$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS152749.roa File: AS152749.roa (raw, json) Hash identifier: HAn1fxepTHZCJCC2CEnVuPGaMEvitCrnMrwP+XVFHOs= Subject key identifier: 39:88:D5:5F:3B:64:BE:75:B0:37:9B:B3:23:EE:AF:E9:21:FA:60:48 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 195B29825338BC2C3AB520D690E5F0A070BE7919 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152749.roa Signing time: Sun 03 May 2026 05:38:57 +0000 ROA not before: Sun 03 May 2026 05:33:57 +0000 ROA not after: Sun 02 May 2027 05:38:57 +0000 asID: 152749 IP address blocks: 2001:df3:d340::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:5b:29:82:53:38:bc:2c:3a:b5:20:d6:90:e5:f0:a0:70:be:79:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 05:33:57 2026 GMT Not After : May 2 05:38:57 2027 GMT Subject: CN=3988D55F3B64BE75B0379BB323EEAFE921FA6048 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:64:45:a5:39:c9:37:69:04:83:78:25:4c:d8: 15:56:fd:1a:55:46:2f:ac:e2:f2:1e:4f:90:bf:31: d9:fa:77:b6:96:89:63:e1:7d:59:79:c7:6c:5f:14: 1e:bf:d4:81:30:3f:4e:74:46:2a:36:82:60:57:d4: 51:81:41:bd:3a:a3:80:c2:43:9c:32:15:b6:56:4c: 86:ba:17:64:79:c8:47:5d:c4:b0:c3:15:40:a5:65: 5a:a4:87:dd:64:d7:45:46:f1:ab:22:66:26:db:36: e2:cf:ee:12:1c:1f:b8:7e:d6:c6:a4:8b:2c:58:43: b5:42:0d:34:04:d6:01:05:42:89:ac:b8:fe:46:75: 23:f5:50:09:80:9f:aa:29:b7:f0:70:39:42:64:12: 6b:44:71:35:42:b4:a0:2d:9f:04:d6:d4:7b:80:f4: f1:1a:e9:8a:53:f4:f6:99:6e:7e:bd:7f:70:b6:f5: 71:86:70:f8:64:1d:d6:af:02:67:a0:7d:b2:02:fa: d9:a2:ac:6e:19:d5:3d:ca:77:fc:6d:f7:4e:92:ac: d3:ab:45:f6:43:5c:e8:e5:01:a4:22:6a:a5:b9:9c: 19:8c:93:9a:dd:03:38:c0:b8:bb:96:db:6f:3f:99: 1b:2f:df:09:ea:38:53:b2:da:be:a9:00:e6:d2:11: 4c:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:88:D5:5F:3B:64:BE:75:B0:37:9B:B3:23:EE:AF:E9:21:FA:60:48 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152749.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:d340::/48 Signature Algorithm: sha256WithRSAEncryption 7c:df:19:b1:23:22:65:72:ef:df:01:4b:32:e2:44:33:84:11: 13:73:ef:75:66:78:f1:ee:21:dc:7e:e6:13:d6:87:48:b6:72: aa:19:e3:5c:56:5f:e8:89:d3:34:1b:fc:3c:b0:e1:19:b1:ea: 65:e7:16:b8:30:19:f1:91:11:93:c7:29:28:3b:92:5c:19:71: 65:0d:2d:1b:32:e1:78:8c:a0:46:c3:84:d3:4c:73:65:e5:c2: 96:b3:be:92:b6:8b:11:39:e1:95:26:96:74:76:ed:4a:36:f9: 2c:7f:26:41:f7:d3:ab:d8:d5:7a:0d:2e:31:f9:f9:5a:db:86: af:9a:76:8e:d3:43:2c:bc:38:73:42:32:42:f5:61:b8:d2:64: cd:11:7d:48:1b:0f:fc:53:c1:71:74:bd:96:35:e3:3f:a5:96: 17:b0:d5:90:0e:a2:7e:fc:2e:0a:f8:7f:2d:14:4a:17:23:d2: 24:7f:af:7c:69:9d:88:30:ba:24:6b:db:16:95:b4:f9:a2:05: cc:65:39:f6:e4:59:30:ae:dc:21:4a:73:7c:91:19:d8:7b:24: e1:16:12:d6:8b:92:04:aa:ab:ac:6d:a6:49:1a:18:08:a2:da: 0d:8b:e8:62:ed:30:7b:f2:7e:4f:fd:1f:69:ef:39:c8:bd:dd: 59:63:22:d3 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUGVspglM4vCw6tSDWkOXwoHC+eRkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzA1MzM1N1oX DTI3MDUwMjA1Mzg1N1owMzExMC8GA1UEAxMoMzk4OEQ1NUYzQjY0QkU3NUIwMzc5 QkIzMjNFRUFGRTkyMUZBNjA0ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPNkRaU5yTdpBIN4JUzYFVb9GlVGL6zi8h5PkL8x2fp3tpaJY+F9WXnHbF8U Hr/UgTA/TnRGKjaCYFfUUYFBvTqjgMJDnDIVtlZMhroXZHnIR13EsMMVQKVlWqSH 3WTXRUbxqyJmJts24s/uEhwfuH7WxqSLLFhDtUINNATWAQVCiay4/kZ1I/VQCYCf qim38HA5QmQSa0RxNUK0oC2fBNbUe4D08RrpilP09plufr1/cLb1cYZw+GQd1q8C Z6B9sgL62aKsbhnVPcp3/G33TpKs06tF9kNc6OUBpCJqpbmcGYyTmt0DOMC4u5bb bz+ZGy/fCeo4U7LavqkA5tIRTCsCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBQ5iNVf O2S+dbA3m7Mj7q/pIfpgSDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUyNzQ5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN89NAMA0GCSqGSIb3DQEBCwUAA4IBAQB83xmxIyJlcu/fAUsy4kQz hBETc+91Znjx7iHcfuYT1odItnKqGeNcVl/oidM0G/w8sOEZsepl5xa4MBnxkRGT xykoO5JcGXFlDS0bMuF4jKBGw4TTTHNl5cKWs76StosROeGVJpZ0du1KNvksfyZB 99Or2NV6DS4x+fla24avmnaO00MsvDhzQjJC9WG40mTNEX1IGw/8U8FxdL2WNeM/ pZYXsNWQDqJ+/C4K+H8tFEoXI9Ikf698aZ2IMLoka9sWlbT5ogXMZTn25Fkwrtwh SnN8kRnYeyThFhLWi5IEqqusbaZJGhgIotoNi+hi7TB78n5P/R9p7znIvd1ZYyLT -----END CERTIFICATE-----Generated at Tue May 12 22:43:08 2026 by rpki-client