This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS138554.roa File: AS138554.roa (raw, json) Hash identifier: 6Ulz9jFt+A1UXKdqUPvhIzJ+il4iBqoQyA2yQN07gs0= Subject key identifier: 79:47:DB:CC:7C:2E:2F:43:AF:0D:66:D3:E9:C5:89:3D:72:9F:F1:0B Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 0BF8127ECDE1FFC78783BC7957009DD4044AE705 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS138554.roa Signing time: Fri 07 Nov 2025 02:11:22 +0000 ROA not before: Fri 07 Nov 2025 02:06:22 +0000 ROA not after: Fri 06 Nov 2026 02:11:22 +0000 asID: 138554 IP address blocks: 138.252.87.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 11:07:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:f8:12:7e:cd:e1:ff:c7:87:83:bc:79:57:00:9d:d4:04:4a:e7:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Nov 7 02:06:22 2025 GMT Not After : Nov 6 02:11:22 2026 GMT Subject: CN=7947DBCC7C2E2F43AF0D66D3E9C5893D729FF10B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:6b:51:13:0d:17:db:46:70:0e:56:5c:ce:89: cc:8b:61:d4:e4:14:21:67:a1:9e:73:cf:48:8e:93: 5e:b7:fc:c0:fe:7f:ca:1c:e9:24:79:18:5c:67:99: 70:11:ae:54:af:e8:22:ee:6b:46:fb:6d:7d:19:69: 76:0a:12:d0:01:41:1a:04:57:89:42:9e:e7:fb:30: 77:82:81:d0:09:54:f9:42:bd:b1:17:0c:39:23:ee: 53:a4:f3:57:1d:02:eb:3d:28:82:45:1c:29:12:8a: 30:c4:a5:b3:9e:e9:69:16:e4:7e:f7:1a:7d:c0:bc: 80:c6:e9:df:ef:e7:98:fe:fe:ec:b3:fc:98:3f:5f: b5:68:48:a8:db:c6:75:19:6f:44:23:64:7f:ed:77: 38:81:51:11:3d:51:9f:c7:a5:51:82:e5:f2:1f:61: ef:e1:81:58:68:e7:ce:3d:c3:10:1c:63:b6:2c:91: f7:5a:54:0d:75:1d:3f:54:1e:69:df:02:76:0f:ea: be:98:d1:24:99:07:d7:c9:24:a0:f1:1f:02:8f:2a: 1b:1c:5d:9b:20:55:d7:51:ab:77:e3:3a:fc:0f:44: 8f:75:46:81:cf:50:0d:91:c3:a1:cb:d8:04:29:bb: af:f2:98:b9:f5:1f:d7:01:a9:68:3a:cf:14:d2:0a: 34:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:47:DB:CC:7C:2E:2F:43:AF:0D:66:D3:E9:C5:89:3D:72:9F:F1:0B X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS138554.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.252.87.0/24 Signature Algorithm: sha256WithRSAEncryption 42:e4:ac:6f:ab:28:8e:65:8e:9a:d5:5d:7a:5b:a1:14:57:7f: e8:ed:f4:83:dc:44:3c:d3:f4:7c:88:52:44:94:b2:10:3a:99: c7:18:38:fd:9e:85:cb:8a:06:65:01:75:0c:d8:21:d8:a7:fb: 75:ca:95:0d:8b:9a:a8:ab:72:81:4c:1d:55:e9:f1:88:14:28: db:ba:37:6b:8e:a5:5a:7a:cb:e1:77:df:1b:a5:03:d9:db:a6: d8:85:bc:df:5e:fd:db:0a:ba:5c:f5:e4:27:6e:fe:c0:92:b6: f0:04:72:8a:29:e5:9f:13:9e:b2:8b:fe:4c:af:f6:9c:44:94: bd:d6:31:87:9e:b1:af:f4:5d:7b:83:77:70:f5:5a:c6:b4:39: 5d:36:61:53:9e:30:bd:a4:63:99:8b:85:4d:0c:08:0d:e9:bf: 8d:1e:ff:57:c6:cf:d0:b9:63:98:8f:b3:56:a3:ca:40:c6:0f: 45:8c:a4:04:30:9b:20:83:36:70:35:dd:d6:2a:63:55:1f:3f: c4:4f:de:6f:fd:ad:30:f6:bd:98:35:f8:8a:a7:9c:e1:cd:2c: d2:db:3d:b5:23:0f:ba:44:20:7f:aa:d9:ec:68:b8:3d:7b:06: 49:91:71:87:94:1a:02:bf:b5:95:8b:e3:a4:b2:cf:62:5c:bb: 80:4f:b5:1d -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUC/gSfs3h/8eHg7x5VwCd1ARK5wUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MTEwNzAyMDYyMloX DTI2MTEwNjAyMTEyMlowMzExMC8GA1UEAxMoNzk0N0RCQ0M3QzJFMkY0M0FGMEQ2 NkQzRTlDNTg5M0Q3MjlGRjEwQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAONrURMNF9tGcA5WXM6JzIth1OQUIWehnnPPSI6TXrf8wP5/yhzpJHkYXGeZ cBGuVK/oIu5rRvttfRlpdgoS0AFBGgRXiUKe5/swd4KB0AlU+UK9sRcMOSPuU6Tz Vx0C6z0ogkUcKRKKMMSls57paRbkfvcafcC8gMbp3+/nmP7+7LP8mD9ftWhIqNvG dRlvRCNkf+13OIFRET1Rn8elUYLl8h9h7+GBWGjnzj3DEBxjtiyR91pUDXUdP1Qe ad8Cdg/qvpjRJJkH18kkoPEfAo8qGxxdmyBV11Grd+M6/A9Ej3VGgc9QDZHDocvY BCm7r/KYufUf1wGpaDrPFNIKNGcCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBR5R9vM fC4vQ68NZtPpxYk9cp/xCzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzEzODU1NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAIr8VzANBgkqhkiG9w0BAQsFAAOCAQEAQuSsb6sojmWOmtVdeluh FFd/6O30g9xEPNP0fIhSRJSyEDqZxxg4/Z6Fy4oGZQF1DNgh2Kf7dcqVDYuaqKty gUwdVenxiBQo27o3a46lWnrL4XffG6UD2dum2IW831792wq6XPXkJ27+wJK28ARy iinlnxOesov+TK/2nESUvdYxh56xr/Rde4N3cPVaxrQ5XTZhU54wvaRjmYuFTQwI Dem/jR7/V8bP0LljmI+zVqPKQMYPRYykBDCbIIM2cDXd1ipjVR8/xE/eb/2tMPa9 mDX4iqec4c0s0ts9tSMPukQgf6rZ7Gi4PXsGSZFxh5QaAr+1lYvjpLLPYly7gE+1 HQ== -----END CERTIFICATE-----Generated at Wed Dec 3 14:54:14 2025 by rpki-client