This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138833.roa File: AS138833.roa (raw, json) Hash identifier: XhnsasjC4BAsHfDuUGJf+eDXF8m8JSAkZJJO8cKFQOk= Subject key identifier: 68:BD:B9:4B:66:CB:51:C0:83:81:33:42:E8:DF:1D:47:54:EB:AC:AF Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 03B36835C34EA7F4F90C21C53A45277D8F244999 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138833.roa Signing time: Tue 11 Nov 2025 06:00:21 +0000 ROA not before: Tue 11 Nov 2025 05:55:21 +0000 ROA not after: Tue 10 Nov 2026 06:00:21 +0000 asID: 138833 IP address blocks: 103.137.254.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 12:07:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:b3:68:35:c3:4e:a7:f4:f9:0c:21:c5:3a:45:27:7d:8f:24:49:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 11 05:55:21 2025 GMT Not After : Nov 10 06:00:21 2026 GMT Subject: CN=68BDB94B66CB51C083813342E8DF1D4754EBACAF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:ec:4e:90:6b:cd:47:e3:ea:c3:79:4b:e2:27: 02:44:bd:9f:e8:1d:fa:a0:e7:aa:6e:d7:85:ac:16: bc:62:10:bc:d5:4c:4e:ed:f7:05:d8:1b:5a:6d:53: 32:46:b7:c2:7c:60:01:36:9d:28:65:f9:6a:21:8b: c9:65:35:99:ea:73:a6:7e:ce:c9:f2:a3:c2:bd:e7: 4a:c2:d6:76:56:02:b2:56:07:bd:8a:a6:3b:a7:04: d1:03:01:a3:bf:4b:3b:6a:52:f7:aa:6f:f9:cb:12: 8a:f7:8d:be:d7:1b:29:99:b8:50:b9:b8:73:43:bc: ac:cd:9b:0e:79:4f:8c:2d:47:81:40:22:0f:43:3b: 88:d9:0e:a6:2d:51:eb:d9:3d:83:1a:4e:e7:6e:cb: f5:b0:a7:c2:6e:93:a6:15:f4:57:b4:1d:09:4f:55: 0d:5b:d6:0a:09:6d:08:d9:bb:e8:00:35:b9:b1:0e: ad:18:d9:6f:8f:0b:6c:7b:a0:0c:d2:d0:d9:c1:3b: 7a:76:d1:ea:b3:ae:07:bf:68:dd:36:27:9d:28:2d: e1:00:92:7d:76:20:f9:58:2c:5e:1e:04:90:e8:4c: 74:67:e9:3b:70:7c:e5:e3:1a:db:0e:29:1a:be:d8: d2:8a:ad:15:0c:9c:e3:57:ac:12:52:8d:ca:1f:28: 32:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:BD:B9:4B:66:CB:51:C0:83:81:33:42:E8:DF:1D:47:54:EB:AC:AF X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138833.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.137.254.0/23 Signature Algorithm: sha256WithRSAEncryption 4c:e9:fe:c5:84:3e:08:75:2c:e8:8f:d7:45:ee:9c:83:b5:f2: 7b:a5:6f:a4:c7:30:4f:77:5a:37:87:78:5e:b9:57:48:6a:01: ea:f5:d3:65:45:0b:e0:a9:50:86:9d:7d:ee:77:38:af:bc:9e: 52:ea:0f:61:5f:3d:4e:fd:82:d1:3b:f5:11:7d:ea:49:18:1f: 4f:52:1d:ec:87:fa:77:7c:ef:c0:e8:f1:b4:dd:f3:ad:89:37: 3d:f6:00:9d:bc:3e:ec:cd:4f:36:ef:34:f1:6f:0e:9b:f6:bd: 4c:14:d9:48:17:63:d4:d0:17:b7:02:a4:18:de:5e:be:7d:80: 24:8a:b7:d9:7e:5f:35:69:85:9d:4e:3d:e3:c5:9a:1c:0f:82: 8a:50:55:b2:5f:c4:71:5e:da:f9:04:72:d8:a8:47:e1:6c:21: bb:0e:f7:9c:66:c5:d8:d9:65:66:94:bc:bd:e7:09:7b:48:b4: 3c:59:0a:5f:6e:63:79:a8:7e:4f:21:f0:8b:68:03:0b:88:aa: 90:ee:6b:0a:41:9e:15:cd:c0:0c:8e:f8:57:77:f8:5a:51:0f: 75:4f:3a:f4:7a:ec:2d:e1:34:2c:8c:7b:76:d8:c4:d7:3a:cd: 4b:f9:25:33:11:2f:0f:73:94:db:3d:fa:1b:05:ae:75:45:eb: b1:46:98:85 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUA7NoNcNOp/T5DCHFOkUnfY8kSZkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTExMTA1NTUyMVoX DTI2MTExMDA2MDAyMVowMzExMC8GA1UEAxMoNjhCREI5NEI2NkNCNTFDMDgzODEz MzQyRThERjFENDc1NEVCQUNBRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKfsTpBrzUfj6sN5S+InAkS9n+gd+qDnqm7XhawWvGIQvNVMTu33BdgbWm1T Mka3wnxgATadKGX5aiGLyWU1mepzpn7OyfKjwr3nSsLWdlYCslYHvYqmO6cE0QMB o79LO2pS96pv+csSiveNvtcbKZm4ULm4c0O8rM2bDnlPjC1HgUAiD0M7iNkOpi1R 69k9gxpO527L9bCnwm6TphX0V7QdCU9VDVvWCgltCNm76AA1ubEOrRjZb48LbHug DNLQ2cE7enbR6rOuB79o3TYnnSgt4QCSfXYg+VgsXh4EkOhMdGfpO3B85eMa2w4p Gr7Y0oqtFQyc41esElKNyh8oMv8CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRovblL ZstRwIOBM0Lo3x1HVOusrzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzODgzMy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWeJ/jANBgkqhkiG9w0BAQsFAAOCAQEATOn+xYQ+CHUs6I/XRe6c g7Xye6VvpMcwT3daN4d4XrlXSGoB6vXTZUUL4KlQhp197nc4r7yeUuoPYV89Tv2C 0Tv1EX3qSRgfT1Id7If6d3zvwOjxtN3zrYk3PfYAnbw+7M1PNu808W8Om/a9TBTZ SBdj1NAXtwKkGN5evn2AJIq32X5fNWmFnU4948WaHA+CilBVsl/EcV7a+QRy2KhH 4Wwhuw73nGbF2NllZpS8vecJe0i0PFkKX25jeah+TyHwi2gDC4iqkO5rCkGeFc3A DI74V3f4WlEPdU869HrsLeE0LIx7dtjE1zrNS/klMxEvD3OU2z36GwWudUXrsUaY hQ== -----END CERTIFICATE-----Generated at Wed Dec 3 14:41:46 2025 by rpki-client