This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS138091.roa File: AS138091.roa (raw, json) Hash identifier: /LzL2EbaGYTJtNu17a6oIFtPONV6aEI+GoglZ6BIKmY= Subject key identifier: 7D:95:9A:C2:13:0E:8A:0D:0C:B1:87:5A:9D:F3:78:94:DB:97:DD:71 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 10DEFFB439C79E1B5D418FBEFE2480A051D0AE5D Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS138091.roa Signing time: Thu 08 Jan 2026 11:00:01 +0000 ROA not before: Thu 08 Jan 2026 10:55:01 +0000 ROA not after: Thu 07 Jan 2027 11:00:01 +0000 asID: 138091 IP address blocks: 157.20.243.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 24 Jan 2026 13:35:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:de:ff:b4:39:c7:9e:1b:5d:41:8f:be:fe:24:80:a0:51:d0:ae:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:01 2026 GMT Not After : Jan 7 11:00:01 2027 GMT Subject: CN=7D959AC2130E8A0D0CB1875A9DF37894DB97DD71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:32:cb:7a:9e:21:97:5a:45:00:c0:27:22:41: 75:9e:e4:d6:8c:bd:06:31:8e:50:cd:6e:a1:e1:c5: c4:81:a8:b0:e6:7c:40:08:f8:b5:10:7f:24:7c:ac: c1:87:58:32:6f:bb:22:a6:a0:6f:c8:d2:fe:76:10: 45:b4:c4:17:89:00:bf:5b:48:d7:e5:65:aa:5d:e4: 20:80:7c:d4:2d:32:ba:f2:8a:a2:0d:0c:a9:0d:79: 79:38:51:16:0b:43:82:42:e2:90:ae:0d:45:50:5c: 17:fc:e3:6d:41:02:a1:dd:4f:34:02:6e:24:cb:8a: a9:0e:ef:3a:6a:2c:8e:66:93:58:c9:6a:74:79:f4: 0d:bf:63:ab:cd:d3:ba:3f:bc:a9:25:fc:3e:3c:ce: 73:9a:32:a8:25:c5:4e:0f:50:0d:f2:93:42:5a:02: d5:c8:55:af:c8:7d:19:17:52:94:e8:6a:97:59:c2: bd:4d:03:ce:09:2d:68:b3:3a:2b:52:e6:30:6e:88: 9d:08:f4:9b:07:dd:22:63:dd:72:b7:6b:3a:d0:5c: b4:53:a0:b0:1b:4a:93:1a:b9:2a:0c:26:31:64:d2: 78:4c:3d:c5:e3:6e:07:02:59:62:d9:73:6d:7f:39: d9:90:64:88:88:8d:5b:4b:f5:19:bb:c2:89:63:bc: 92:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:95:9A:C2:13:0E:8A:0D:0C:B1:87:5A:9D:F3:78:94:DB:97:DD:71 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS138091.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.243.0/24 Signature Algorithm: sha256WithRSAEncryption 07:c4:22:88:86:b3:ca:cb:52:5f:81:52:29:cb:14:9a:f8:59: 98:40:79:c9:98:8d:13:76:17:63:b8:06:85:f5:d3:12:60:37: 93:55:9a:d3:40:94:d8:3d:c6:7e:4b:34:c4:c3:e9:ef:02:f7: 99:d9:59:e8:b2:ca:56:06:eb:69:7d:61:27:d5:d7:69:fe:0c: 8f:8f:b9:5c:33:b5:49:9c:fa:f5:44:a2:df:30:01:05:2b:e5: 17:99:da:18:1d:22:cc:5d:11:8d:04:f7:df:d9:56:57:92:76: 18:d4:d0:5f:c2:20:42:fe:e3:26:d9:46:cb:d6:d2:c2:42:a7: 34:7b:24:c5:d9:ee:8d:b0:08:7f:5d:bc:5a:e9:2f:59:04:34: 7f:74:73:fc:56:86:d6:6d:22:56:dc:2c:68:42:d6:f1:7b:1e: 3c:d1:ab:32:1b:e4:91:79:5b:36:9a:b8:d2:f6:44:1e:04:bd: 0c:8e:82:c9:dc:33:e2:5e:e9:5f:61:0e:b6:18:6c:e2:bb:b5: bf:d0:a4:ee:f2:c0:0c:f3:a2:cc:68:ee:cb:44:3e:4a:5c:38: 65:26:f3:60:0d:8c:00:7b:de:4d:e4:8f:42:c1:8f:70:b8:4d: b7:55:c2:8c:14:05:55:bc:ce:54:4d:a3:51:f0:12:cb:96:4e: 14:a9:75:86 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUEN7/tDnHnhtdQY++/iSAoFHQrl0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwMVoX DTI3MDEwNzExMDAwMVowMzExMC8GA1UEAxMoN0Q5NTlBQzIxMzBFOEEwRDBDQjE4 NzVBOURGMzc4OTREQjk3REQ3MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJcyy3qeIZdaRQDAJyJBdZ7k1oy9BjGOUM1uoeHFxIGosOZ8QAj4tRB/JHys wYdYMm+7Iqagb8jS/nYQRbTEF4kAv1tI1+Vlql3kIIB81C0yuvKKog0MqQ15eThR FgtDgkLikK4NRVBcF/zjbUECod1PNAJuJMuKqQ7vOmosjmaTWMlqdHn0Db9jq83T uj+8qSX8PjzOc5oyqCXFTg9QDfKTQloC1chVr8h9GRdSlOhql1nCvU0DzgktaLM6 K1LmMG6InQj0mwfdImPdcrdrOtBctFOgsBtKkxq5KgwmMWTSeEw9xeNuBwJZYtlz bX852ZBkiIiNW0v1GbvCiWO8ko8CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBR9lZrC Ew6KDQyxh1qd83iU25fdcTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzEzODA5MS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAJ0U8zANBgkqhkiG9w0BAQsFAAOCAQEAB8QiiIazystSX4FSKcsU mvhZmEB5yZiNE3YXY7gGhfXTEmA3k1Wa00CU2D3Gfks0xMPp7wL3mdlZ6LLKVgbr aX1hJ9XXaf4Mj4+5XDO1SZz69USi3zABBSvlF5naGB0izF0RjQT339lWV5J2GNTQ X8IgQv7jJtlGy9bSwkKnNHskxdnujbAIf128WukvWQQ0f3Rz/FaG1m0iVtwsaELW 8XsePNGrMhvkkXlbNpq40vZEHgS9DI6Cydwz4l7pX2EOthhs4ru1v9Ck7vLADPOi zGjuy0Q+Slw4ZSbzYA2MAHveTeSPQsGPcLhNt1XCjBQFVbzOVE2jUfASy5ZOFKl1 hg== -----END CERTIFICATE-----Generated at Wed Jan 21 10:30:34 2026 by rpki-client