KwICAVT8xZKSKaowH4wSYGu8CAwEAAaOCAc8wggHLMB0GA1UdDgQWBBTLB4V1 D8DPuvCB3fvRytPJx96u4jAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUwOTIzLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN8v/AMA0GCSqGSIb3DQEBCwUAA4IBAQBocknNvWpmleQwJqCrHcWy YGvJpOufqS8Cj6N/UpedXkmBOskYsJIr+2C2/+jN8nUrohEq6RHA3xQkdSgOa6H8 eW1Gni7GNZRYocjXr4krwOCNvvfNXLzwFXLlkvcHW2nHOg0qXz/9kgcJh/ZXWBtw Uy95AqFqbOa3dnKTMUTHO64Cc/DxPPjcD9HKC5PaWEUxUwdZcNdDMtm/Tdw8o356 ksPMCJQcgwp6/uq5mIw+9g5wGvacQW9UVrbR4X4TnQeybjfr973Ita3c2tb+46fZ N7oNqo/NdIExLa8GcPBHCYtVgyN6MBD8+AM1SN1hschVVd6LHgAxqkcB+5BSR1bc -----END CERTIFICATE-----Generated at Sun May 3 01:44:43 2026 by rpki-client