$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149676.roa File: AS149676.roa (raw, json) Hash identifier: 2ZXKXJwJD3UNthIyS+nRklKI4TlTZglnkBjpE940UkM= Subject key identifier: 05:AD:D8:1D:99:63:B9:1A:43:C2:3A:3F:BC:84:D5:3C:58:C1:F3:5B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 6F239958FA3F4EB4E318F9D79621210C723C400E Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149676.roa Signing time: Thu 16 Oct 2025 11:02:26 +0000 ROA not before: Thu 16 Oct 2025 10:57:26 +0000 ROA not after: Thu 15 Oct 2026 11:02:26 +0000 asID: 149676 IP address blocks: 2001:df1:cd40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 14:07:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:23:99:58:fa:3f:4e:b4:e3:18:f9:d7:96:21:21:0c:72:3c:40:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Oct 16 10:57:26 2025 GMT Not After : Oct 15 11:02:26 2026 GMT Subject: CN=05ADD81D9963B91A43C23A3FBC84D53C58C1F35B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:73:86:ef:f9:8c:7d:71:69:c1:54:c3:01:dc: c6:9d:93:52:e5:19:2a:b9:70:64:6b:dd:5b:a0:1f: 19:92:de:10:85:71:84:1c:49:ea:cc:7f:89:6b:d6: 10:56:8a:4e:89:a7:30:12:e7:a3:4b:0a:40:6b:1a: 13:16:4c:d7:8e:06:0c:a4:af:1d:8f:19:96:c4:29: 5d:49:c6:51:e2:f4:ec:c0:d5:66:94:d4:7c:2e:44: c0:97:9c:a2:4c:e1:16:fa:8a:72:69:ff:92:2e:67: 79:9d:b6:c8:7b:44:83:6c:cd:7e:31:58:37:46:64: 19:dc:28:cd:3f:a0:65:40:27:a5:39:c4:de:fd:25: f3:ac:d1:5c:a4:5d:a8:88:70:5f:38:65:2c:bb:bf: fd:68:af:75:e3:ee:1b:4f:28:39:aa:97:7e:0a:7d: c9:a9:0e:1d:61:24:94:6f:7f:52:e7:3d:51:04:fd: 93:1a:13:f3:75:4c:45:26:ac:2f:69:18:25:d2:c2: 5c:d7:3c:b1:c5:af:78:fa:40:fe:c9:15:9f:72:e4: 1b:45:30:de:cd:b6:aa:de:15:5c:eb:75:eb:24:e5: 00:bc:48:38:53:05:47:b0:99:93:51:93:d2:4f:33: 18:2f:6d:12:ab:70:21:88:61:8a:ad:04:b7:d0:f5: ed:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:AD:D8:1D:99:63:B9:1A:43:C2:3A:3F:BC:84:D5:3C:58:C1:F3:5B X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149676.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:cd40::/48 Signature Algorithm: sha256WithRSAEncryption 23:62:e9:b6:b0:2d:71:25:6a:8b:5c:68:e8:2e:e3:26:5a:65: d6:81:e2:60:db:17:77:27:5d:9e:00:23:3d:d2:71:5f:f5:0b: 84:9c:d7:a3:38:08:c8:d7:5e:a3:c5:f9:1e:b7:a3:67:e4:8f: 7f:2b:d6:e2:ef:cf:f3:ca:83:2e:47:55:d3:89:08:56:14:5f: 68:be:5d:e3:bc:b9:aa:cb:88:07:f8:c5:45:27:f7:9c:2a:39: 17:f3:1b:fa:79:eb:a4:62:bf:ec:bb:51:78:df:db:00:bb:fd: 17:c5:d3:fa:01:0e:e4:7a:f2:fb:21:ee:a0:40:e4:ac:79:03: 70:16:6c:7c:39:d0:61:08:a9:fa:18:bf:05:c6:06:95:65:38: 7b:20:8e:d4:90:8a:1f:9a:48:4c:bd:ab:eb:8b:92:a9:19:3f: 62:e3:3f:f3:2c:be:1d:16:d9:da:d2:67:4f:9d:2c:6a:e1:c0: 2f:ec:61:f4:91:cb:eb:69:5e:c0:8b:30:ca:82:12:7d:c5:68: 40:b3:0d:7e:bd:97:82:fa:6b:78:de:46:ca:76:06:a0:1c:2c: 9c:c9:d2:5a:42:0e:01:63:41:5e:15:87:7b:f9:33:78:4e:c7: 4e:4a:a3:ea:7d:a9:14:99:44:ca:c0:c7:cc:e0:55:0d:14:1e: 50:c6:c8:5d -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUbyOZWPo/TrTjGPnXliEhDHI8QA4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTAxNjEwNTcyNloX DTI2MTAxNTExMDIyNlowMzExMC8GA1UEAxMoMDVBREQ4MUQ5OTYzQjkxQTQzQzIz QTNGQkM4NEQ1M0M1OEMxRjM1QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMZzhu/5jH1xacFUwwHcxp2TUuUZKrlwZGvdW6AfGZLeEIVxhBxJ6sx/iWvW EFaKTomnMBLno0sKQGsaExZM144GDKSvHY8ZlsQpXUnGUeL07MDVZpTUfC5EwJec okzhFvqKcmn/ki5neZ22yHtEg2zNfjFYN0ZkGdwozT+gZUAnpTnE3v0l86zRXKRd qIhwXzhlLLu//WivdePuG08oOaqXfgp9yakOHWEklG9/Uuc9UQT9kxoT83VMRSas L2kYJdLCXNc8scWvePpA/skVn3LkG0Uw3s22qt4VXOt16yTlALxIOFMFR7CZk1GT 0k8zGC9tEqtwIYhhiq0Et9D17X0CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQFrdgd mWO5GkPCOj+8hNU8WMHzWzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTY3Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfHNQDANBgkqhkiG9w0BAQsFAAOCAQEAI2LptrAtcSVqi1xo 6C7jJlpl1oHiYNsXdyddngAjPdJxX/ULhJzXozgIyNdeo8X5HrejZ+SPfyvW4u/P 88qDLkdV04kIVhRfaL5d47y5qsuIB/jFRSf3nCo5F/Mb+nnrpGK/7LtReN/bALv9 F8XT+gEO5Hry+yHuoEDkrHkDcBZsfDnQYQip+hi/BcYGlWU4eyCO1JCKH5pITL2r 64uSqRk/YuM/8yy+HRbZ2tJnT50sauHAL+xh9JHL62lewIswyoISfcVoQLMNfr2X gvpreN5GynYGoBwsnMnSWkIOAWNBXhWHe/kzeE7HTkqj6n2pFJlEysDHzOBVDRQe UMbIXQ== -----END CERTIFICATE-----Generated at Mon Oct 20 05:59:20 2025 by rpki-client