This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152395.roa File: AS152395.roa (raw, json) Hash identifier: 5FsM/MoPZ7GnbEu+9XS1xy5vIFa3TIy0gG1oSjjJG8I= Subject key identifier: 44:83:05:3D:FD:65:19:AF:30:36:49:9D:25:70:69:7B:A5:9C:65:A1 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 3935FA0C0AB2A6A011DD128908D6501CC2847E97 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152395.roa Signing time: Thu 08 Jan 2026 11:00:09 +0000 ROA not before: Thu 08 Jan 2026 10:55:09 +0000 ROA not after: Thu 07 Jan 2027 11:00:09 +0000 asID: 152395 IP address blocks: 157.20.90.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 24 Jan 2026 13:35:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:35:fa:0c:0a:b2:a6:a0:11:dd:12:89:08:d6:50:1c:c2:84:7e:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:09 2026 GMT Not After : Jan 7 11:00:09 2027 GMT Subject: CN=4483053DFD6519AF3036499D2570697BA59C65A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:58:57:87:99:59:54:d9:3e:7d:90:5d:6c:2c: 72:cb:51:14:a4:a0:77:6a:4d:10:7f:07:26:9f:23: 96:ef:84:97:da:42:96:30:11:e8:b9:d8:4d:a4:81: fa:15:8e:40:f7:86:9f:17:34:10:0a:13:78:92:23: 80:4a:c6:ee:e4:a8:83:1c:bb:bc:12:bf:06:df:49: 68:38:b8:5c:ca:b1:5c:c5:de:91:19:0d:f3:6f:e3: 65:99:cd:25:b4:e5:56:ee:39:80:b1:10:b7:ee:8c: 36:cd:72:b8:9e:b1:4e:ff:a3:d2:40:05:1e:6d:f4: 18:cc:ee:44:1a:c6:66:d4:60:7b:10:b2:34:b3:bd: 5d:82:7c:90:12:c7:8b:55:7f:e0:05:1f:13:af:69: e1:a3:2c:62:8f:de:36:46:ab:4f:cb:1c:bd:5e:b9: 52:12:cb:23:ac:c9:6b:fd:c6:d9:76:f8:2d:a3:88: 6e:54:fd:66:b6:27:c6:1d:ff:01:6a:75:bd:02:e6: af:c8:39:a8:e9:c5:a9:ac:97:70:ed:50:86:46:9f: 11:03:d1:22:d4:4f:93:6a:e2:9f:42:e1:39:6d:1a: e0:ce:48:16:1f:c0:92:20:08:2c:cc:1f:3b:cf:e6: 33:36:5c:0c:29:20:ba:77:a9:fa:56:38:ca:1f:7a: 07:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:83:05:3D:FD:65:19:AF:30:36:49:9D:25:70:69:7B:A5:9C:65:A1 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152395.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.90.0/23 Signature Algorithm: sha256WithRSAEncryption 8c:bb:6a:00:be:57:9c:c2:92:07:e0:7f:c2:b8:cf:81:a2:2e: b4:e7:04:0c:ad:fc:b9:67:1e:e2:22:f3:15:4e:57:34:9c:6b: 8c:7b:ff:1c:5a:77:bc:d6:09:90:7f:9b:2c:5a:33:9a:5f:03: 0a:d5:84:7c:af:b9:23:d1:d4:de:2a:8e:92:39:30:62:d0:0d: 38:bb:1d:6b:bf:e3:5b:cc:78:2e:1c:b6:7f:57:36:5a:60:93: bf:93:97:f5:4c:e9:26:c9:77:03:8b:a7:4f:8c:93:fd:72:22: 38:b4:a5:74:a2:40:fa:f5:94:f4:3f:df:43:dd:69:29:d1:e7: 4e:63:ea:31:c4:91:66:28:7e:47:fc:7a:f1:a5:dd:70:75:1f: 7f:ec:ce:34:88:3c:43:ba:1f:e0:43:6d:95:50:fe:f5:19:14: 3c:e2:89:7b:1d:a7:d4:95:1f:89:93:4b:ba:64:14:a1:5c:2d: 43:4b:93:1b:d3:f6:b1:70:00:6b:5e:34:f9:62:2e:55:d7:4f: ec:44:56:eb:62:5c:8c:76:8c:52:c6:44:df:0a:22:2e:cf:bc: df:51:bc:f9:02:21:47:2a:32:ae:5f:7a:11:ab:ec:14:78:3c: 21:09:07:5d:3b:ae:72:8a:22:8f:3a:b1:5e:cc:71:f4:22:cf: ba:cd:32:71 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUOTX6DAqypqAR3RKJCNZQHMKEfpcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwOVoX DTI3MDEwNzExMDAwOVowMzExMC8GA1UEAxMoNDQ4MzA1M0RGRDY1MTlBRjMwMzY0 OTlEMjU3MDY5N0JBNTlDNjVBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKVYV4eZWVTZPn2QXWwscstRFKSgd2pNEH8HJp8jlu+El9pCljAR6LnYTaSB +hWOQPeGnxc0EAoTeJIjgErG7uSogxy7vBK/Bt9JaDi4XMqxXMXekRkN82/jZZnN JbTlVu45gLEQt+6MNs1yuJ6xTv+j0kAFHm30GMzuRBrGZtRgexCyNLO9XYJ8kBLH i1V/4AUfE69p4aMsYo/eNkarT8scvV65UhLLI6zJa/3G2Xb4LaOIblT9ZrYnxh3/ AWp1vQLmr8g5qOnFqayXcO1QhkafEQPRItRPk2rin0LhOW0a4M5IFh/AkiAILMwf O8/mMzZcDCkgunep+lY4yh96B/kCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBREgwU9 /WUZrzA2SZ0lcGl7pZxloTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjM5NS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0UWjANBgkqhkiG9w0BAQsFAAOCAQEAjLtqAL5XnMKSB+B/wrjP gaIutOcEDK38uWce4iLzFU5XNJxrjHv/HFp3vNYJkH+bLFozml8DCtWEfK+5I9HU 3iqOkjkwYtANOLsda7/jW8x4Lhy2f1c2WmCTv5OX9UzpJsl3A4unT4yT/XIiOLSl dKJA+vWU9D/fQ91pKdHnTmPqMcSRZih+R/x68aXdcHUff+zONIg8Q7of4ENtlVD+ 9RkUPOKJex2n1JUfiZNLumQUoVwtQ0uTG9P2sXAAa140+WIuVddP7ERW62JcjHaM UsZE3woiLs+831G8+QIhRyoyrl96EavsFHg8IQkHXTuucooijzqxXsxx9CLPus0y cQ== -----END CERTIFICATE-----Generated at Wed Jan 21 10:30:34 2026 by rpki-client