This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS139408.roa File: AS139408.roa (raw, json) Hash identifier: ltagHSlEwOof5HauZMYr/lheuKDZp0d7bvGCjGV79Fo= Subject key identifier: CB:89:12:F3:8C:B2:78:CF:C6:8E:FB:AF:5E:B4:DD:95:C1:46:20:6B Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 4A5112B51982BBF15FFA1AB271EADDE1ABD8503B Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS139408.roa Signing time: Thu 08 Jan 2026 11:00:09 +0000 ROA not before: Thu 08 Jan 2026 10:55:09 +0000 ROA not after: Thu 07 Jan 2027 11:00:09 +0000 asID: 139408 IP address blocks: 160.22.68.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 24 Jan 2026 13:35:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:51:12:b5:19:82:bb:f1:5f:fa:1a:b2:71:ea:dd:e1:ab:d8:50:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:09 2026 GMT Not After : Jan 7 11:00:09 2027 GMT Subject: CN=CB8912F38CB278CFC68EFBAF5EB4DD95C146206B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:f7:4b:7f:b1:72:37:57:7c:bb:2c:6b:42:e3: e5:38:83:70:ee:ab:4f:f5:dc:ba:78:74:05:84:84: 45:58:43:0e:ed:ef:8e:e9:b3:db:ab:ae:9e:98:2c: 41:94:91:8d:f9:cb:30:73:a4:dd:6d:5c:95:7b:c6: f0:59:a2:ce:b9:0f:0e:4c:49:01:6a:2d:30:1a:6a: 9a:ea:9c:15:35:34:5f:fc:02:eb:aa:41:b0:27:48: 00:cd:34:6b:9f:81:eb:37:40:db:db:04:26:4a:db: d1:80:f3:78:ca:3c:0e:44:4c:31:86:a7:92:7a:89: 63:76:47:5c:bf:0c:e0:98:fd:4a:1e:b0:7c:20:77: 5f:68:36:7f:2a:4f:73:10:1e:f4:c6:0d:63:41:01: bd:dd:42:72:da:34:1b:17:1f:23:07:d2:b7:8c:13: 09:1b:6d:8f:1a:0e:39:ff:a3:e0:ab:17:0e:23:32: 4e:35:60:32:da:a2:0b:de:06:87:54:33:da:5d:71: 8c:98:c8:ec:88:bc:2d:c5:19:5e:93:53:fb:20:38: 7c:10:25:d2:89:dd:2f:b8:d6:d5:96:cb:9c:6a:ba: 47:97:d0:ee:e3:d1:e8:b5:78:77:99:d0:6a:53:1b: a5:b6:09:21:4e:fa:03:13:3d:59:ef:d2:b1:50:7c: a6:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:89:12:F3:8C:B2:78:CF:C6:8E:FB:AF:5E:B4:DD:95:C1:46:20:6B X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS139408.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.68.0/23 Signature Algorithm: sha256WithRSAEncryption 74:57:74:15:22:1d:01:1d:7b:36:70:6c:ff:e4:c3:3c:86:6d: 48:fe:ac:73:9b:52:7d:ef:e4:57:b0:e9:72:9d:df:22:be:8f: f2:b3:b9:b5:a8:4e:4c:ec:8a:19:43:b9:bb:ae:70:9c:70:b1: 1a:3a:92:6a:bc:cc:74:f8:a8:7e:07:a0:ff:07:60:83:41:d1: 2d:6f:19:bb:45:80:eb:22:8c:65:6b:3f:cc:53:78:d3:5b:80: bf:b1:ca:5d:c2:af:a8:76:4c:c7:e7:bf:b0:25:66:83:d2:d6: 6e:d6:4e:54:be:da:70:e4:b3:bf:86:2e:0b:82:3f:57:cd:07: 6a:76:fa:4a:b1:74:5d:d1:29:d6:ca:8a:81:46:b7:03:35:3b: 5a:b1:87:75:21:ff:1a:d1:18:7e:25:ab:e8:8b:02:45:02:40: 20:79:c5:8f:c5:06:04:67:09:28:4f:67:e2:b5:2f:49:5a:5d: e2:00:d3:39:1f:cd:b7:ce:d4:c4:86:0c:f1:6d:c6:2e:8d:57: 98:57:c0:b5:6a:ab:d5:c7:54:86:4c:48:37:4f:6c:8a:ab:b2: 8a:c8:d1:42:98:4c:2d:77:4e:25:7f:2d:a5:04:d9:65:2e:6b: cc:cb:ff:78:41:8e:ca:0d:9c:ab:cc:96:97:d3:a0:a9:1b:65: ac:e6:1a:b2 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUSlEStRmCu/Ff+hqycerd4avYUDswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwOVoX DTI3MDEwNzExMDAwOVowMzExMC8GA1UEAxMoQ0I4OTEyRjM4Q0IyNzhDRkM2OEVG QkFGNUVCNEREOTVDMTQ2MjA2QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM/3S3+xcjdXfLssa0Lj5TiDcO6rT/Xcunh0BYSERVhDDu3vjumz26uunpgs QZSRjfnLMHOk3W1clXvG8FmizrkPDkxJAWotMBpqmuqcFTU0X/wC66pBsCdIAM00 a5+B6zdA29sEJkrb0YDzeMo8DkRMMYanknqJY3ZHXL8M4Jj9Sh6wfCB3X2g2fypP cxAe9MYNY0EBvd1Ccto0GxcfIwfSt4wTCRttjxoOOf+j4KsXDiMyTjVgMtqiC94G h1Qz2l1xjJjI7Ii8LcUZXpNT+yA4fBAl0ondL7jW1ZbLnGq6R5fQ7uPR6LV4d5nQ alMbpbYJIU76AxM9We/SsVB8pjcCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTLiRLz jLJ4z8aO+69etN2VwUYgazAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzEzOTQwOC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaAWRDANBgkqhkiG9w0BAQsFAAOCAQEAdFd0FSIdAR17NnBs/+TD PIZtSP6sc5tSfe/kV7Dpcp3fIr6P8rO5tahOTOyKGUO5u65wnHCxGjqSarzMdPio fgeg/wdgg0HRLW8Zu0WA6yKMZWs/zFN401uAv7HKXcKvqHZMx+e/sCVmg9LWbtZO VL7acOSzv4YuC4I/V80Hanb6SrF0XdEp1sqKgUa3AzU7WrGHdSH/GtEYfiWr6IsC RQJAIHnFj8UGBGcJKE9n4rUvSVpd4gDTOR/Nt87UxIYM8W3GLo1XmFfAtWqr1cdU hkxIN09siquyisjRQphMLXdOJX8tpQTZZS5rzMv/eEGOyg2cq8yWl9OgqRtlrOYa sg== -----END CERTIFICATE-----Generated at Wed Jan 21 10:30:32 2026 by rpki-client