This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152023.roa File: AS152023.roa (raw, json) Hash identifier: 6iYqCV1MZfn65fkVhrdNQL27XAvs8z5iBXv/PsqYtPY= Subject key identifier: 4B:41:19:36:53:F3:A7:1D:AD:37:4D:7F:BC:59:05:D2:C7:85:B8:E3 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 33061B8C3FC33586DFE3742FDB683206C3D7DAF0 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152023.roa Signing time: Wed 26 Nov 2025 04:02:42 +0000 ROA not before: Wed 26 Nov 2025 03:57:42 +0000 ROA not after: Wed 25 Nov 2026 04:02:42 +0000 asID: 152023 IP address blocks: 45.123.143.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 12:07:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:06:1b:8c:3f:c3:35:86:df:e3:74:2f:db:68:32:06:c3:d7:da:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 26 03:57:42 2025 GMT Not After : Nov 25 04:02:42 2026 GMT Subject: CN=4B41193653F3A71DAD374D7FBC5905D2C785B8E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:a1:c1:39:ff:53:9a:0a:0d:32:b2:73:5e:b4: 11:a5:75:1f:86:b8:93:bb:71:14:0b:b9:6f:2d:b5: df:05:df:25:d6:70:3b:6c:b6:ba:a1:47:65:4a:1f: 31:df:23:82:e9:89:07:64:4d:02:e6:38:e8:00:d8: d4:8b:b5:ec:f7:f7:bc:2a:1e:cf:4e:f8:98:1f:7f: dd:8f:98:3a:0c:4c:0f:a7:43:90:e2:8b:63:47:df: 7b:2b:de:9b:e8:11:b8:f7:17:fb:2e:9a:2d:47:3b: 70:a6:70:75:ee:76:a6:d5:0b:51:ca:6f:86:fc:2a: c4:8a:74:1c:72:5c:b7:d7:7a:ed:2e:37:a6:d0:30: 99:dc:48:9c:a9:b0:7b:f7:67:a2:d1:50:54:6c:6e: 1b:3d:29:77:98:3a:b0:91:57:95:df:48:12:4a:6c: 41:8d:95:73:0b:45:42:28:46:65:0d:00:9c:d5:96: 06:cc:ba:fa:27:14:12:f9:4d:86:ba:90:b8:f9:00: 7e:21:32:4f:db:f7:13:57:8b:e6:4f:24:f1:2b:b9: b4:f6:a6:85:67:bc:bc:d2:d4:8d:15:3f:c4:c5:a1: ca:c8:87:36:92:a4:9b:29:c6:44:25:ec:56:c0:9a: 2a:f6:21:14:88:5c:4d:30:20:a8:be:a1:7e:08:04: 6d:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:41:19:36:53:F3:A7:1D:AD:37:4D:7F:BC:59:05:D2:C7:85:B8:E3 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152023.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.123.143.0/24 Signature Algorithm: sha256WithRSAEncryption 21:53:0f:33:e7:a6:86:2f:7f:e5:a2:9e:34:f5:a9:e4:46:64: 6c:58:82:7c:1a:4b:8c:e9:33:86:1a:ed:8b:77:05:42:3c:67: 4d:3e:51:d6:10:4f:28:85:35:64:73:0e:68:0d:c3:70:95:39: 86:9f:13:c7:3b:33:2d:0e:bb:3e:a7:cf:a2:6e:81:48:bd:24: 70:d8:04:6a:16:e3:0c:c5:f3:11:bc:11:92:44:67:6a:b6:a9: b4:2d:1e:bb:8c:64:84:8a:09:eb:aa:70:24:c7:40:b2:97:3a: 23:e7:78:30:7a:f7:16:13:2c:c9:9d:55:23:aa:83:a9:b8:f2: 93:0f:82:cf:84:bf:34:1b:f3:30:55:86:66:13:91:62:c4:09: 3b:ee:41:53:5c:f3:e8:6b:0e:b7:95:0f:29:9a:dc:b7:d4:27: e0:71:b3:67:6e:bd:60:a3:a2:bc:e1:8a:05:e7:52:1f:14:43: c7:e7:2b:f8:93:e6:cb:15:70:a5:9a:f9:9e:ed:e1:79:82:64: 4b:da:91:5e:a8:18:68:9f:2a:0b:36:b9:12:1d:35:08:90:80: 8d:98:79:92:d5:b7:f4:44:0d:91:ef:e0:9e:08:f8:c3:a2:a5: 07:d0:a8:df:16:c2:aa:79:cf:84:a5:4b:5d:dc:16:b5:71:61: 93:a3:c2:65 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUMwYbjD/DNYbf43Qv22gyBsPX2vAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTEyNjAzNTc0MloX DTI2MTEyNTA0MDI0MlowMzExMC8GA1UEAxMoNEI0MTE5MzY1M0YzQTcxREFEMzc0 RDdGQkM1OTA1RDJDNzg1QjhFMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALWhwTn/U5oKDTKyc160EaV1H4a4k7txFAu5by213wXfJdZwO2y2uqFHZUof Md8jgumJB2RNAuY46ADY1Iu17Pf3vCoez074mB9/3Y+YOgxMD6dDkOKLY0ffeyve m+gRuPcX+y6aLUc7cKZwde52ptULUcpvhvwqxIp0HHJct9d67S43ptAwmdxInKmw e/dnotFQVGxuGz0pd5g6sJFXld9IEkpsQY2VcwtFQihGZQ0AnNWWBsy6+icUEvlN hrqQuPkAfiEyT9v3E1eL5k8k8Su5tPamhWe8vNLUjRU/xMWhysiHNpKkmynGRCXs VsCaKvYhFIhcTTAgqL6hfggEbaMCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRLQRk2 U/OnHa03TX+8WQXSx4W44zAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjAyMy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAC17jzANBgkqhkiG9w0BAQsFAAOCAQEAIVMPM+emhi9/5aKeNPWp 5EZkbFiCfBpLjOkzhhrti3cFQjxnTT5R1hBPKIU1ZHMOaA3DcJU5hp8TxzszLQ67 PqfPom6BSL0kcNgEahbjDMXzEbwRkkRnaraptC0eu4xkhIoJ66pwJMdAspc6I+d4 MHr3FhMsyZ1VI6qDqbjykw+Cz4S/NBvzMFWGZhORYsQJO+5BU1zz6GsOt5UPKZrc t9Qn4HGzZ269YKOivOGKBedSHxRDx+cr+JPmyxVwpZr5nu3heYJkS9qRXqgYaJ8q Cza5Eh01CJCAjZh5ktW39EQNke/gngj4w6KlB9Co3xbCqnnPhKVLXdwWtXFhk6PC ZQ== -----END CERTIFICATE-----Generated at Wed Dec 3 13:59:04 2025 by rpki-client