This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS154393.roa File: AS154393.roa (raw, json) Hash identifier: F6lmyKKai2Y5SZdVtMpXIoaP8q1G75PkW1Bh5jkd9jg= Subject key identifier: 71:49:7F:43:B7:74:2F:CC:4B:97:7F:95:1F:2A:2B:41:3A:F8:B7:7A Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 2FC51C23B1CAB6ACD39620ECE2606223F441FF14 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS154393.roa Signing time: Fri 02 Jan 2026 03:00:55 +0000 ROA not before: Fri 02 Jan 2026 02:55:55 +0000 ROA not after: Fri 01 Jan 2027 03:00:55 +0000 asID: 154393 IP address blocks: 138.252.252.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 24 Jan 2026 13:35:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:c5:1c:23:b1:ca:b6:ac:d3:96:20:ec:e2:60:62:23:f4:41:ff:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 2 02:55:55 2026 GMT Not After : Jan 1 03:00:55 2027 GMT Subject: CN=71497F43B7742FCC4B977F951F2A2B413AF8B77A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:36:c3:12:70:4f:ca:8a:91:42:35:03:c7:9e: ed:af:87:49:a0:e7:45:d6:42:87:4a:3c:5a:ba:3e: 09:a9:37:4b:4b:c3:90:b4:2d:d8:3e:29:b9:05:9b: 16:7e:b0:e8:8e:d1:d1:6c:8a:43:78:d0:07:84:17: c6:aa:74:33:a1:48:63:47:7a:6e:1a:9d:27:1b:17: 62:67:af:ad:b6:e7:af:5c:a9:47:70:95:6d:00:62: dd:03:e7:cc:e3:f3:91:a0:7e:d8:d4:8c:20:b1:3d: 71:c3:1a:87:dc:ad:0c:7b:0a:be:fa:da:d1:be:ce: 13:29:ba:5c:ce:6b:c6:2e:74:ed:24:90:6c:c8:5f: 29:61:9b:f9:30:dd:bb:bc:7b:d5:28:17:47:0d:65: 66:73:b5:1d:83:cb:c9:0f:22:7d:1a:41:3b:f6:3a: d9:16:04:f0:ca:21:89:7a:c8:34:fb:a6:24:60:63: 02:28:25:a6:a0:8a:4d:cb:d6:5c:ff:af:9f:c0:6c: 4c:4f:5b:77:72:a7:98:d5:b3:0b:62:ad:4b:ca:5d: 6c:d2:d1:e9:f9:1d:ff:2b:9d:60:aa:8e:20:24:97: 93:db:b6:3e:ce:26:e2:a0:20:20:11:77:da:5d:2d: cf:80:34:ed:9f:2f:2e:c6:53:1e:b6:bc:68:91:1c: f7:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:49:7F:43:B7:74:2F:CC:4B:97:7F:95:1F:2A:2B:41:3A:F8:B7:7A X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS154393.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.252.252.0/24 Signature Algorithm: sha256WithRSAEncryption 1b:f7:2b:88:94:b8:61:a0:dc:2b:8f:5e:12:7b:bd:a7:eb:2f: 02:29:17:53:b0:2d:a4:6a:04:0f:19:53:a8:a4:7a:01:6c:a0: 56:33:4a:63:a3:a8:44:6f:16:d6:1a:53:fd:c8:4a:14:91:c4: 36:0b:8c:8c:ca:97:a1:1d:5f:f3:c5:20:63:96:6f:2f:1c:89: 22:92:6f:5a:74:34:f5:cd:e4:c4:41:cd:4e:cd:9f:9e:1a:85: 9f:b1:b9:a5:f0:5f:3f:99:3f:7b:ff:69:52:9c:f5:9a:9d:7c: 42:07:4f:df:cc:3f:92:70:f7:be:41:3f:72:ac:78:c8:16:17: 41:5a:c8:46:93:de:53:cb:87:54:ef:76:ac:79:a8:86:b6:7e: a9:17:aa:c1:f0:25:59:a6:e9:bd:59:6b:94:21:41:c8:f4:56: bf:74:72:06:67:90:e4:2c:e4:18:a7:28:a3:ea:f1:e9:76:0a: 89:f6:7f:86:fb:75:95:34:a3:ac:c4:ff:02:11:f7:80:dd:86: ee:58:ab:41:33:32:c4:57:6b:71:45:9f:1c:65:49:ae:a5:78: 72:23:46:61:19:48:ab:c8:a6:7e:41:1d:4d:79:6c:e0:4d:a7: 85:2e:a6:e9:54:81:8e:19:56:87:9c:37:c3:7a:e6:1f:12:05: 82:86:3c:99 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUL8UcI7HKtqzTliDs4mBiI/RB/xQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwMjAyNTU1NVoX DTI3MDEwMTAzMDA1NVowMzExMC8GA1UEAxMoNzE0OTdGNDNCNzc0MkZDQzRCOTc3 Rjk1MUYyQTJCNDEzQUY4Qjc3QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALg2wxJwT8qKkUI1A8ee7a+HSaDnRdZCh0o8Wro+Cak3S0vDkLQt2D4puQWb Fn6w6I7R0WyKQ3jQB4QXxqp0M6FIY0d6bhqdJxsXYmevrbbnr1ypR3CVbQBi3QPn zOPzkaB+2NSMILE9ccMah9ytDHsKvvra0b7OEym6XM5rxi507SSQbMhfKWGb+TDd u7x71SgXRw1lZnO1HYPLyQ8ifRpBO/Y62RYE8MohiXrINPumJGBjAiglpqCKTcvW XP+vn8BsTE9bd3KnmNWzC2KtS8pdbNLR6fkd/yudYKqOICSXk9u2Ps4m4qAgIBF3 2l0tz4A07Z8vLsZTHra8aJEc9/sCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRxSX9D t3QvzEuXf5UfKitBOvi3ejAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1NDM5My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAIr8/DANBgkqhkiG9w0BAQsFAAOCAQEAG/criJS4YaDcK49eEnu9 p+svAikXU7AtpGoEDxlTqKR6AWygVjNKY6OoRG8W1hpT/chKFJHENguMjMqXoR1f 88UgY5ZvLxyJIpJvWnQ09c3kxEHNTs2fnhqFn7G5pfBfP5k/e/9pUpz1mp18QgdP 38w/knD3vkE/cqx4yBYXQVrIRpPeU8uHVO92rHmohrZ+qReqwfAlWabpvVlrlCFB yPRWv3RyBmeQ5CzkGKcoo+rx6XYKifZ/hvt1lTSjrMT/AhH3gN2G7lirQTMyxFdr cUWfHGVJrqV4ciNGYRlIq8imfkEdTXls4E2nhS6m6VSBjhlWh5w3w3rmHxIFgoY8 mQ== -----END CERTIFICATE-----Generated at Wed Jan 21 10:27:53 2026 by rpki-client