$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149324.roa File: AS149324.roa (raw, json) Hash identifier: ik9BvBBrQTkXc/EG9EEYd5KMUTqoY5ojL6he5QLtkkA= Subject key identifier: E4:FE:2B:8F:72:DE:09:C2:3C:14:48:6F:23:FF:14:70:33:D7:C4:AE Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 25D73CA3DFC873CAC7AF59DB5CEEF78038816BD0 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149324.roa Signing time: Wed 25 Feb 2026 05:00:00 +0000 ROA not before: Wed 25 Feb 2026 04:55:00 +0000 ROA not after: Wed 24 Feb 2027 05:00:00 +0000 asID: 149324 IP address blocks: 2001:df0:5dc0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:17:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:d7:3c:a3:df:c8:73:ca:c7:af:59:db:5c:ee:f7:80:38:81:6b:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Feb 25 04:55:00 2026 GMT Not After : Feb 24 05:00:00 2027 GMT Subject: CN=E4FE2B8F72DE09C23C14486F23FF147033D7C4AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:62:4b:d2:b0:8a:e3:29:3b:e5:f7:e5:c2:d9: 77:c9:94:77:79:e5:19:34:97:4b:b4:48:96:c0:cc: 3d:c5:00:e1:cd:27:b5:ab:17:d4:d5:09:59:a9:c2: 1e:bb:19:b8:4d:98:c5:32:a0:36:22:fa:e3:bd:48: 87:ed:49:c6:26:46:f6:ab:6e:97:6c:1c:24:4e:3a: fc:2f:59:8e:90:ac:75:65:3e:17:70:cd:75:e3:55: b2:9f:41:90:b6:6e:21:8e:0c:4a:4a:e2:42:85:23: c5:6f:a0:af:37:2b:f4:17:23:76:3a:e4:a9:f0:85: f7:63:c0:0a:b4:5d:d1:84:a1:15:97:7d:ca:87:45: 84:89:c7:ee:7d:76:b3:5e:b7:b0:dd:a0:54:73:5e: 1b:9b:61:b6:e3:00:15:f2:a1:36:a6:b6:8d:6d:08: 71:bb:ae:86:f4:6e:df:18:dc:10:45:7b:3a:3a:db: 5d:08:ed:10:c6:be:99:28:0d:69:06:64:62:19:58: a0:89:0e:c9:14:8f:cf:e9:ee:29:97:b2:90:50:8e: 39:77:f6:51:74:2a:26:ea:25:7b:fa:4e:a2:ff:ba: bf:88:38:05:88:0c:73:2c:2b:90:eb:89:66:09:9b: 46:19:13:43:fc:10:15:1e:b0:cf:c0:62:b5:07:10: 6e:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:FE:2B:8F:72:DE:09:C2:3C:14:48:6F:23:FF:14:70:33:D7:C4:AE X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149324.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df0:5dc0::/48 Signature Algorithm: sha256WithRSAEncryption 44:ec:4e:52:b2:a0:9a:41:a9:5c:e1:7a:18:d1:e5:bb:7e:24: 04:8d:00:2a:01:64:73:9b:02:bd:ca:58:f1:6a:94:2a:2c:b3: ef:bd:d3:ae:52:e1:74:3f:f0:55:99:be:36:ff:d8:a5:c3:18: 0d:fe:71:ea:5d:a4:a9:85:81:7a:15:40:62:51:52:64:e3:d9: 5a:0e:20:23:90:47:23:a4:1a:e7:bf:f2:93:0e:d4:89:28:57: a6:d4:35:10:4d:02:49:cd:23:20:16:83:ce:dc:7c:03:7f:ec: c0:76:9e:d3:32:2e:95:20:d4:f9:69:55:9c:53:2d:8a:57:cd: da:27:d0:13:da:7a:07:28:0d:25:3c:1f:fb:68:d3:cd:6a:8f: 92:e4:f8:7b:aa:43:38:20:c7:19:87:df:c2:53:55:33:9d:66: a7:06:1f:4f:a9:b2:7f:f4:66:da:f8:f6:c4:36:98:43:3f:61: a8:ab:b5:a6:3f:e7:07:70:91:ca:47:ef:75:84:c8:4f:12:20: 75:9b:f7:b1:f2:c9:6c:a0:9a:d8:f1:69:eb:f4:b8:72:08:0a: 48:3c:b4:eb:aa:a1:01:d6:1f:68:f0:2a:44:f9:42:18:27:62: 36:ad:f6:66:18:16:55:b1:b6:0c:5b:35:fd:4c:e6:61:04:ec: b4:d7:15:f0 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUJdc8o9/Ic8rHr1nbXO73gDiBa9AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDIyNTA0NTUwMFoX DTI3MDIyNDA1MDAwMFowMzExMC8GA1UEAxMoRTRGRTJCOEY3MkRFMDlDMjNDMTQ0 ODZGMjNGRjE0NzAzM0Q3QzRBRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK9iS9KwiuMpO+X35cLZd8mUd3nlGTSXS7RIlsDMPcUA4c0ntasX1NUJWanC HrsZuE2YxTKgNiL6471Ih+1JxiZG9qtul2wcJE46/C9ZjpCsdWU+F3DNdeNVsp9B kLZuIY4MSkriQoUjxW+grzcr9BcjdjrkqfCF92PACrRd0YShFZd9yodFhInH7n12 s163sN2gVHNeG5thtuMAFfKhNqa2jW0IcbuuhvRu3xjcEEV7OjrbXQjtEMa+mSgN aQZkYhlYoIkOyRSPz+nuKZeykFCOOXf2UXQqJuole/pOov+6v4g4BYgMcywrkOuJ ZgmbRhkTQ/wQFR6wz8BitQcQbq8CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBTk/iuP ct4JwjwUSG8j/xRwM9fErjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTMyNC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfBdwDANBgkqhkiG9w0BAQsFAAOCAQEAROxOUrKgmkGpXOF6 GNHlu34kBI0AKgFkc5sCvcpY8WqUKiyz773TrlLhdD/wVZm+Nv/YpcMYDf5x6l2k qYWBehVAYlFSZOPZWg4gI5BHI6Qa57/ykw7UiShXptQ1EE0CSc0jIBaDztx8A3/s wHae0zIulSDU+WlVnFMtilfN2ifQE9p6BygNJTwf+2jTzWqPkuT4e6pDOCDHGYff wlNVM51mpwYfT6myf/Rm2vj2xDaYQz9hqKu1pj/nB3CRykfvdYTITxIgdZv3sfLJ bKCa2PFp6/S4cggKSDy066qhAdYfaPAqRPlCGCdiNq32ZhgWVbG2DFs1/UzmYQTs tNcV8A== -----END CERTIFICATE-----Generated at Sun Mar 1 22:00:38 2026 by rpki-client