$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS150968.roa File: AS150968.roa (raw, json) Hash identifier: 7m654hbFH3hBCcdl6AOV/uBm8tIH0vPyjIZ5hhUmvHk= Subject key identifier: 89:86:9E:E3:66:37:0E:82:F2:8C:69:3F:40:51:07:A7:84:28:14:EA Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 11C59431A85AE69D07E9572E5466CE9AC09E9566 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150968.roa Signing time: Sat 02 May 2026 17:07:38 +0000 ROA not before: Sat 02 May 2026 17:02:38 +0000 ROA not after: Sat 01 May 2027 17:07:38 +0000 asID: 150968 IP address blocks: 103.123.174.0/23 maxlen: 24 103.178.14.0/23 maxlen: 24 2001:df2:e340::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:c5:94:31:a8:5a:e6:9d:07:e9:57:2e:54:66:ce:9a:c0:9e:95:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 17:02:38 2026 GMT Not After : May 1 17:07:38 2027 GMT Subject: CN=89869EE366370E82F28C693F405107A7842814EA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:48:6a:d1:fc:8d:f7:96:30:10:cc:cf:ac:da: 5f:70:02:1a:c9:1f:4a:d6:46:8d:8a:2e:00:7e:c1: 30:e5:5c:6f:05:38:8d:63:22:91:ea:1f:c6:3e:9e: e6:88:8f:2a:08:43:a4:44:da:3f:49:4c:69:94:67: bd:1f:26:8a:71:d0:6c:d5:47:eb:75:69:c9:68:24: af:97:da:25:e3:75:f0:38:aa:35:3d:94:a6:bd:82: c4:a1:09:fe:9a:ed:0a:29:af:2e:f6:3e:c4:50:72: 76:6b:0b:f1:15:8f:64:2d:c6:c2:e4:5e:2d:1d:9a: a3:00:31:57:68:e4:fc:81:75:99:ac:01:55:9b:37: e7:ce:4f:43:09:9b:93:8c:aa:ff:02:bd:e7:93:97: 3d:3d:d5:fa:8a:92:76:9a:81:bf:4a:e0:80:82:59: 4c:45:22:bc:f8:8a:c5:3e:b0:2a:80:72:0f:fd:96: f9:f1:41:0f:0a:00:54:4e:28:27:9a:14:61:86:f5: 3d:ad:7e:82:f6:67:8c:b6:1f:0d:ee:fd:10:c7:65: 65:24:1e:f5:ab:cb:8b:57:24:36:c6:a8:42:e2:16: 01:30:4a:78:7e:ae:32:b9:96:98:c1:7d:9d:70:b7: 17:08:3c:00:64:fc:69:c1:0d:4b:cb:af:7b:95:5a: dc:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:86:9E:E3:66:37:0E:82:F2:8C:69:3F:40:51:07:A7:84:28:14:EA X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150968.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.123.174.0/23 103.178.14.0/23 IPv6: 2001:df2:e340::/48 Signature Algorithm: sha256WithRSAEncryption 4d:2f:d3:6a:b4:92:03:63:8d:77:41:18:9b:9c:40:b2:20:1c: 6a:cc:d0:b0:48:5f:2c:88:71:a0:47:b8:17:4b:e5:95:49:b8: 08:a0:66:60:8d:8e:91:04:f6:9c:47:c8:6e:49:77:50:ed:05: 84:a8:93:cf:c1:7b:2c:fe:d1:70:1f:f3:98:86:04:7a:ed:59: 0c:78:c8:8a:92:dc:4f:5c:7b:02:07:a7:34:63:74:74:5c:a2: cb:e6:2e:de:fd:f4:49:75:01:d3:1a:15:c7:ca:7b:05:50:da: d4:85:ad:3e:b0:e5:24:7c:e0:4e:0d:08:ae:fe:49:21:11:04: 09:75:cd:22:10:bc:71:91:60:51:ef:06:a0:eb:98:43:3c:df: f2:82:1f:6f:df:a8:0d:bc:20:03:a1:7b:49:83:f7:65:3a:a0: 49:26:bc:6a:4f:9e:05:10:90:8e:b5:e7:a5:c9:b8:98:bf:f4: 82:fa:08:3e:6f:f0:5b:a5:c4:de:c1:42:eb:1e:81:4f:ec:05: 33:7d:23:2c:55:0a:90:d1:f2:ca:29:80:55:bc:a1:fe:fa:91: d3:64:45:82:98:3a:30:8e:47:87:13:35:94:e7:30:a8:45:e9: fa:2a:90:e4:52:89:6c:99:0c:d9:56:be:1b:53:11:8e:9d:c8: 31:a2:76:f9 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgIUEcWUMaha5p0H6VcuVGbOmsCelWYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjE3MDIzOFoX DTI3MDUwMTE3MDczOFowMzExMC8GA1UEAxMoODk4NjlFRTM2NjM3MEU4MkYyOEM2 OTNGNDA1MTA3QTc4NDI4MTRFQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALFIatH8jfeWMBDMz6zaX3ACGskfStZGjYouAH7BMOVcbwU4jWMikeofxj6e 5oiPKghDpETaP0lMaZRnvR8minHQbNVH63VpyWgkr5faJeN18DiqNT2Upr2CxKEJ /prtCimvLvY+xFBydmsL8RWPZC3GwuReLR2aowAxV2jk/IF1mawBVZs3585PQwmb k4yq/wK955OXPT3V+oqSdpqBv0rggIJZTEUivPiKxT6wKoByD/2W+fFBDwoAVE4o J5oUYYb1Pa1+gvZnjLYfDe79EMdlZSQe9avLi1ckNsaoQuIWATBKeH6uMrmWmMF9 nXC3Fwg8AGT8acENS8uve5Va3KUCAwEAAaOCAeMwggHfMB0GA1UdDgQWBBSJhp7j ZjcOgvKMaT9AUQenhCgU6jAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUwOTY4LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIA ATAMAwQBZ3uuAwQBZ7IOMA8EAgACMAkDBwAgAQ3y40AwDQYJKoZIhvcNAQELBQAD ggEBAE0v02q0kgNjjXdBGJucQLIgHGrM0LBIXyyIcaBHuBdL5ZVJuAigZmCNjpEE 9pxHyG5Jd1DtBYSok8/Beyz+0XAf85iGBHrtWQx4yIqS3E9cewIHpzRjdHRcosvm Lt799El1AdMaFcfKewVQ2tSFrT6w5SR84E4NCK7+SSERBAl1zSIQvHGRYFHvBqDr mEM83/KCH2/fqA28IAOhe0mD92U6oEkmvGpPngUQkI6156XJuJi/9IL6CD5v8Ful xN7BQusegU/sBTN9IyxVCpDR8sopgFW8of76kdNkRYKYOjCOR4cTNZTnMKhF6foq kORSiWyZDNlWvhtTEY6dyDGidvk= -----END CERTIFICATE-----Generated at Sun May 3 00:40:24 2026 by rpki-client