$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS150948.roa File: AS150948.roa (raw, json) Hash identifier: CGzYmzyd6yO7X3EXFzcYI+a27kzhrRdEYkqbgf5y9Oc= Subject key identifier: 9B:1C:10:F1:B4:56:63:E2:07:42:02:CD:EA:86:B0:FF:06:EB:2F:5A Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 2A1B231FF87BFD8D025F7006698AB7A8DECF8430 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150948.roa Signing time: Sat 02 May 2026 08:34:56 +0000 ROA not before: Sat 02 May 2026 08:29:56 +0000 ROA not after: Sat 01 May 2027 08:34:56 +0000 asID: 150948 IP address blocks: 103.107.138.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:1b:23:1f:f8:7b:fd:8d:02:5f:70:06:69:8a:b7:a8:de:cf:84:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 08:29:56 2026 GMT Not After : May 1 08:34:56 2027 GMT Subject: CN=9B1C10F1B45663E2074202CDEA86B0FF06EB2F5A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:60:2e:7a:fd:6d:64:ce:6a:b8:d3:88:d8:34: 13:a7:ca:44:77:3b:89:bb:be:86:68:d5:36:16:08: 71:3e:dd:4e:dc:eb:3d:a7:6c:01:de:d8:4d:0d:b6: 2e:89:14:6d:da:94:1f:0d:6d:13:5a:8d:c1:d3:36: c1:a2:49:5c:05:de:7f:29:59:b4:40:0d:23:87:97: e9:32:48:ca:93:99:a4:c7:5b:5c:19:cc:db:48:a3: 9b:e2:77:36:5c:ed:ea:c0:06:0d:58:d8:46:05:21: 67:58:f5:7a:ae:18:b1:2e:c4:e3:53:ae:90:13:28: bc:c5:50:c7:35:21:2d:6a:09:11:ee:73:38:de:df: 70:16:1b:8c:1a:c1:69:df:66:12:f2:03:82:d6:b5: 81:a7:ef:b6:e1:f6:9c:ce:77:36:90:de:30:c0:1e: da:ea:b3:81:d7:9f:94:bf:be:db:18:cd:0d:c1:8e: 26:6d:b6:ce:22:6e:b3:d8:41:09:a6:b7:a5:de:bf: ca:de:02:ad:98:88:41:a5:97:0c:34:01:db:f6:e9: a9:46:7e:1d:d9:ff:c9:5a:b1:ef:fa:51:f9:74:44: 59:92:2b:95:94:bd:45:c1:bc:62:4d:f0:47:a9:ad: 2b:69:59:15:f4:e5:6c:a0:8b:42:f6:c4:74:0e:e8: ad:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:1C:10:F1:B4:56:63:E2:07:42:02:CD:EA:86:B0:FF:06:EB:2F:5A X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150948.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.107.138.0/23 Signature Algorithm: sha256WithRSAEncryption 66:83:a3:ef:85:ee:57:ab:d8:69:34:25:25:1b:af:0e:3a:d8: 7e:7a:55:2c:eb:76:ee:9b:1e:d2:cd:a1:ce:d9:ea:30:b4:3c: 7e:c7:f2:ce:ef:64:7b:aa:96:a6:b5:36:8e:3a:60:b9:d7:ea: c3:0a:e6:c1:15:82:32:6b:f1:01:17:9d:64:9d:dc:7c:c1:f8: 3a:d7:d1:54:65:da:6e:b8:6f:c5:ed:4b:60:62:83:0b:76:60: f7:0d:7c:26:c9:24:48:46:07:4e:50:7c:ec:ed:0b:77:4d:d8: f3:13:1e:8a:3b:1a:20:58:26:16:d7:08:63:39:3a:40:a3:1a: 62:f2:bc:73:e6:a5:30:43:7b:ed:a4:e0:3f:41:d5:e4:68:a0: f5:83:49:a9:f4:85:a9:57:34:c8:69:32:4a:81:2b:5d:d8:04: f1:d2:c1:b3:04:21:93:07:c1:ba:6a:9a:38:5a:16:10:7b:2f: dd:b8:1a:b6:75:ce:41:0b:00:06:5a:ef:2b:34:6e:20:38:c0: 4f:fc:66:ab:bc:8e:70:e3:c6:78:0b:d3:29:c0:7a:37:f4:63: b3:73:07:6d:b2:6f:ab:fa:93:1c:fe:29:e9:ae:d7:2e:14:7e: 50:3a:5a:90:4c:7d:47:7b:33:cd:ad:d4:7a:75:69:0c:7d:92: 65:7b:c0:c1 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUKhsjH/h7/Y0CX3AGaYq3qN7PhDAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA4Mjk1NloX DTI3MDUwMTA4MzQ1NlowMzExMC8GA1UEAxMoOUIxQzEwRjFCNDU2NjNFMjA3NDIw MkNERUE4NkIwRkYwNkVCMkY1QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI5gLnr9bWTOarjTiNg0E6fKRHc7ibu+hmjVNhYIcT7dTtzrPadsAd7YTQ22 LokUbdqUHw1tE1qNwdM2waJJXAXefylZtEANI4eX6TJIypOZpMdbXBnM20ijm+J3 Nlzt6sAGDVjYRgUhZ1j1eq4YsS7E41OukBMovMVQxzUhLWoJEe5zON7fcBYbjBrB ad9mEvIDgta1gafvtuH2nM53NpDeMMAe2uqzgdeflL++2xjNDcGOJm22ziJus9hB Caa3pd6/yt4CrZiIQaWXDDQB2/bpqUZ+Hdn/yVqx7/pR+XREWZIrlZS9RcG8Yk3w R6mtK2lZFfTlbKCLQvbEdA7oreUCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSbHBDx tFZj4gdCAs3qhrD/BusvWjAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUwOTQ4LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBZ2uKMA0GCSqGSIb3DQEBCwUAA4IBAQBmg6Pvhe5Xq9hpNCUlG68OOth+ elUs63bumx7SzaHO2eowtDx+x/LO72R7qpamtTaOOmC51+rDCubBFYIya/EBF51k ndx8wfg619FUZdpuuG/F7UtgYoMLdmD3DXwmySRIRgdOUHzs7Qt3TdjzEx6KOxog WCYW1whjOTpAoxpi8rxz5qUwQ3vtpOA/QdXkaKD1g0mp9IWpVzTIaTJKgStd2ATx 0sGzBCGTB8G6apo4WhYQey/duBq2dc5BCwAGWu8rNG4gOMBP/GarvI5w48Z4C9Mp wHo39GOzcwdtsm+r+pMc/inprtcuFH5QOlqQTH1HezPNrdR6dWkMfZJle8DB -----END CERTIFICATE-----Generated at Sun May 3 00:41:14 2026 by rpki-client