This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS0.roa File: AS0.roa (raw, json) Hash identifier: QBVeUHCIOTAIOaoI84HzSVOiJaeyF8cai7XppkJ1K8E= Subject key identifier: CE:E3:99:7F:22:22:4C:24:9B:0E:D4:AA:47:13:D4:B3:5B:6A:5D:D7 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 5F8D8755C19431BEC5892C1CDF2AF03C52268F10 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS0.roa Signing time: Fri 19 Dec 2025 03:20:15 +0000 ROA not before: Fri 19 Dec 2025 03:15:15 +0000 ROA not after: Fri 18 Dec 2026 03:20:15 +0000 asID: 0 IP address blocks: 157.10.212.0/23 maxlen: 24 157.15.68.0/24 maxlen: 24 157.15.170.0/23 maxlen: 24 157.20.120.0/23 maxlen: 24 157.20.167.0/24 maxlen: 24 157.20.232.0/24 maxlen: 24 157.20.237.0/24 maxlen: 24 157.66.34.0/23 maxlen: 24 157.66.54.0/23 maxlen: 24 157.66.82.0/23 maxlen: 24 157.66.126.0/23 maxlen: 24 160.20.212.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 09 Jan 2026 14:43:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:8d:87:55:c1:94:31:be:c5:89:2c:1c:df:2a:f0:3c:52:26:8f:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Dec 19 03:15:15 2025 GMT Not After : Dec 18 03:20:15 2026 GMT Subject: CN=CEE3997F22224C249B0ED4AA4713D4B35B6A5DD7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:4f:d1:c6:1e:42:08:65:1e:53:e1:e8:d1:2d: 82:4f:6a:89:b0:38:85:89:57:e8:bf:a8:18:28:20: d3:ea:05:44:fa:e8:55:81:6e:6b:67:21:0f:f7:11: c0:1b:de:9a:57:ee:57:52:a2:be:e7:a5:f7:b1:51: f1:84:d7:8c:e9:06:e7:02:60:88:70:c3:44:db:ba: d1:b3:80:6c:7b:46:cf:5b:d1:54:46:96:26:b0:bc: 89:cf:9b:0e:19:93:81:27:67:eb:48:2a:33:9e:62: 2b:4c:31:e1:a1:af:4f:b9:ae:5a:e5:96:33:88:aa: d2:a9:2a:92:ce:69:1d:88:56:3a:c7:62:ce:f9:9e: a6:1d:4b:21:24:32:68:84:d8:43:21:1b:04:ce:28: d8:40:5d:b5:cd:83:39:81:c9:61:12:6a:d1:cb:72: b4:8c:1d:eb:37:5e:16:1e:7f:46:e8:b3:92:87:8d: c5:05:50:de:09:4a:2a:be:2d:1d:a6:3a:a6:69:9c: e9:fa:53:00:86:1e:0c:6a:61:35:ea:77:77:1c:ba: f6:64:99:a7:16:22:17:02:ca:e2:09:99:50:da:a4: 18:39:90:34:c6:64:b3:5c:36:f8:1c:42:ac:76:f2: 4f:85:c9:5d:f4:67:ca:e0:a0:f3:e4:b7:b0:47:a8: 0d:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:E3:99:7F:22:22:4C:24:9B:0E:D4:AA:47:13:D4:B3:5B:6A:5D:D7 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS0.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.10.212.0/23 157.15.68.0/24 157.15.170.0/23 157.20.120.0/23 157.20.167.0/24 157.20.232.0/24 157.20.237.0/24 157.66.34.0/23 157.66.54.0/23 157.66.82.0/23 157.66.126.0/23 160.20.212.0/24 Signature Algorithm: sha256WithRSAEncryption 3b:d5:84:46:c8:08:e8:65:6a:fd:37:32:a5:30:ba:30:92:05: 73:7a:12:ad:c6:7c:6a:7e:97:d8:af:17:0a:38:7b:b5:ce:15: 26:96:ef:a4:16:26:5f:1c:2c:21:a3:24:02:4d:a9:6e:e0:71: 73:90:7f:22:7a:df:e0:9f:2c:30:28:a7:86:5f:8d:a8:e7:36: b1:5d:9e:93:29:e1:1e:4a:72:07:62:3b:b6:b4:52:b1:6d:e6: 5f:63:90:ae:15:12:74:bf:33:45:5c:c0:94:e7:bc:c2:eb:d2: af:ff:5a:b7:4a:e2:7c:0e:c3:dc:48:09:80:2a:f7:9d:ea:ea: ec:15:47:22:75:1c:a8:e3:41:19:50:2c:da:74:95:57:00:38: 35:ff:92:60:6f:02:77:50:82:38:54:31:a2:23:c3:6a:9a:8c: cb:7e:d7:65:ee:aa:9f:1b:ed:60:c8:fd:cd:f8:dc:02:c7:1e: b2:45:51:7a:9b:a0:1f:0c:9c:0d:f6:2b:a3:5f:13:fd:bd:31: ff:dd:fd:d0:c8:9b:cb:09:e4:71:bc:33:37:1a:70:c5:69:00: 42:03:dc:b2:9c:96:eb:de:e4:af:0a:f2:4d:40:a2:9e:8b:20: 22:ef:16:3d:bb:d1:5a:94:2c:18:72:51:37:59:45:bf:6a:1a: 64:3b:9e:5f -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgIUX42HVcGUMb7FiSwc3yrwPFImjxAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MTIxOTAzMTUxNVoX DTI2MTIxODAzMjAxNVowMzExMC8GA1UEAxMoQ0VFMzk5N0YyMjIyNEMyNDlCMEVE NEFBNDcxM0Q0QjM1QjZBNURENzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALFP0cYeQghlHlPh6NEtgk9qibA4hYlX6L+oGCgg0+oFRProVYFua2chD/cR wBvemlfuV1Kivuel97FR8YTXjOkG5wJgiHDDRNu60bOAbHtGz1vRVEaWJrC8ic+b DhmTgSdn60gqM55iK0wx4aGvT7muWuWWM4iq0qkqks5pHYhWOsdizvmeph1LISQy aITYQyEbBM4o2EBdtc2DOYHJYRJq0ctytIwd6zdeFh5/RuizkoeNxQVQ3glKKr4t HaY6pmmc6fpTAIYeDGphNep3dxy69mSZpxYiFwLK4gmZUNqkGDmQNMZks1w2+BxC rHbyT4XJXfRnyuCg8+S3sEeoDdcCAwEAAaOCAg0wggIJMB0GA1UdDgQWBBTO45l/ IiJMJJsO1KpHE9SzW2pd1zAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzAucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwYQYIKwYBBQUHAQcBAf8EUjBQME4EAgAB MEgDBAGdCtQDBACdD0QDBAGdD6oDBAGdFHgDBACdFKcDBACdFOgDBACdFO0DBAGd QiIDBAGdQjYDBAGdQlIDBAGdQn4DBACgFNQwDQYJKoZIhvcNAQELBQADggEBADvV hEbICOhlav03MqUwujCSBXN6Eq3GfGp+l9ivFwo4e7XOFSaW76QWJl8cLCGjJAJN qW7gcXOQfyJ63+CfLDAop4ZfjajnNrFdnpMp4R5KcgdiO7a0UrFt5l9jkK4VEnS/ M0VcwJTnvMLr0q//WrdK4nwOw9xICYAq953q6uwVRyJ1HKjjQRlQLNp0lVcAODX/ kmBvAndQgjhUMaIjw2qajMt+12Xuqp8b7WDI/c343ALHHrJFUXqboB8MnA32K6Nf E/29Mf/d/dDIm8sJ5HG8MzcacMVpAEID3LKcluve5K8K8k1Aop6LICLvFj270VqU LBhyUTdZRb9qGmQ7nl8= -----END CERTIFICATE-----Generated at Wed Jan 7 23:48:38 2026 by rpki-client