This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/63669ea4-e82f-46c3-8dd3-2e988159b202/0/3230322e3133332e332e302f32342d3234203d3e203234323030.roa File: 3230322e3133332e332e302f32342d3234203d3e203234323030.roa (raw, json) Hash identifier: NDeOIbsC2Gb17cgUpeSYzxHEHiZeh+ueNQnGf7HfQng= Subject key identifier: 7E:8C:9C:00:AA:32:69:46:34:13:F9:F4:85:D3:51:8C:F3:1D:D5:6F Certificate issuer: /CN=D0C6D75C3C347D5B27C78911F62C5FAB8BA7BE40 Certificate serial: 22A71713FE5ED79E3982A043434DB244BF82137B Authority key identifier: D0:C6:D7:5C:3C:34:7D:5B:27:C7:89:11:F6:2C:5F:AB:8B:A7:BE:40 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C6D75C3C347D5B27C78911F62C5FAB8BA7BE40.cer Subject info access: rsync://repo-rpki.idnic.net/repo/63669ea4-e82f-46c3-8dd3-2e988159b202/0/3230322e3133332e332e302f32342d3234203d3e203234323030.roa Signing time: Mon 24 Nov 2025 09:02:11 +0000 ROA not before: Mon 24 Nov 2025 08:57:11 +0000 ROA not after: Mon 23 Nov 2026 09:02:11 +0000 asID: 24200 IP address blocks: 202.133.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/63669ea4-e82f-46c3-8dd3-2e988159b202/0/D0C6D75C3C347D5B27C78911F62C5FAB8BA7BE40.crl rsync://repo-rpki.idnic.net/repo/63669ea4-e82f-46c3-8dd3-2e988159b202/0/D0C6D75C3C347D5B27C78911F62C5FAB8BA7BE40.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C6D75C3C347D5B27C78911F62C5FAB8BA7BE40.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 04 Dec 2025 16:10:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:a7:17:13:fe:5e:d7:9e:39:82:a0:43:43:4d:b2:44:bf:82:13:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D0C6D75C3C347D5B27C78911F62C5FAB8BA7BE40 Validity Not Before: Nov 24 08:57:11 2025 GMT Not After : Nov 23 09:02:11 2026 GMT Subject: CN=7E8C9C00AA3269463413F9F485D3518CF31DD56F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:70:58:2e:72:43:77:0d:d6:3c:ca:bf:53:5d: c4:42:38:22:e0:b5:b3:8f:9d:13:15:64:f4:0a:d9: 02:f7:81:62:a7:03:d9:75:72:b8:b4:4f:1e:88:dd: 24:4d:e9:f8:2d:c1:83:a0:79:25:fb:24:d3:19:fe: 33:4f:37:26:f2:36:b1:2b:fa:86:72:cd:6f:ce:1c: 2e:55:d3:e9:8f:e6:5d:cc:98:57:9b:d4:18:bd:12: 9c:f6:d3:0a:cd:90:64:1b:3c:83:07:c0:fd:93:af: 41:2f:07:82:9e:5d:99:cf:2e:6d:22:f8:9f:74:ab: ac:f4:6d:c1:83:21:f6:cd:7a:d7:3b:53:a1:37:7e: 69:42:f4:bf:f1:d0:e7:99:b1:8e:7f:37:89:28:37: b0:3b:d0:8d:58:ea:19:9b:2e:8f:4e:cb:ba:1a:c6: 24:6c:69:6e:f9:63:5e:33:8f:9a:36:bb:19:2c:9e: cc:ef:2e:99:ee:57:a4:d6:06:67:e7:76:7b:66:ab: 88:1b:13:80:c8:f9:53:45:ff:84:a2:c6:8e:16:89: f5:11:cf:19:23:b4:12:24:91:83:f5:c3:f3:38:d2: df:52:8f:63:94:08:8b:c6:ca:fc:90:4c:d1:5d:52: 0f:de:b4:8f:7c:12:90:a6:0a:df:10:52:84:04:ed: 43:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:8C:9C:00:AA:32:69:46:34:13:F9:F4:85:D3:51:8C:F3:1D:D5:6F X509v3 Authority Key Identifier: keyid:D0:C6:D7:5C:3C:34:7D:5B:27:C7:89:11:F6:2C:5F:AB:8B:A7:BE:40 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/63669ea4-e82f-46c3-8dd3-2e988159b202/0/D0C6D75C3C347D5B27C78911F62C5FAB8BA7BE40.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C6D75C3C347D5B27C78911F62C5FAB8BA7BE40.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/63669ea4-e82f-46c3-8dd3-2e988159b202/0/3230322e3133332e332e302f32342d3234203d3e203234323030.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.133.3.0/24 Signature Algorithm: sha256WithRSAEncryption 90:76:f0:ff:a1:b3:ea:1f:a7:8f:d0:bc:13:8d:20:a3:be:df: 84:ac:fc:d7:6f:e4:74:6b:2d:31:b7:51:35:e9:59:d7:76:df: 6a:f4:e4:31:7d:0f:d4:3c:70:5f:a7:38:96:46:fe:dd:42:5c: d6:91:ec:38:58:fa:8f:91:73:52:ff:59:48:90:c7:29:f0:7d: bd:90:40:ad:13:01:1e:14:2e:39:3a:26:68:90:a3:be:11:0a: ec:43:4b:00:8f:e9:72:d6:3d:5d:48:79:d4:8c:07:79:51:df: d3:4c:ae:23:cf:70:bf:9d:bd:f5:f6:ab:08:7e:0b:3c:26:c1: 14:d7:bf:d7:0d:46:06:23:c8:24:40:27:f0:5f:7c:04:9b:99: bf:bf:e5:e1:a7:7d:d0:ac:6c:60:ce:19:5c:92:a4:7a:e7:5d: cf:98:a2:bf:8a:26:1c:68:1e:98:71:2a:43:9c:56:fb:11:e9: ae:7b:e6:c1:83:c4:3e:9a:29:ba:68:4e:ca:30:8b:69:e4:c2: 5f:12:8a:07:36:02:53:ae:35:9b:77:01:5a:2b:65:8c:83:95: c7:a7:0c:cf:bd:79:9f:1b:0d:7b:ee:a5:32:6a:09:4f:a0:d8: 58:4f:66:1f:06:38:93:43:4c:6e:72:62:db:d6:ca:33:91:e1: 8e:ee:9d:80 -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgIUIqcXE/5e1545gqBDQ02yRL+CE3swDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDBDNkQ3NUMzQzM0N0Q1QjI3Qzc4OTExRjYyQzVGQUI4 QkE3QkU0MDAeFw0yNTExMjQwODU3MTFaFw0yNjExMjMwOTAyMTFaMDMxMTAvBgNV BAMTKDdFOEM5QzAwQUEzMjY5NDYzNDEzRjlGNDg1RDM1MThDRjMxREQ1NkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDecFguckN3DdY8yr9TXcRCOCLg tbOPnRMVZPQK2QL3gWKnA9l1cri0Tx6I3SRN6fgtwYOgeSX7JNMZ/jNPNybyNrEr +oZyzW/OHC5V0+mP5l3MmFeb1Bi9Epz20wrNkGQbPIMHwP2Tr0EvB4KeXZnPLm0i +J90q6z0bcGDIfbNetc7U6E3fmlC9L/x0OeZsY5/N4koN7A70I1Y6hmbLo9Oy7oa xiRsaW75Y14zj5o2uxksnszvLpnuV6TWBmfndntmq4gbE4DI+VNF/4Sixo4WifUR zxkjtBIkkYP1w/M40t9Sj2OUCIvGyvyQTNFdUg/etI98EpCmCt8QUoQE7UM7AgMB AAGjggIwMIICLDAdBgNVHQ4EFgQUfoycAKoyaUY0E/n0hdNRjPMd1W8wHwYDVR0j BBgwFoAU0MbXXDw0fVsnx4kR9ixfq4unvkAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 MzY2OWVhNC1lODJmLTQ2YzMtOGRkMy0yZTk4ODE1OWIyMDIvMC9EMEM2RDc1QzND MzQ3RDVCMjdDNzg5MTFGNjJDNUZBQjhCQTdCRTQwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDBDNkQ3NUMzQzM0N0Q1QjI3Qzc4OTExRjYyQzVGQUI4QkE3 QkU0MC5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzYzNjY5ZWE0LWU4MmYtNDZjMy04 ZGQzLTJlOTg4MTU5YjIwMi8wLzMyMzAzMjJlMzEzMzMzMmUzMzJlMzAyZjMyMzQy ZDMyMzQyMDNkM2UyMDMyMzQzMjMwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKhQMwDQYJKoZIhvcN AQELBQADggEBAJB28P+hs+ofp4/QvBONIKO+34Ss/Ndv5HRrLTG3UTXpWdd232r0 5DF9D9Q8cF+nOJZG/t1CXNaR7DhY+o+Rc1L/WUiQxynwfb2QQK0TAR4ULjk6JmiQ o74RCuxDSwCP6XLWPV1IedSMB3lR39NMriPPcL+dvfX2qwh+CzwmwRTXv9cNRgYj yCRAJ/BffASbmb+/5eGnfdCsbGDOGVySpHrnXc+Yor+KJhxoHphxKkOcVvsR6a57 5sGDxD6aKbpoTsowi2nkwl8Sigc2AlOuNZt3AVorZYyDlcenDM+9eZ8bDXvupTJq CU+g2FhPZh8GOJNDTG5yYtvWyjOR4Y7unYA= -----END CERTIFICATE-----Generated at Wed Dec 3 15:29:02 2025 by rpki-client