$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS150986.roa File: AS150986.roa (raw, json) Hash identifier: DS6td1r1qKrpb9FNN4XEk/FfWyVJiO6cMtPtCfOkWJ8= Subject key identifier: 30:59:41:D2:7B:E7:FA:63:03:A7:69:B3:D3:3A:3A:42:B8:B0:B5:3E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 37FC86E7CFCEE80C5EC9E359344FEFFC5B892EFF Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150986.roa Signing time: Sat 02 May 2026 09:25:49 +0000 ROA not before: Sat 02 May 2026 09:20:49 +0000 ROA not after: Sat 01 May 2027 09:25:49 +0000 asID: 150986 IP address blocks: 103.193.146.0/23 maxlen: 24 2001:df2:afc0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:fc:86:e7:cf:ce:e8:0c:5e:c9:e3:59:34:4f:ef:fc:5b:89:2e:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:20:49 2026 GMT Not After : May 1 09:25:49 2027 GMT Subject: CN=305941D27BE7FA6303A769B3D33A3A42B8B0B53E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:ed:cc:ff:79:a4:d3:b5:56:a9:19:ab:61:f7: c7:0c:8a:44:28:ce:13:67:72:11:24:7e:a2:07:8d: 31:d3:e0:62:89:2c:13:3f:c0:c4:5d:0e:db:c8:18: a5:13:6e:c4:24:99:4b:72:bb:e6:01:3c:b6:80:62: f6:80:f5:cb:f3:51:b0:d7:b2:0a:c7:56:06:04:df: 43:42:c6:ed:42:9a:eb:5b:e1:42:0f:99:aa:d1:20: 93:29:b4:ec:b9:57:17:5c:e0:1c:56:20:2c:37:0d: 40:f9:7f:b0:44:2f:56:80:11:52:ca:8f:7b:db:80: 5e:9b:84:3a:f6:7e:36:4f:88:b5:a8:be:1e:21:72: 5e:0a:5e:e9:52:49:f4:23:99:70:e2:fb:2f:89:43: 28:82:e8:ef:96:a4:f1:48:d9:37:e9:e6:ef:7f:e0: 02:c1:b8:9b:ae:49:2e:2c:c7:6b:19:ab:17:4d:48: 81:a1:bc:6d:28:c1:b0:de:97:02:fc:40:9e:40:88: 17:12:76:97:d0:e6:28:f2:47:18:38:1b:8c:a8:93: b0:bc:84:99:f4:b3:e2:9f:30:c6:16:66:eb:0e:7c: 0e:0c:70:ea:3c:e9:4e:18:b1:a0:8b:c0:b6:c8:f4: d3:48:6c:da:da:91:cf:f1:21:2c:52:83:0c:21:33: 0d:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:59:41:D2:7B:E7:FA:63:03:A7:69:B3:D3:3A:3A:42:B8:B0:B5:3E X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150986.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.193.146.0/23 IPv6: 2001:df2:afc0::/48 Signature Algorithm: sha256WithRSAEncryption 54:8a:93:64:5d:51:41:13:b6:c5:7e:97:e1:cc:5d:7b:85:38: b4:aa:36:cc:23:51:32:15:3d:96:df:34:7d:65:ca:e5:d0:06: 01:8f:25:81:88:72:55:3a:2a:47:21:c4:88:42:e7:58:b8:d0: 30:7c:7f:13:ef:89:24:40:55:ea:27:73:df:78:62:6d:2b:0a: 9c:83:c3:96:8e:3e:1b:d5:fb:14:54:76:2e:74:5b:f0:ca:6a: 12:4e:ed:f6:ca:d3:21:b5:85:7e:26:1d:42:29:99:0a:a1:4a: 96:90:c8:ad:f1:7c:dd:a5:22:79:7e:98:8b:8f:1c:57:85:32: 8a:91:eb:98:02:81:3a:82:19:bc:8a:1e:15:32:ef:6e:04:18: a4:ac:3b:52:b0:da:5f:89:bc:0d:d2:5c:e8:d8:ba:66:b1:7b: c6:1b:b4:b9:9a:f3:95:f5:10:2f:e1:55:8e:57:11:1a:24:1c: a4:19:6f:ca:e4:60:c4:59:b3:8c:cd:f9:a5:17:e2:a6:7a:68: 53:78:ee:87:4c:f9:c2:9f:eb:53:b6:53:d5:5a:1a:ef:61:66: ac:ce:e2:67:74:4e:44:4c:27:85:3e:88:da:4d:b8:b3:a7:9e: 19:4d:b4:6b:c3:84:1a:fe:15:0a:1d:1f:62:f6:cc:62:90:86: fb:84:d9:79 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUN/yG58/O6AxeyeNZNE/v/FuJLv8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjA0OVoX DTI3MDUwMTA5MjU0OVowMzExMC8GA1UEAxMoMzA1OTQxRDI3QkU3RkE2MzAzQTc2 OUIzRDMzQTNBNDJCOEIwQjUzRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALPtzP95pNO1VqkZq2H3xwyKRCjOE2dyESR+ogeNMdPgYoksEz/AxF0O28gY pRNuxCSZS3K75gE8toBi9oD1y/NRsNeyCsdWBgTfQ0LG7UKa61vhQg+ZqtEgkym0 7LlXF1zgHFYgLDcNQPl/sEQvVoARUsqPe9uAXpuEOvZ+Nk+Itai+HiFyXgpe6VJJ 9COZcOL7L4lDKILo75ak8UjZN+nm73/gAsG4m65JLizHaxmrF01IgaG8bSjBsN6X AvxAnkCIFxJ2l9DmKPJHGDgbjKiTsLyEmfSz4p8wxhZm6w58Dgxw6jzpThixoIvA tsj000hs2tqRz/EhLFKDDCEzDe0CAwEAAaOCAd0wggHZMB0GA1UdDgQWBBQwWUHS e+f6YwOnabPTOjpCuLC1PjAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUwOTg2LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIA ATAGAwQBZ8GSMA8EAgACMAkDBwAgAQ3yr8AwDQYJKoZIhvcNAQELBQADggEBAFSK k2RdUUETtsV+l+HMXXuFOLSqNswjUTIVPZbfNH1lyuXQBgGPJYGIclU6KkchxIhC 51i40DB8fxPviSRAVeonc994Ym0rCpyDw5aOPhvV+xRUdi50W/DKahJO7fbK0yG1 hX4mHUIpmQqhSpaQyK3xfN2lInl+mIuPHFeFMoqR65gCgTqCGbyKHhUy724EGKSs O1Kw2l+JvA3SXOjYumaxe8YbtLma85X1EC/hVY5XERokHKQZb8rkYMRZs4zN+aUX 4qZ6aFN47odM+cKf61O2U9VaGu9hZqzO4md0TkRMJ4U+iNpNuLOnnhlNtGvDhBr+ FQodH2L2zGKQhvuE2Xk= -----END CERTIFICATE-----Generated at Sun May 3 00:41:11 2026 by rpki-client