This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152050.roa File: AS152050.roa (raw, json) Hash identifier: 6ILb0uz25gfZYiofcIqLmKTZ/s5WvtH7std19e1BrCI= Subject key identifier: A0:F0:C6:C1:E7:51:BD:23:E4:EF:F4:23:F3:9C:62:00:1A:FD:50:88 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 230A73B1577726E6687305C33F2776DBC37AC8C2 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152050.roa Signing time: Mon 24 Nov 2025 10:02:17 +0000 ROA not before: Mon 24 Nov 2025 09:57:17 +0000 ROA not after: Mon 23 Nov 2026 10:02:17 +0000 asID: 152050 IP address blocks: 138.252.157.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 11:07:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:0a:73:b1:57:77:26:e6:68:73:05:c3:3f:27:76:db:c3:7a:c8:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Nov 24 09:57:17 2025 GMT Not After : Nov 23 10:02:17 2026 GMT Subject: CN=A0F0C6C1E751BD23E4EFF423F39C62001AFD5088 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:b0:0b:49:66:38:58:68:6e:22:6f:82:be:21: 36:62:3a:db:58:67:64:4d:07:40:6f:a5:dc:7c:5e: 39:96:04:73:cc:80:c4:4a:69:3f:c6:32:ba:65:0f: cd:38:ed:7a:37:89:48:91:79:9a:f7:6a:f3:57:3a: 0a:c3:60:87:6c:0a:e0:0f:d6:08:3d:72:b9:01:1a: fd:7f:a2:8d:d3:6d:7f:2e:0a:af:a1:33:0d:cc:45: 55:40:c6:80:31:3f:68:31:c5:05:54:83:dc:fa:7f: 21:4f:a8:d6:d9:8c:7b:b1:78:be:6f:c3:47:9b:a0: 05:86:dc:a2:db:5d:7c:73:f1:8e:99:30:b4:28:6a: 30:f4:43:2d:e6:e7:09:69:7d:12:25:ac:75:0a:1a: 79:42:ea:37:18:cc:d9:6f:ff:6e:c8:2b:68:33:f9: 0f:52:94:8e:fc:cf:da:66:7e:d3:ba:54:2a:ed:d1: 32:6e:72:6d:00:ed:8b:6f:8f:d8:94:ef:57:93:a4: 3a:ee:12:d8:f3:f8:7b:02:f6:c1:03:93:94:65:20: 42:32:67:93:17:53:de:36:c7:36:ab:70:09:c1:47: 45:96:35:55:20:5a:a6:78:f9:59:1a:74:2b:13:52: 6d:1f:dc:49:fe:6d:49:06:23:8d:d6:92:46:75:b2: f3:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:F0:C6:C1:E7:51:BD:23:E4:EF:F4:23:F3:9C:62:00:1A:FD:50:88 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152050.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.252.157.0/24 Signature Algorithm: sha256WithRSAEncryption 2a:af:67:0d:56:4a:5f:8a:95:79:9d:ea:a4:a5:53:31:d7:73: e2:51:b1:4c:bd:44:4f:70:c8:a5:54:37:52:b3:43:3b:46:48: 22:7a:25:b9:e1:bb:fe:19:43:8d:d2:38:67:5a:62:13:b7:8e: a6:1c:09:9d:37:96:5b:17:64:f4:bf:28:31:4b:9e:fe:11:c6: 3f:8b:85:4e:9a:b6:16:be:d1:49:fd:92:65:d6:57:90:63:a9: 6f:20:b7:43:fa:cf:4b:3f:3a:e3:a1:de:01:a5:e0:d4:4f:07: 48:13:3c:74:a2:08:cd:e0:e7:07:0a:9c:16:d8:87:5c:14:c8: 0e:6f:9b:3b:54:44:88:24:e2:ed:6f:4e:70:31:97:38:7f:dd: 9c:1e:b7:c5:a0:50:af:9c:e5:22:23:91:6b:b1:a9:2d:26:45: f0:80:84:1e:4b:56:c6:0f:2f:f4:c8:a2:f8:35:12:90:17:63: f0:95:02:96:e0:fd:ee:58:0f:da:91:90:0d:b6:ae:6e:bf:70: 09:20:bb:ec:99:be:8f:4f:ae:38:89:3b:27:1d:94:7a:47:d9: 21:03:2a:ab:24:83:fd:7a:c8:d2:8e:57:d9:fe:e8:2d:d6:05: ca:a8:c3:45:c2:22:5f:0b:c1:52:9a:88:38:cc:e5:e2:5d:c1: fd:80:7b:50 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUIwpzsVd3JuZocwXDPyd228N6yMIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MTEyNDA5NTcxN1oX DTI2MTEyMzEwMDIxN1owMzExMC8GA1UEAxMoQTBGMEM2QzFFNzUxQkQyM0U0RUZG NDIzRjM5QzYyMDAxQUZENTA4ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKuwC0lmOFhobiJvgr4hNmI621hnZE0HQG+l3HxeOZYEc8yAxEppP8YyumUP zTjtejeJSJF5mvdq81c6CsNgh2wK4A/WCD1yuQEa/X+ijdNtfy4Kr6EzDcxFVUDG gDE/aDHFBVSD3Pp/IU+o1tmMe7F4vm/DR5ugBYbcottdfHPxjpkwtChqMPRDLebn CWl9EiWsdQoaeULqNxjM2W//bsgraDP5D1KUjvzP2mZ+07pUKu3RMm5ybQDti2+P 2JTvV5OkOu4S2PP4ewL2wQOTlGUgQjJnkxdT3jbHNqtwCcFHRZY1VSBapnj5WRp0 KxNSbR/cSf5tSQYjjdaSRnWy8/UCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSg8MbB 51G9I+Tv9CPznGIAGv1QiDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjA1MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAIr8nTANBgkqhkiG9w0BAQsFAAOCAQEAKq9nDVZKX4qVeZ3qpKVT Mddz4lGxTL1ET3DIpVQ3UrNDO0ZIInolueG7/hlDjdI4Z1piE7eOphwJnTeWWxdk 9L8oMUue/hHGP4uFTpq2Fr7RSf2SZdZXkGOpbyC3Q/rPSz8646HeAaXg1E8HSBM8 dKIIzeDnBwqcFtiHXBTIDm+bO1REiCTi7W9OcDGXOH/dnB63xaBQr5zlIiORa7Gp LSZF8ICEHktWxg8v9Mii+DUSkBdj8JUCluD97lgP2pGQDbaubr9wCSC77Jm+j0+u OIk7Jx2UekfZIQMqqySD/XrI0o5X2f7oLdYFyqjDRcIiXwvBUpqIOMzl4l3B/YB7 UA== -----END CERTIFICATE-----Generated at Wed Dec 3 16:05:13 2025 by rpki-client