$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150251.roa File: AS150251.roa (raw, json) Hash identifier: cfQ+5vXfLfpMoKP1ytEoD3iQVvge8wjXG3eRQmLgbL4= Subject key identifier: C8:D9:36:F6:BC:4E:F3:01:B1:87:4C:DA:E4:6A:A7:68:C0:D6:91:3B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 682BF8AF0D5EC009DF1B98D958E90849F8A0A5B8 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150251.roa Signing time: Mon 09 Jun 2025 07:00:00 +0000 ROA not before: Mon 09 Jun 2025 06:55:00 +0000 ROA not after: Mon 08 Jun 2026 07:00:00 +0000 asID: 150251 IP address blocks: 49.156.58.0/23 maxlen: 24 49.156.61.0/24 maxlen: 24 49.156.62.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 00:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:2b:f8:af:0d:5e:c0:09:df:1b:98:d9:58:e9:08:49:f8:a0:a5:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 9 06:55:00 2025 GMT Not After : Jun 8 07:00:00 2026 GMT Subject: CN=C8D936F6BC4EF301B1874CDAE46AA768C0D6913B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:4e:3b:b1:b0:bf:6c:f9:e7:f5:17:4a:da:c1: d8:f3:4b:9e:6d:11:72:bf:10:ed:8b:b0:4c:37:13: ad:05:4d:90:09:3a:44:69:91:06:0f:92:60:71:52: 8d:01:c9:04:df:2a:26:d7:98:9d:b0:0e:d2:a6:10: e6:95:6b:58:dd:e5:65:46:e5:ea:f9:56:2e:a1:ea: 39:57:a5:c4:1c:09:d5:6c:8d:27:c2:5d:4c:41:a9: ef:48:1d:17:ab:2f:55:5e:cb:8e:bb:0a:06:a6:24: b4:3f:68:87:b1:67:2a:09:68:53:2d:3f:5e:b8:96: 8d:3d:f9:d3:df:d2:07:c6:5c:d8:62:5d:7e:52:d3: ff:06:a8:53:38:ad:9b:4e:29:c7:a3:0b:11:30:31: fb:54:bc:3d:d4:5f:85:dd:38:b4:0f:c3:cb:c5:5c: 4a:51:54:c4:03:02:d7:e8:2f:b3:ae:11:d4:a4:80: c7:a5:a0:1b:bf:91:fc:2a:6c:f5:b2:c6:43:8f:64: ee:21:83:aa:73:66:f4:5d:07:28:58:88:4f:3f:fc: bb:96:ab:f5:71:01:17:a9:df:d4:17:4b:d9:93:ba: 51:08:a7:c3:89:09:a9:c7:69:50:34:aa:36:82:b4: a1:56:9f:20:9f:c3:ef:58:64:f9:64:28:de:8f:77: 29:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:D9:36:F6:BC:4E:F3:01:B1:87:4C:DA:E4:6A:A7:68:C0:D6:91:3B X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150251.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 49.156.58.0/23 49.156.61.0-49.156.63.255 Signature Algorithm: sha256WithRSAEncryption 2e:a3:6c:bb:70:42:d7:bd:ca:ac:0f:55:f9:b5:39:55:5c:16: 0a:d5:28:5d:2b:6d:d1:ae:4f:ad:0e:cd:cc:4c:b1:ae:d8:9d: 0f:67:99:42:2c:ee:d2:8e:28:ef:00:fc:d3:2c:e7:07:a4:c2: 55:52:6d:c6:ee:a9:86:24:6d:29:ac:a9:91:0d:ef:ac:53:f4: 86:27:48:48:a5:78:8f:83:29:fa:25:34:38:e1:07:81:54:03: b3:a6:a6:67:99:7b:a2:39:e5:9c:99:09:6b:da:94:0a:f2:d8: f1:c5:10:a1:a6:a8:58:30:0e:d6:29:90:51:94:68:bd:7b:e1: 48:1f:9a:17:33:ad:b0:a9:1a:eb:cb:74:cb:df:41:87:82:1d: 3e:a4:3e:1c:76:e6:0a:74:bd:ff:d5:89:20:8f:f4:65:82:98: 71:38:0e:69:8f:b4:85:69:42:b9:3b:5b:25:d2:33:33:4c:5c: 59:45:aa:88:5d:85:d4:0f:e8:45:80:d3:74:07:d3:1f:3f:99: 91:d0:0d:d3:48:92:21:cf:74:8a:e1:14:dd:0b:fb:69:0d:b3: c2:63:e6:14:9b:87:02:4d:6d:e2:13:6a:f6:91:97:9d:8f:21: 3d:a1:2c:d4:b8:a9:98:b6:9a:65:b6:8a:a5:c2:de:3a:b8:9d: c8:83:21:ec -----BEGIN CERTIFICATE----- MIIE6zCCA9OgAwIBAgIUaCv4rw1ewAnfG5jZWOkISfigpbgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYwOTA2NTUwMFoX DTI2MDYwODA3MDAwMFowMzExMC8GA1UEAxMoQzhEOTM2RjZCQzRFRjMwMUIxODc0 Q0RBRTQ2QUE3NjhDMEQ2OTEzQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANJOO7Gwv2z55/UXStrB2PNLnm0Rcr8Q7YuwTDcTrQVNkAk6RGmRBg+SYHFS jQHJBN8qJteYnbAO0qYQ5pVrWN3lZUbl6vlWLqHqOVelxBwJ1WyNJ8JdTEGp70gd F6svVV7LjrsKBqYktD9oh7FnKgloUy0/XriWjT3509/SB8Zc2GJdflLT/waoUzit m04px6MLETAx+1S8PdRfhd04tA/Dy8VcSlFUxAMC1+gvs64R1KSAx6WgG7+R/Cps 9bLGQ49k7iGDqnNm9F0HKFiITz/8u5ar9XEBF6nf1BdL2ZO6UQinw4kJqcdpUDSq NoK0oVafIJ/D71hk+WQo3o93KQ8CAwEAAaOCAd4wggHaMB0GA1UdDgQWBBTI2Tb2 vE7zAbGHTNrkaqdowNaROzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MDI1MS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQeMBww GgQCAAEwFAMEATGcOjAMAwQAMZw9AwQGMZwAMA0GCSqGSIb3DQEBCwUAA4IBAQAu o2y7cELXvcqsD1X5tTlVXBYK1ShdK23Rrk+tDs3MTLGu2J0PZ5lCLO7SjijvAPzT LOcHpMJVUm3G7qmGJG0prKmRDe+sU/SGJ0hIpXiPgyn6JTQ44QeBVAOzpqZnmXui OeWcmQlr2pQK8tjxxRChpqhYMA7WKZBRlGi9e+FIH5oXM62wqRrry3TL30GHgh0+ pD4cduYKdL3/1Ykgj/RlgphxOA5pj7SFaUK5O1sl0jMzTFxZRaqIXYXUD+hFgNN0 B9MfP5mR0A3TSJIhz3SK4RTdC/tpDbPCY+YUm4cCTW3iE2r2kZedjyE9oSzUuKmY tppltoqlwt46uJ3IgyHs -----END CERTIFICATE-----Generated at Mon Nov 3 19:31:43 2025 by rpki-client