This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/355a1a44-337d-4db4-90d7-5bd4f37214b8/0/323430313a326334303a313a3a2f34382d3438203d3e203338353233.roa File: 323430313a326334303a313a3a2f34382d3438203d3e203338353233.roa (raw, json) Hash identifier: OfppjjTpXFLmh5Aj/BiOiyknKtfPtzPHg2/eqJ5W1oI= Subject key identifier: 39:0D:52:47:99:B4:14:15:C3:CD:10:90:0C:6B:B4:D1:4D:FF:D9:42 Certificate issuer: /CN=1BC497D0AD0ADA80683A4AD17C60B87B6039448F Certificate serial: 0137CF93B316ED2F4AAE3C6B57197C9C96EF6A73 Authority key identifier: 1B:C4:97:D0:AD:0A:DA:80:68:3A:4A:D1:7C:60:B8:7B:60:39:44:8F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1BC497D0AD0ADA80683A4AD17C60B87B6039448F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/355a1a44-337d-4db4-90d7-5bd4f37214b8/0/323430313a326334303a313a3a2f34382d3438203d3e203338353233.roa Signing time: Wed 12 Nov 2025 15:00:03 +0000 ROA not before: Wed 12 Nov 2025 14:55:03 +0000 ROA not after: Wed 11 Nov 2026 15:00:03 +0000 asID: 38523 IP address blocks: 2401:2c40:1::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/355a1a44-337d-4db4-90d7-5bd4f37214b8/0/1BC497D0AD0ADA80683A4AD17C60B87B6039448F.crl rsync://repo-rpki.idnic.net/repo/355a1a44-337d-4db4-90d7-5bd4f37214b8/0/1BC497D0AD0ADA80683A4AD17C60B87B6039448F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1BC497D0AD0ADA80683A4AD17C60B87B6039448F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 01:46:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:37:cf:93:b3:16:ed:2f:4a:ae:3c:6b:57:19:7c:9c:96:ef:6a:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1BC497D0AD0ADA80683A4AD17C60B87B6039448F Validity Not Before: Nov 12 14:55:03 2025 GMT Not After : Nov 11 15:00:03 2026 GMT Subject: CN=390D524799B41415C3CD10900C6BB4D14DFFD942 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:3a:0e:02:8d:5b:76:6f:5b:c7:75:91:d3:60: d1:a0:69:4c:ff:9d:f9:b0:33:3b:89:57:a4:4c:42: ca:88:11:67:3a:59:f1:a5:c0:39:86:3c:3d:31:65: 0c:ff:e0:b9:cb:fb:af:7b:04:78:e1:90:14:48:99: 6a:41:7c:3c:58:b9:f0:b1:08:dd:c2:cd:f4:57:c7: 78:a7:42:d2:f5:8b:16:af:43:fd:2b:22:ce:90:87: df:46:51:18:b5:ef:e3:3a:d1:23:36:bf:58:7c:89: a5:af:0d:31:fe:77:36:24:02:6f:a4:4d:3a:07:69: 74:40:b3:b9:bc:d0:f7:71:04:31:55:48:78:52:fd: 9c:46:78:f4:de:7d:41:dd:37:f4:65:69:9d:b6:50: cd:11:c0:60:60:8c:c9:e6:7f:63:b6:7e:9a:f4:8f: e9:21:7e:cd:37:59:c3:bd:9f:3b:cb:74:28:7a:ee: a2:e0:62:ab:a5:fe:9a:2e:5e:06:7f:eb:b0:28:c8: c6:05:20:fe:56:58:f7:47:e5:56:2b:cc:21:f0:b0: 52:3a:6e:37:f4:63:94:0f:38:b1:9f:a7:9b:88:79: 69:8b:a4:c8:35:bb:78:be:cd:96:2b:e1:fd:f0:d9: a1:d0:17:9e:3c:10:31:30:b6:21:bb:d4:cc:34:38: 79:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:0D:52:47:99:B4:14:15:C3:CD:10:90:0C:6B:B4:D1:4D:FF:D9:42 X509v3 Authority Key Identifier: keyid:1B:C4:97:D0:AD:0A:DA:80:68:3A:4A:D1:7C:60:B8:7B:60:39:44:8F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/355a1a44-337d-4db4-90d7-5bd4f37214b8/0/1BC497D0AD0ADA80683A4AD17C60B87B6039448F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1BC497D0AD0ADA80683A4AD17C60B87B6039448F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/355a1a44-337d-4db4-90d7-5bd4f37214b8/0/323430313a326334303a313a3a2f34382d3438203d3e203338353233.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:2c40:1::/48 Signature Algorithm: sha256WithRSAEncryption 65:d9:7a:bf:94:5c:2b:05:bb:7c:a8:36:03:2a:5a:28:99:0f: 65:b5:8b:a4:20:75:d4:6e:9a:d3:56:62:26:f7:56:7d:bf:04: 86:6c:be:26:f6:45:b5:5b:fe:31:57:6a:69:3a:53:07:87:e2: 81:53:34:c5:eb:19:e7:2f:3e:e1:a7:8a:99:90:a6:df:7b:df: 3e:9c:3c:04:69:c1:3a:77:c7:f5:b8:bc:b0:0e:b6:ab:0c:c1: c1:0d:52:e5:87:dd:70:ad:27:25:c8:91:6f:de:0c:43:57:af: d6:b8:4c:fc:69:0a:7c:d6:dc:c9:9d:cd:8b:84:76:1a:06:23: 16:30:7d:f7:f0:c9:3a:22:b9:61:9f:91:22:67:98:7e:57:a2: eb:70:8a:47:df:4f:2c:48:28:e1:2c:ea:94:a2:e4:12:36:52: dd:e7:75:e3:83:db:0f:82:5b:16:44:ef:33:44:cf:41:01:fc: 94:27:24:56:3e:93:a2:98:1f:43:dc:b7:97:d2:b5:d7:fa:d2: 05:0b:4c:f2:dc:ce:61:ff:14:6e:f5:bb:69:2e:38:3a:51:c1: 00:fb:46:21:dc:31:f0:38:39:8f:13:ea:12:9f:52:f2:05:f8: c7:c6:cb:14:43:ab:c3:e0:16:d0:38:e8:9c:d6:12:73:a8:31: f2:43:4c:9d -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgIUATfPk7MW7S9KrjxrVxl8nJbvanMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUJDNDk3RDBBRDBBREE4MDY4M0E0QUQxN0M2MEI4N0I2 MDM5NDQ4RjAeFw0yNTExMTIxNDU1MDNaFw0yNjExMTExNTAwMDNaMDMxMTAvBgNV BAMTKDM5MEQ1MjQ3OTlCNDE0MTVDM0NEMTA5MDBDNkJCNEQxNERGRkQ5NDIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrOg4CjVt2b1vHdZHTYNGgaUz/ nfmwMzuJV6RMQsqIEWc6WfGlwDmGPD0xZQz/4LnL+697BHjhkBRImWpBfDxYufCx CN3CzfRXx3inQtL1ixavQ/0rIs6Qh99GURi17+M60SM2v1h8iaWvDTH+dzYkAm+k TToHaXRAs7m80PdxBDFVSHhS/ZxGePTefUHdN/RlaZ22UM0RwGBgjMnmf2O2fpr0 j+khfs03WcO9nzvLdCh67qLgYqul/pouXgZ/67AoyMYFIP5WWPdH5VYrzCHwsFI6 bjf0Y5QPOLGfp5uIeWmLpMg1u3i+zZYr4f3w2aHQF548EDEwtiG71Mw0OHmNAgMB AAGjggI3MIICMzAdBgNVHQ4EFgQUOQ1SR5m0FBXDzRCQDGu00U3/2UIwHwYDVR0j BBgwFoAUG8SX0K0K2oBoOkrRfGC4e2A5RI8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z NTVhMWE0NC0zMzdkLTRkYjQtOTBkNy01YmQ0ZjM3MjE0YjgvMC8xQkM0OTdEMEFE MEFEQTgwNjgzQTRBRDE3QzYwQjg3QjYwMzk0NDhGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMUJDNDk3RDBBRDBBREE4MDY4M0E0QUQxN0M2MEI4N0I2MDM5 NDQ4Ri5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzM1NWExYTQ0LTMzN2QtNGRiNC05 MGQ3LTViZDRmMzcyMTRiOC8wLzMyMzQzMDMxM2EzMjYzMzQzMDNhMzEzYTNhMmYz NDM4MmQzNDM4MjAzZDNlMjAzMzM4MzUzMjMzLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAEsQAABMA0G CSqGSIb3DQEBCwUAA4IBAQBl2Xq/lFwrBbt8qDYDKloomQ9ltYukIHXUbprTVmIm 91Z9vwSGbL4m9kW1W/4xV2ppOlMHh+KBUzTF6xnnLz7hp4qZkKbfe98+nDwEacE6 d8f1uLywDrarDMHBDVLlh91wrSclyJFv3gxDV6/WuEz8aQp81tzJnc2LhHYaBiMW MH338Mk6Irlhn5EiZ5h+V6LrcIpH308sSCjhLOqUouQSNlLd53Xjg9sPglsWRO8z RM9BAfyUJyRWPpOimB9D3LeX0rXX+tIFC0zy3M5h/xRu9btpLjg6UcEA+0Yh3DHw ODmPE+oSn1LyBfjHxssUQ6vD4BbQOOic1hJzqDHyQ0yd -----END CERTIFICATE-----Generated at Wed Dec 3 16:53:06 2025 by rpki-client