$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS150936.roa File: AS150936.roa (raw, json) Hash identifier: vaQbpEtz7pHPskGM+cuCq3h6i176fxaOwlQTL3ZWLMo= Subject key identifier: 5A:C3:40:DB:63:C5:55:6E:3B:04:8F:CF:BA:0C:C5:F2:69:C6:8A:24 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 5D2A6C64AFC3B8C81EC33FA353F81B998C6DACD3 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150936.roa Signing time: Sat 02 May 2026 09:26:05 +0000 ROA not before: Sat 02 May 2026 09:21:05 +0000 ROA not after: Sat 01 May 2027 09:26:05 +0000 asID: 150936 IP address blocks: 2001:df3:19c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:2a:6c:64:af:c3:b8:c8:1e:c3:3f:a3:53:f8:1b:99:8c:6d:ac:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:21:05 2026 GMT Not After : May 1 09:26:05 2027 GMT Subject: CN=5AC340DB63C5556E3B048FCFBA0CC5F269C68A24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:9b:fc:09:57:27:1a:9e:07:cc:90:9c:a0:e4: 05:d5:2a:8d:84:43:99:a8:6b:5b:fb:43:b0:b1:b7: f3:bf:8a:7a:5a:6a:54:e6:c1:23:b0:72:4c:cb:41: 06:de:55:19:c3:f4:44:d1:95:89:b4:5e:71:54:32: 14:64:5c:3a:3d:99:bd:6c:d6:e3:38:ba:0d:fd:40: 2a:29:b4:7b:9e:de:45:4f:65:a0:b5:ca:88:3f:94: 1c:84:d1:64:40:39:77:37:c6:62:33:fa:69:c4:f5: c0:50:34:a9:17:ab:4e:9e:f7:d3:77:9c:cb:bc:8e: 6d:48:f9:3b:f4:cf:11:47:9f:8c:8f:e4:aa:0a:b1: fa:dd:9a:eb:84:8a:f6:1f:02:5f:51:ef:bb:6f:4d: 12:ac:47:95:a2:d6:8c:6f:9c:56:77:2e:9f:67:fd: 7e:1b:eb:b0:66:73:34:57:92:0e:fa:cb:72:f3:e9: 93:99:24:17:f3:0f:cd:68:8b:7b:32:81:15:63:9c: e4:80:6c:c0:4f:17:d6:25:fd:98:8a:91:f1:dc:65: 53:42:3e:7a:9f:9f:3a:46:91:73:58:b4:d4:e9:67: bb:cf:06:fc:13:a5:35:ce:be:ed:a3:55:b8:6f:ae: 0e:97:e7:b7:b5:cc:9c:5f:a5:d8:b9:d9:46:a3:aa: 14:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:C3:40:DB:63:C5:55:6E:3B:04:8F:CF:BA:0C:C5:F2:69:C6:8A:24 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150936.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:19c0::/48 Signature Algorithm: sha256WithRSAEncryption 1e:28:ca:6f:05:00:0e:02:ce:82:1a:13:a1:e5:a5:63:c5:6a: 77:10:30:3f:2a:bc:0d:2d:2d:77:30:b1:61:b9:b1:3d:07:de: 81:aa:28:ae:49:21:49:2e:41:41:e0:5f:9b:86:77:83:f9:cc: 37:61:76:42:fa:9d:7b:90:25:e0:97:d5:93:65:36:42:85:bc: e3:af:4f:99:8c:c9:36:be:57:fa:fe:67:64:88:24:15:ca:d0: 10:0a:2f:5c:0b:2d:1c:69:92:d9:69:d3:1d:51:6b:7a:21:0c: b9:e3:03:68:f2:35:2f:cf:69:a4:a6:b3:06:11:9d:0f:a5:5e: 38:3c:5c:9b:0b:e7:ac:a9:d1:79:99:80:dc:01:ad:64:6f:46: 72:85:3a:01:1e:45:77:cd:00:0b:f2:c0:6a:92:2e:9a:9e:b9: f6:8d:ba:33:62:1d:e2:41:91:88:b1:10:d4:56:6f:f1:53:3c: 6a:e3:82:a6:4e:aa:54:87:20:91:f1:7a:34:dc:ca:f8:a8:b1: 6d:bf:0e:48:9e:67:e8:ac:83:07:7d:b1:7a:c8:15:98:3a:db: 80:a4:45:2f:ca:13:3d:c1:6c:d4:7a:eb:b8:8d:b0:c1:fd:4e: ea:80:5a:e9:48:20:a5:50:d3:3f:af:08:b6:ee:3a:c2:7d:99: 00:63:a7:35 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUXSpsZK/DuMgewz+jU/gbmYxtrNMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjEwNVoX DTI3MDUwMTA5MjYwNVowMzExMC8GA1UEAxMoNUFDMzQwREI2M0M1NTU2RTNCMDQ4 RkNGQkEwQ0M1RjI2OUM2OEEyNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMCb/AlXJxqeB8yQnKDkBdUqjYRDmahrW/tDsLG387+KelpqVObBI7ByTMtB Bt5VGcP0RNGVibRecVQyFGRcOj2ZvWzW4zi6Df1AKim0e57eRU9loLXKiD+UHITR ZEA5dzfGYjP6acT1wFA0qRerTp7303ecy7yObUj5O/TPEUefjI/kqgqx+t2a64SK 9h8CX1Hvu29NEqxHlaLWjG+cVncun2f9fhvrsGZzNFeSDvrLcvPpk5kkF/MPzWiL ezKBFWOc5IBswE8X1iX9mIqR8dxlU0I+ep+fOkaRc1i01Olnu88G/BOlNc6+7aNV uG+uDpfnt7XMnF+l2LnZRqOqFOcCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBRaw0Db Y8VVbjsEj8+6DMXyacaKJDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUwOTM2LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN8xnAMA0GCSqGSIb3DQEBCwUAA4IBAQAeKMpvBQAOAs6CGhOh5aVj xWp3EDA/KrwNLS13MLFhubE9B96BqiiuSSFJLkFB4F+bhneD+cw3YXZC+p17kCXg l9WTZTZChbzjr0+ZjMk2vlf6/mdkiCQVytAQCi9cCy0caZLZadMdUWt6IQy54wNo 8jUvz2mkprMGEZ0PpV44PFybC+esqdF5mYDcAa1kb0ZyhToBHkV3zQAL8sBqki6a nrn2jbozYh3iQZGIsRDUVm/xUzxq44KmTqpUhyCR8Xo03Mr4qLFtvw5InmforIMH fbF6yBWYOtuApEUvyhM9wWzUeuu4jbDB/U7qgFrpSCClUNM/rwi27jrCfZkAY6c1 -----END CERTIFICATE-----Generated at Sun May 3 00:41:43 2026 by rpki-client