This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/323430363a373734303a3a2f33322d3438203d3e20313431303733.roa File: 323430363a373734303a3a2f33322d3438203d3e20313431303733.roa (raw, json) Hash identifier: L3wXXsnBA+OZbTlcmfk9tvtnuCN6qKltUcu107Tb7ZI= Subject key identifier: D3:91:12:28:62:AB:8C:2E:92:0A:81:F4:F2:86:31:8C:28:89:32:34 Certificate issuer: /CN=2D18956397FA6055A44153CABF07303FD6E55E44 Certificate serial: 6573279899C32AE9D983FE23BA02AB3C8443D416 Authority key identifier: 2D:18:95:63:97:FA:60:55:A4:41:53:CA:BF:07:30:3F:D6:E5:5E:44 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/323430363a373734303a3a2f33322d3438203d3e20313431303733.roa Signing time: Wed 03 Dec 2025 05:00:02 +0000 ROA not before: Wed 03 Dec 2025 04:55:02 +0000 ROA not after: Wed 02 Dec 2026 05:00:02 +0000 asID: 141073 IP address blocks: 2406:7740::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.crl rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 14:50:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:73:27:98:99:c3:2a:e9:d9:83:fe:23:ba:02:ab:3c:84:43:d4:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D18956397FA6055A44153CABF07303FD6E55E44 Validity Not Before: Dec 3 04:55:02 2025 GMT Not After : Dec 2 05:00:02 2026 GMT Subject: CN=D391122862AB8C2E920A81F4F286318C28893234 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:48:ca:68:b1:ab:ad:30:29:30:cd:1f:56:dc: cb:53:ea:3f:39:0b:ca:33:20:bc:d6:8a:2d:5f:a6: db:8a:72:39:b9:32:02:3c:7d:50:a0:60:50:74:e9: f5:24:91:60:b5:22:4b:5d:0c:02:f0:3a:d6:51:3a: 54:5a:94:e9:b0:ae:78:43:57:fa:fe:2d:f2:ff:52: 02:40:9d:51:05:c4:8a:97:c2:3c:e1:1a:3d:ab:85: d2:04:b1:83:e4:30:ec:1b:8b:64:a7:31:a2:06:6b: 47:16:77:84:f8:d5:be:fd:90:9b:77:89:1a:f5:11: 30:f7:ab:fe:f7:4b:8f:df:f9:23:88:99:bd:ab:62: eb:b6:53:37:6c:0e:41:8d:22:dc:d2:12:24:54:2a: 84:3f:33:d8:52:05:5e:68:5b:fa:d3:c6:4d:81:c2: 98:d8:29:ec:1d:c4:95:16:d5:16:2d:7a:c6:5b:f8: fc:90:21:93:23:e0:58:eb:4c:39:17:a3:3a:dd:93: e9:64:d1:b8:9d:72:54:e3:3a:ce:f8:06:42:35:f7: b1:d6:bd:e0:23:0c:e2:0c:8f:55:d6:08:93:aa:3e: 63:1e:12:05:4e:8c:9c:a4:fe:e8:3e:f6:c1:16:4f: 5f:f8:57:bc:af:c2:f4:98:dd:56:78:fb:b0:7a:f8: 3e:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:91:12:28:62:AB:8C:2E:92:0A:81:F4:F2:86:31:8C:28:89:32:34 X509v3 Authority Key Identifier: keyid:2D:18:95:63:97:FA:60:55:A4:41:53:CA:BF:07:30:3F:D6:E5:5E:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/2D18956397FA6055A44153CABF07303FD6E55E44.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2D18956397FA6055A44153CABF07303FD6E55E44.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4858f85c-a458-4a58-bbde-4bfb343dc4b0/0/323430363a373734303a3a2f33322d3438203d3e20313431303733.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:7740::/32 Signature Algorithm: sha256WithRSAEncryption b1:b8:07:0a:b8:bc:88:a2:6e:99:0b:a3:a9:41:c9:bc:dc:65: c0:15:7e:ab:6e:5e:58:d8:e5:fd:bc:9d:e8:86:6f:6d:df:43: 92:cf:cc:75:f9:19:85:02:3e:3b:14:71:d4:80:09:7f:51:f5: 0f:2e:6e:7c:dc:35:d2:27:aa:ac:0f:d0:39:ed:3b:08:1f:bb: 3f:5c:f4:c4:94:11:69:6c:44:2c:01:06:57:67:76:fc:06:58: fa:b1:3d:4f:a7:47:eb:b6:87:03:13:7c:fe:8c:3f:06:8c:5a: 7a:1d:58:f2:71:05:f1:40:f6:e0:a0:2b:df:5d:39:8c:3a:66: 8d:63:b1:eb:72:62:37:74:c5:52:9e:99:8a:b0:f7:99:dc:a7: 94:ea:c5:2a:ec:9c:46:79:c9:ed:3d:21:70:ca:69:c4:30:7d: b8:31:74:6b:42:b0:07:cb:dc:77:a0:ff:a6:af:53:11:62:8c: 67:10:d3:fb:f0:58:be:9e:9d:c0:ac:c8:1f:15:9f:fc:e8:03: 06:b4:ed:e1:af:87:99:02:83:27:93:f3:88:52:9d:7e:8d:bc: 04:10:86:ea:48:48:a9:c7:b1:b1:15:61:b8:85:3e:59:e0:96: 6f:f3:dc:f8:99:9a:fb:d2:72:13:ba:cd:d8:d4:ac:77:11:1e: 89:64:19:78 -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgIUZXMnmJnDKunZg/4jugKrPIRD1BYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMwM0ZE NkU1NUU0NDAeFw0yNTEyMDMwNDU1MDJaFw0yNjEyMDIwNTAwMDJaMDMxMTAvBgNV BAMTKEQzOTExMjI4NjJBQjhDMkU5MjBBODFGNEYyODYzMThDMjg4OTMyMzQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQSMposautMCkwzR9W3MtT6j85 C8ozILzWii1fptuKcjm5MgI8fVCgYFB06fUkkWC1IktdDALwOtZROlRalOmwrnhD V/r+LfL/UgJAnVEFxIqXwjzhGj2rhdIEsYPkMOwbi2SnMaIGa0cWd4T41b79kJt3 iRr1ETD3q/73S4/f+SOImb2rYuu2UzdsDkGNItzSEiRUKoQ/M9hSBV5oW/rTxk2B wpjYKewdxJUW1RYtesZb+PyQIZMj4FjrTDkXozrdk+lk0bidclTjOs74BkI197HW veAjDOIMj1XWCJOqPmMeEgVOjJyk/ug+9sEWT1/4V7yvwvSY3VZ4+7B6+D7HAgMB AAGjggIzMIICLzAdBgNVHQ4EFgQU05ESKGKrjC6SCoH08oYxjCiJMjQwHwYDVR0j BBgwFoAULRiVY5f6YFWkQVPKvwcwP9blXkQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 ODU4Zjg1Yy1hNDU4LTRhNTgtYmJkZS00YmZiMzQzZGM0YjAvMC8yRDE4OTU2Mzk3 RkE2MDU1QTQ0MTUzQ0FCRjA3MzAzRkQ2RTU1RTQ0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkQxODk1NjM5N0ZBNjA1NUE0NDE1M0NBQkYwNzMwM0ZENkU1 NUU0NC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ4NThmODVjLWE0NTgtNGE1OC1i YmRlLTRiZmIzNDNkYzRiMC8wLzMyMzQzMDM2M2EzNzM3MzQzMDNhM2EyZjMzMzIy ZDM0MzgyMDNkM2UyMDMxMzQzMTMwMzczMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQGd0AwDQYJKoZI hvcNAQELBQADggEBALG4Bwq4vIiibpkLo6lBybzcZcAVfqtuXljY5f28neiGb23f Q5LPzHX5GYUCPjsUcdSACX9R9Q8ubnzcNdInqqwP0DntOwgfuz9c9MSUEWlsRCwB BldndvwGWPqxPU+nR+u2hwMTfP6MPwaMWnodWPJxBfFA9uCgK99dOYw6Zo1jsety Yjd0xVKemYqw95ncp5TqxSrsnEZ5ye09IXDKacQwfbgxdGtCsAfL3Heg/6avUxFi jGcQ0/vwWL6encCsyB8Vn/zoAwa07eGvh5kCgyeT84hSnX6NvAQQhupISKnHsbEV YbiFPlnglm/z3PiZmvvSchO6zdjUrHcRHolkGXg= -----END CERTIFICATE-----Generated at Wed Dec 3 16:21:08 2025 by rpki-client