$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS150985.roa File: AS150985.roa (raw, json) Hash identifier: XlG72QKLN7sDJDDMYajjAl2Z/KHwnFk6P+K0sLGGDTI= Subject key identifier: E7:69:ED:84:D0:0C:28:86:8C:8A:46:87:65:B9:D7:8F:9E:76:51:05 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 05CF9F2BBD244C6782C27F4D121DAA0DCC71AC0C Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150985.roa Signing time: Sun 03 May 2026 08:16:16 +0000 ROA not before: Sun 03 May 2026 08:11:16 +0000 ROA not after: Sun 02 May 2027 08:16:16 +0000 asID: 150985 IP address blocks: 103.228.18.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:cf:9f:2b:bd:24:4c:67:82:c2:7f:4d:12:1d:aa:0d:cc:71:ac:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 08:11:16 2026 GMT Not After : May 2 08:16:16 2027 GMT Subject: CN=E769ED84D00C28868C8A468765B9D78F9E765105 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:36:f8:57:0f:6e:2e:16:7d:97:09:fc:7d:83: 5e:b9:69:d8:2a:f5:64:5e:46:b4:b7:a4:01:3c:65: 77:f5:49:c4:f7:1d:46:fe:36:39:8e:cd:16:7f:30: ed:41:c5:d1:9b:cc:0a:fb:56:39:c0:58:64:cc:53: c1:41:6b:4b:e7:7e:6b:40:33:ac:69:aa:70:48:1f: 5d:ed:23:5c:83:f8:1b:b4:8d:86:0e:a4:4f:ad:ff: 81:03:9b:a7:47:f7:8e:9b:0f:a6:df:4a:d2:7a:2b: 06:e9:b9:18:0f:f6:5c:20:e0:7c:92:c2:7e:f0:5d: fc:77:7b:3d:a9:66:8f:dc:25:5d:98:c7:50:9c:6f: 61:04:5b:e6:92:f6:65:ec:82:a8:58:a8:76:e9:fe: 7b:99:c0:4c:63:d1:50:02:0e:8f:83:41:61:53:69: fd:4f:65:ae:ce:a0:6d:e4:f3:5f:fe:4c:07:1f:61: 63:88:52:24:23:6c:a4:0c:4b:42:52:6d:b6:f7:11: 79:11:66:88:dd:9b:03:81:ac:6e:f8:cd:e0:5f:02: 34:06:7b:0f:7a:0c:ea:43:5f:d5:7b:28:bc:aa:25: e3:bf:1d:ea:eb:f2:e7:3f:c7:ee:65:41:23:aa:b6: 48:11:78:2e:38:5b:4d:05:ba:78:06:ca:95:62:d9: ad:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:69:ED:84:D0:0C:28:86:8C:8A:46:87:65:B9:D7:8F:9E:76:51:05 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150985.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.228.18.0/24 Signature Algorithm: sha256WithRSAEncryption 87:6b:1c:24:8e:49:0f:42:49:a0:7b:3a:5a:63:b6:48:f6:6f: 12:61:67:6a:b5:36:d4:61:df:15:46:f6:bc:17:dd:4b:d5:ad: f2:a3:4f:68:ee:e1:25:c8:ff:58:60:d5:87:9d:c4:9a:7d:01: 46:39:23:a1:1d:49:43:89:4c:e2:86:90:4f:0a:b5:14:38:d7: 8c:a6:fd:41:0e:d0:9e:ab:74:a3:ef:6e:e6:88:2b:fc:91:3a: bd:89:93:85:9e:9a:aa:b9:7c:6b:5c:eb:b2:ec:f0:86:7e:d6: e3:f6:f5:99:ef:48:bd:fd:3f:4a:b7:0d:40:ea:c0:7f:a5:1d: fc:43:c3:38:15:f4:11:93:77:51:e5:3e:8b:d2:a2:79:3d:81: 47:46:6d:2d:ec:68:28:98:24:3c:b2:52:bc:64:f6:95:ca:cd: bc:37:a0:78:07:17:19:13:e6:0d:61:a0:45:dc:e8:35:85:06: e3:02:67:a3:be:8e:38:92:3a:f9:42:ab:7c:f1:c1:2d:94:8e: 92:1d:5c:28:60:c3:2c:3b:fb:cf:aa:8f:83:d7:c5:b0:4e:cf: 11:84:fe:fc:e2:85:30:04:0c:95:9e:77:18:32:8a:4d:1c:e5: 68:c9:a1:e7:d4:30:f6:e6:7c:50:a6:bc:b5:29:2c:5c:c0:89: 69:8c:82:42 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUBc+fK70kTGeCwn9NEh2qDcxxrAwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzA4MTExNloX DTI3MDUwMjA4MTYxNlowMzExMC8GA1UEAxMoRTc2OUVEODREMDBDMjg4NjhDOEE0 Njg3NjVCOUQ3OEY5RTc2NTEwNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK82+FcPbi4WfZcJ/H2DXrlp2Cr1ZF5GtLekATxld/VJxPcdRv42OY7NFn8w 7UHF0ZvMCvtWOcBYZMxTwUFrS+d+a0AzrGmqcEgfXe0jXIP4G7SNhg6kT63/gQOb p0f3jpsPpt9K0norBum5GA/2XCDgfJLCfvBd/Hd7Palmj9wlXZjHUJxvYQRb5pL2 ZeyCqFiodun+e5nATGPRUAIOj4NBYVNp/U9lrs6gbeTzX/5MBx9hY4hSJCNspAxL QlJttvcReRFmiN2bA4GsbvjN4F8CNAZ7D3oM6kNf1XsovKol478d6uvy5z/H7mVB I6q2SBF4LjhbTQW6eAbKlWLZrT8CAwEAAaOCAcwwggHIMB0GA1UdDgQWBBTnae2E 0AwohoyKRodludePnnZRBTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUwOTg1LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAZ+QSMA0GCSqGSIb3DQEBCwUAA4IBAQCHaxwkjkkPQkmgezpaY7ZI9m8S YWdqtTbUYd8VRva8F91L1a3yo09o7uElyP9YYNWHncSafQFGOSOhHUlDiUzihpBP CrUUONeMpv1BDtCeq3Sj727miCv8kTq9iZOFnpqquXxrXOuy7PCGftbj9vWZ70i9 /T9Ktw1A6sB/pR38Q8M4FfQRk3dR5T6L0qJ5PYFHRm0t7GgomCQ8slK8ZPaVys28 N6B4BxcZE+YNYaBF3Og1hQbjAmejvo44kjr5Qqt88cEtlI6SHVwoYMMsO/vPqo+D 18WwTs8RhP784oUwBAyVnncYMopNHOVoyaHn1DD25nxQpry1KSxcwIlpjIJC -----END CERTIFICATE-----Generated at Tue May 12 22:43:22 2026 by rpki-client