This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/450633fc-fe23-4d82-ba64-bb7ee6dd6e06/0/323430343a653134303a3a2f33322d3438203d3e20313338383632.roa File: 323430343a653134303a3a2f33322d3438203d3e20313338383632.roa (raw, json) Hash identifier: s65ULf3kYPzmHhD/eaw4xa7fxStyJaVV06ikaxq29vc= Subject key identifier: 4A:CE:A7:64:54:C7:43:23:CA:2B:F4:AE:B5:34:0A:CA:F9:15:6D:51 Certificate issuer: /CN=88D56B9372987974D75D5FEB6C48FA491B771DE6 Certificate serial: 6C5A2C3935D13ED2F7DFA7C27150BD7F1CF1ADE7 Authority key identifier: 88:D5:6B:93:72:98:79:74:D7:5D:5F:EB:6C:48:FA:49:1B:77:1D:E6 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/88D56B9372987974D75D5FEB6C48FA491B771DE6.cer Subject info access: rsync://repo-rpki.idnic.net/repo/450633fc-fe23-4d82-ba64-bb7ee6dd6e06/0/323430343a653134303a3a2f33322d3438203d3e20313338383632.roa Signing time: Wed 26 Nov 2025 05:00:02 +0000 ROA not before: Wed 26 Nov 2025 04:55:02 +0000 ROA not after: Wed 25 Nov 2026 05:00:02 +0000 asID: 138862 IP address blocks: 2404:e140::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/450633fc-fe23-4d82-ba64-bb7ee6dd6e06/0/88D56B9372987974D75D5FEB6C48FA491B771DE6.crl rsync://repo-rpki.idnic.net/repo/450633fc-fe23-4d82-ba64-bb7ee6dd6e06/0/88D56B9372987974D75D5FEB6C48FA491B771DE6.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/88D56B9372987974D75D5FEB6C48FA491B771DE6.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 01:48:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:5a:2c:39:35:d1:3e:d2:f7:df:a7:c2:71:50:bd:7f:1c:f1:ad:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88D56B9372987974D75D5FEB6C48FA491B771DE6 Validity Not Before: Nov 26 04:55:02 2025 GMT Not After : Nov 25 05:00:02 2026 GMT Subject: CN=4ACEA76454C74323CA2BF4AEB5340ACAF9156D51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:d4:6d:e3:45:22:82:a8:99:a6:56:90:bd:3b: 3f:ac:3e:19:5c:39:ba:85:41:c7:a6:d7:7b:c1:80: e9:e6:7b:b7:97:ac:df:7d:56:1b:56:80:4f:a6:91: 9d:3c:5e:14:b0:27:68:29:e7:7b:9e:5b:c7:ed:2b: e1:a3:a8:94:fe:35:89:74:7a:12:a4:ce:be:82:45: c9:c5:c6:21:e4:18:8c:d6:59:f1:2e:85:bb:48:a1: c8:f2:dd:d8:9e:c5:a9:8a:b4:0f:87:7f:d3:6e:ae: 2f:f1:0e:65:cf:91:7e:0c:9d:de:a7:53:d4:5c:03: 3d:67:dc:1e:3c:3d:c3:33:23:a7:54:75:20:04:cc: b7:19:8b:7b:f5:fa:12:5b:c6:73:d0:7a:ac:06:3b: ef:c1:23:e5:06:95:49:9f:b2:00:a4:c7:c2:14:82: e2:51:a8:b3:5e:1b:8e:d1:28:ed:cd:c8:00:98:8f: 74:74:30:22:2b:a3:4c:25:62:f9:16:0e:0b:6c:7e: a4:8f:d5:15:55:d4:f8:03:3d:cf:28:c1:81:d3:f8: 03:0c:f5:21:d2:87:0d:67:f4:f4:b7:c0:59:4c:c2: de:0c:ac:d8:bd:c3:c2:e1:5a:96:ad:4f:bc:b6:76: f4:2d:28:6a:28:51:d1:2f:79:65:ea:75:79:09:06: f4:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:CE:A7:64:54:C7:43:23:CA:2B:F4:AE:B5:34:0A:CA:F9:15:6D:51 X509v3 Authority Key Identifier: keyid:88:D5:6B:93:72:98:79:74:D7:5D:5F:EB:6C:48:FA:49:1B:77:1D:E6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/450633fc-fe23-4d82-ba64-bb7ee6dd6e06/0/88D56B9372987974D75D5FEB6C48FA491B771DE6.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/88D56B9372987974D75D5FEB6C48FA491B771DE6.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/450633fc-fe23-4d82-ba64-bb7ee6dd6e06/0/323430343a653134303a3a2f33322d3438203d3e20313338383632.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:e140::/32 Signature Algorithm: sha256WithRSAEncryption 72:ba:f9:66:65:3c:57:3e:8c:46:be:84:41:f0:c9:84:d1:e7: f3:48:6b:8c:b5:9b:a1:9e:ce:74:ab:09:e9:b1:bc:42:12:a4: 15:fe:a8:3a:8c:4e:6b:da:9e:24:ba:53:78:a4:59:80:fe:37: 93:b5:90:d9:11:fe:02:76:ae:97:4b:78:8d:4c:a4:a8:b1:dc: da:8f:00:2c:60:52:28:4a:28:2f:79:e4:38:69:19:64:64:91: d3:f5:c7:71:30:48:10:d1:cd:81:52:3f:41:45:50:17:71:94: 11:dd:b3:c0:a3:69:38:6a:d1:a6:9c:4c:4e:23:84:1a:b4:45: b2:05:09:b5:bc:42:ed:0f:7b:72:4d:65:2c:70:bb:72:f9:48: 10:7d:03:a3:88:4b:29:7e:e4:3a:6c:f2:98:cd:c5:1d:e9:3c: 23:d9:61:48:66:aa:a1:32:aa:f2:06:7e:42:28:2e:20:04:b4: cc:fe:9d:10:25:ac:12:c8:c9:b5:c0:0e:d0:36:e5:c9:89:11: 20:6c:cc:e3:2c:7e:26:bc:ee:e2:ab:bd:fe:77:3c:33:86:a7: 6d:20:99:5b:76:94:3f:5b:f8:ce:5c:ad:16:e9:e5:46:a7:41: 7d:91:37:88:23:1f:52:c5:89:42:aa:b6:6f:13:c1:08:04:8f: c1:c2:ba:71 -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgIUbFosOTXRPtL336fCcVC9fxzxrecwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODhENTZCOTM3Mjk4Nzk3NEQ3NUQ1RkVCNkM0OEZBNDkx Qjc3MURFNjAeFw0yNTExMjYwNDU1MDJaFw0yNjExMjUwNTAwMDJaMDMxMTAvBgNV BAMTKDRBQ0VBNzY0NTRDNzQzMjNDQTJCRjRBRUI1MzQwQUNBRjkxNTZENTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC1G3jRSKCqJmmVpC9Oz+sPhlc ObqFQcem13vBgOnme7eXrN99VhtWgE+mkZ08XhSwJ2gp53ueW8ftK+GjqJT+NYl0 ehKkzr6CRcnFxiHkGIzWWfEuhbtIocjy3diexamKtA+Hf9Nuri/xDmXPkX4Mnd6n U9RcAz1n3B48PcMzI6dUdSAEzLcZi3v1+hJbxnPQeqwGO+/BI+UGlUmfsgCkx8IU guJRqLNeG47RKO3NyACYj3R0MCIro0wlYvkWDgtsfqSP1RVV1PgDPc8owYHT+AMM 9SHShw1n9PS3wFlMwt4MrNi9w8LhWpatT7y2dvQtKGooUdEveWXqdXkJBvQfAgMB AAGjggIzMIICLzAdBgNVHQ4EFgQUSs6nZFTHQyPKK/SutTQKyvkVbVEwHwYDVR0j BBgwFoAUiNVrk3KYeXTXXV/rbEj6SRt3HeYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 NTA2MzNmYy1mZTIzLTRkODItYmE2NC1iYjdlZTZkZDZlMDYvMC84OEQ1NkI5Mzcy OTg3OTc0RDc1RDVGRUI2QzQ4RkE0OTFCNzcxREU2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODhENTZCOTM3Mjk4Nzk3NEQ3NUQ1RkVCNkM0OEZBNDkxQjc3 MURFNi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ1MDYzM2ZjLWZlMjMtNGQ4Mi1i YTY0LWJiN2VlNmRkNmUwNi8wLzMyMzQzMDM0M2E2NTMxMzQzMDNhM2EyZjMzMzIy ZDM0MzgyMDNkM2UyMDMxMzMzODM4MzYzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQE4UAwDQYJKoZI hvcNAQELBQADggEBAHK6+WZlPFc+jEa+hEHwyYTR5/NIa4y1m6GeznSrCemxvEIS pBX+qDqMTmvaniS6U3ikWYD+N5O1kNkR/gJ2rpdLeI1MpKix3NqPACxgUihKKC95 5DhpGWRkkdP1x3EwSBDRzYFSP0FFUBdxlBHds8CjaThq0aacTE4jhBq0RbIFCbW8 Qu0Pe3JNZSxwu3L5SBB9A6OISyl+5Dps8pjNxR3pPCPZYUhmqqEyqvIGfkIoLiAE tMz+nRAlrBLIybXADtA25cmJESBszOMsfia87uKrvf53PDOGp20gmVt2lD9b+M5c rRbp5UanQX2RN4gjH1LFiUKqtm8TwQgEj8HCunE= -----END CERTIFICATE-----Generated at Wed Dec 3 14:48:38 2025 by rpki-client