$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS150998.roa File: AS150998.roa (raw, json) Hash identifier: /UAeESwWoj8Z31ihsxSA3T+BZph6CIDcSOUqBV65JEw= Subject key identifier: 1B:9F:D4:5B:17:9A:C7:58:67:92:6D:DC:AC:FC:55:A5:5B:B7:41:6A Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 5B13A4CCF4C857CDAFD97E4EE0ACBE98A063FEC7 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150998.roa Signing time: Sun 03 May 2026 08:16:28 +0000 ROA not before: Sun 03 May 2026 08:11:28 +0000 ROA not after: Sun 02 May 2027 08:16:28 +0000 asID: 150998 IP address blocks: 103.211.106.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:13:a4:cc:f4:c8:57:cd:af:d9:7e:4e:e0:ac:be:98:a0:63:fe:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 08:11:28 2026 GMT Not After : May 2 08:16:28 2027 GMT Subject: CN=1B9FD45B179AC75867926DDCACFC55A55BB7416A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:6b:c7:f8:64:93:bb:43:68:6f:5e:99:9f:c4: fe:0f:1e:d9:db:80:c4:a1:7c:20:28:ee:0c:c1:60: bd:63:a3:87:ac:89:a2:a2:55:9a:0d:e8:20:c3:8a: 72:e8:f1:55:d3:2f:d5:60:9e:19:2d:00:d1:b0:06: ad:48:93:be:18:4a:79:12:ab:86:a8:9d:07:dc:57: d9:29:9d:d4:a5:ff:21:58:c0:77:9b:88:98:d1:4a: 44:47:cc:c3:09:75:86:d4:6d:df:e1:18:14:31:5b: 56:67:13:71:4a:a0:18:8e:25:83:7b:6b:26:21:76: 4c:59:ea:9b:6d:43:05:9f:2f:50:6a:6c:c3:6c:6d: 7d:66:72:22:0b:00:4f:4d:83:6f:db:15:5d:77:8d: b6:9a:a5:ee:2f:60:16:fe:e0:2a:0a:39:24:08:d8: 5b:9d:0a:8b:1d:7b:0b:c9:43:5b:f4:4a:cd:b7:a0: b9:6c:33:57:84:6d:51:18:44:39:90:12:a5:96:fe: ec:c2:0b:59:0b:ea:ba:34:1c:4a:fb:f1:e8:17:46: 9f:78:b5:27:fe:38:c9:ec:40:95:d5:89:85:4a:04: e1:f9:67:60:a1:c0:5b:d8:fc:00:07:18:10:48:98: 74:53:4d:87:e8:9f:f8:93:d6:83:5c:23:0f:8d:d3: f9:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:9F:D4:5B:17:9A:C7:58:67:92:6D:DC:AC:FC:55:A5:5B:B7:41:6A X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS150998.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.211.106.0/23 Signature Algorithm: sha256WithRSAEncryption 9b:d0:01:73:64:20:81:72:dd:5b:c0:af:c6:6a:a0:7f:3c:ce: ed:a9:e6:37:63:52:71:2d:fd:3d:3f:dc:ad:3a:e6:04:b3:c4: 18:aa:f7:f3:b5:d7:2a:d8:d7:e9:6c:3e:e4:3b:24:4f:6f:60: 3c:ea:7c:13:60:36:fa:40:c3:8c:58:46:b8:b9:6f:58:46:3d: b2:58:65:7c:af:9d:0b:2d:39:ec:80:37:71:3a:d9:80:a2:55: ce:8e:00:01:51:c8:bc:91:5f:40:f1:7b:92:ee:aa:8c:1a:05: e5:c3:16:f3:d9:73:f9:9e:a4:a0:6c:1a:4f:e2:0f:e0:eb:72: 92:f5:48:70:3e:0e:82:fd:ce:2c:60:23:c2:7f:86:bd:bb:6a: 18:fb:79:e8:ed:c1:e6:de:e2:12:2f:29:c5:17:73:7a:c1:7d: ed:c4:2a:fd:79:53:57:32:71:15:2c:80:6a:34:92:81:f1:ba: 5c:c8:18:a3:b8:4d:2d:e1:94:4f:b4:ed:bc:1e:73:f5:20:7b: b4:7f:11:bc:24:3f:f1:33:09:2b:fa:b0:ee:a1:e2:9c:8b:6b: 82:eb:b2:56:94:48:ce:78:fe:88:6d:9b:0a:3d:d6:de:78:d4: 90:60:e9:3b:76:18:3f:c4:f5:ab:5f:da:76:06:50:9e:57:70: 12:33:f6:b7 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUWxOkzPTIV82v2X5O4Ky+mKBj/scwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzA4MTEyOFoX DTI3MDUwMjA4MTYyOFowMzExMC8GA1UEAxMoMUI5RkQ0NUIxNzlBQzc1ODY3OTI2 RERDQUNGQzU1QTU1QkI3NDE2QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI1rx/hkk7tDaG9emZ/E/g8e2duAxKF8ICjuDMFgvWOjh6yJoqJVmg3oIMOK cujxVdMv1WCeGS0A0bAGrUiTvhhKeRKrhqidB9xX2Smd1KX/IVjAd5uImNFKREfM wwl1htRt3+EYFDFbVmcTcUqgGI4lg3trJiF2TFnqm21DBZ8vUGpsw2xtfWZyIgsA T02Db9sVXXeNtpql7i9gFv7gKgo5JAjYW50Kix17C8lDW/RKzbeguWwzV4RtURhE OZASpZb+7MILWQvqujQcSvvx6BdGn3i1J/44yexAldWJhUoE4flnYKHAW9j8AAcY EEiYdFNNh+if+JPWg1wjD43T+fkCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBQbn9Rb F5rHWGeSbdys/FWlW7dBajAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUwOTk4LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBZ9NqMA0GCSqGSIb3DQEBCwUAA4IBAQCb0AFzZCCBct1bwK/GaqB/PM7t qeY3Y1JxLf09P9ytOuYEs8QYqvfztdcq2NfpbD7kOyRPb2A86nwTYDb6QMOMWEa4 uW9YRj2yWGV8r50LLTnsgDdxOtmAolXOjgABUci8kV9A8XuS7qqMGgXlwxbz2XP5 nqSgbBpP4g/g63KS9UhwPg6C/c4sYCPCf4a9u2oY+3no7cHm3uISLynFF3N6wX3t xCr9eVNXMnEVLIBqNJKB8bpcyBijuE0t4ZRPtO28HnP1IHu0fxG8JD/xMwkr+rDu oeKci2uC67JWlEjOeP6IbZsKPdbeeNSQYOk7dhg/xPWrX9p2BlCeV3ASM/a3 -----END CERTIFICATE-----Generated at Tue May 12 22:56:45 2026 by rpki-client