$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149972.roa File: AS149972.roa (raw, json) Hash identifier: xTA9ZsqQ60aW8h28s/CduonZvxcnklcVQfAOGmNO8k8= Subject key identifier: 0C:0D:25:9D:6D:E3:4D:E9:BA:FB:E5:32:F1:2D:C3:60:6C:DD:3B:13 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 348CB3DF1B1E6473FCD224AAE59CAFE7739C4C77 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149972.roa Signing time: Tue 22 Jul 2025 06:32:20 +0000 ROA not before: Tue 22 Jul 2025 06:27:20 +0000 ROA not after: Tue 21 Jul 2026 06:32:20 +0000 asID: 149972 IP address blocks: 2001:df1:3340::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 00:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:8c:b3:df:1b:1e:64:73:fc:d2:24:aa:e5:9c:af:e7:73:9c:4c:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 22 06:27:20 2025 GMT Not After : Jul 21 06:32:20 2026 GMT Subject: CN=0C0D259D6DE34DE9BAFBE532F12DC3606CDD3B13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:5b:34:cf:20:f3:b6:c0:e3:19:88:aa:e9:78: 09:88:8b:e0:16:95:cc:9b:a3:b3:51:a3:00:b6:5e: 12:cb:6b:36:ac:cf:fd:39:79:12:0f:43:38:d8:63: 2b:79:15:ce:93:b9:f0:d4:d0:73:eb:56:41:86:99: 49:f9:3b:50:99:fb:d2:c0:58:7d:57:bd:16:3b:2b: 9b:ea:94:82:47:ce:fb:97:00:4f:e8:89:a9:1d:fe: da:b4:3f:ae:50:a9:db:1b:08:c7:0b:fd:6b:94:7d: 09:2a:49:96:bc:fb:71:6e:44:27:76:ad:7e:81:20: c2:f3:9a:26:b3:67:2a:af:74:d3:c5:58:79:b1:cc: 19:fe:53:8e:b1:62:d9:73:66:fe:ac:0b:75:19:86: c9:14:97:4c:24:2c:7d:00:88:ee:b2:84:25:03:c8: 94:66:5d:06:e2:1e:7c:68:6c:c2:80:b8:32:18:47: f6:22:08:55:38:83:47:26:9d:36:cd:6b:9b:46:5d: e2:7c:5e:52:21:b6:a6:41:e8:51:f4:e1:f0:eb:ac: d0:2d:0b:de:cd:cc:6f:a6:3f:a7:56:3b:26:bf:7d: 29:d8:ce:7f:04:cb:a6:9b:46:06:ef:60:09:ea:25: f3:52:be:6b:11:74:35:29:a0:06:0b:18:2a:c1:d2: 5b:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:0D:25:9D:6D:E3:4D:E9:BA:FB:E5:32:F1:2D:C3:60:6C:DD:3B:13 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149972.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:3340::/48 Signature Algorithm: sha256WithRSAEncryption 56:62:72:a8:23:8e:26:fd:63:0e:d1:ab:4c:5f:e2:5b:a1:d9: c3:b8:51:01:91:d3:1a:63:01:42:48:db:b2:26:78:5f:98:1d: 0f:29:59:a0:cc:60:d4:d5:ab:ca:3d:85:67:4b:9a:5d:2d:56: d4:81:fc:bc:e0:f5:e5:39:b1:48:a5:93:4d:9d:92:13:f2:2f: 6f:9d:08:c8:b4:2d:ee:36:a2:59:22:e9:8b:31:62:ff:a3:4f: 0d:ac:e7:11:b6:63:f3:0e:84:b8:76:81:f9:6a:14:ad:8a:1e: 61:22:cb:ef:f4:2e:1a:c0:cd:3d:6f:cd:0f:59:4b:5a:65:68: 11:92:4c:7d:f8:0a:d0:34:a1:a8:15:35:33:a3:c7:eb:1a:0a: 2b:e2:7b:36:45:a2:19:a7:4c:bc:88:9d:21:f1:87:db:c1:23: 08:4f:58:0d:45:c9:22:32:5b:31:47:cb:7b:f3:7f:7c:b8:6a: 54:91:6d:45:59:7a:2d:fb:14:88:3a:0a:83:69:bd:8a:36:49: 03:b7:e4:8e:48:a9:16:af:62:1d:a6:5b:20:4e:e5:5d:06:3f: c2:e5:52:9f:27:dc:eb:ea:92:74:cb:79:1b:9e:5c:fe:1f:28: e9:db:ec:c5:d9:77:d4:15:34:e3:22:8d:6f:35:a8:9f:d1:7c: cf:1e:8d:b0 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUNIyz3xseZHP80iSq5Zyv53OcTHcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDcyMjA2MjcyMFoX DTI2MDcyMTA2MzIyMFowMzExMC8GA1UEAxMoMEMwRDI1OUQ2REUzNERFOUJBRkJF NTMyRjEyREMzNjA2Q0REM0IxMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOJbNM8g87bA4xmIqul4CYiL4BaVzJujs1GjALZeEstrNqzP/Tl5Eg9DONhj K3kVzpO58NTQc+tWQYaZSfk7UJn70sBYfVe9Fjsrm+qUgkfO+5cAT+iJqR3+2rQ/ rlCp2xsIxwv9a5R9CSpJlrz7cW5EJ3atfoEgwvOaJrNnKq9008VYebHMGf5TjrFi 2XNm/qwLdRmGyRSXTCQsfQCI7rKEJQPIlGZdBuIefGhswoC4MhhH9iIIVTiDRyad Ns1rm0Zd4nxeUiG2pkHoUfTh8Ous0C0L3s3Mb6Y/p1Y7Jr99KdjOfwTLpptGBu9g Ceol81K+axF0NSmgBgsYKsHSW08CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQMDSWd beNN6br75TLxLcNgbN07EzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTk3Mi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfEzQDANBgkqhkiG9w0BAQsFAAOCAQEAVmJyqCOOJv1jDtGr TF/iW6HZw7hRAZHTGmMBQkjbsiZ4X5gdDylZoMxg1NWryj2FZ0uaXS1W1IH8vOD1 5TmxSKWTTZ2SE/Ivb50IyLQt7jaiWSLpizFi/6NPDaznEbZj8w6EuHaB+WoUrYoe YSLL7/QuGsDNPW/ND1lLWmVoEZJMffgK0DShqBU1M6PH6xoKK+J7NkWiGadMvIid IfGH28EjCE9YDUXJIjJbMUfLe/N/fLhqVJFtRVl6LfsUiDoKg2m9ijZJA7fkjkip Fq9iHaZbIE7lXQY/wuVSnyfc6+qSdMt5G55c/h8o6dvsxdl31BU04yKNbzWon9F8 zx6NsA== -----END CERTIFICATE-----Generated at Mon Nov 3 19:31:27 2025 by rpki-client