This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152036.roa File: AS152036.roa (raw, json) Hash identifier: +e9i3bwicEBvn2BipGOh0Vllkl4TnRUQexf+JIh2aRE= Subject key identifier: 20:A9:CC:CB:34:F5:5D:7B:1E:2D:2B:F9:D9:EF:79:79:89:32:1E:40 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5136A66B7E08048FF48AE2BFAFBE1BF577228D05 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152036.roa Signing time: Tue 18 Nov 2025 09:00:00 +0000 ROA not before: Tue 18 Nov 2025 08:55:00 +0000 ROA not after: Tue 17 Nov 2026 09:00:00 +0000 asID: 152036 IP address blocks: 2001:df3:5d40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 12:07:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:36:a6:6b:7e:08:04:8f:f4:8a:e2:bf:af:be:1b:f5:77:22:8d:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 18 08:55:00 2025 GMT Not After : Nov 17 09:00:00 2026 GMT Subject: CN=20A9CCCB34F55D7B1E2D2BF9D9EF797989321E40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:1b:ad:76:c5:94:1e:31:c9:be:d6:46:8e:29: a8:59:24:a7:b4:08:6b:94:8e:4d:a9:9b:e0:64:54: 23:76:70:d7:1f:88:c5:3f:b6:e9:97:97:2e:d0:af: 34:88:14:4b:b3:9f:a5:ec:82:af:c9:80:ab:c4:b1: c7:dc:e9:53:59:54:cb:31:86:a1:7e:6d:cc:17:06: e5:7d:2a:1b:3c:42:86:81:1d:87:71:5f:5c:83:94: cf:e9:d1:04:89:56:1d:bb:49:9f:93:e1:16:af:5b: 6a:7b:b7:f1:e0:37:c1:69:e7:7c:10:1f:b0:da:20: 35:88:09:c9:ab:63:00:6c:00:2b:ea:ea:85:85:5a: e5:fd:b9:09:a9:d3:56:68:a5:c2:be:e9:7d:d0:c8: 98:e7:39:0e:f8:5b:4d:a8:cd:8c:a8:04:94:b1:e5: 3d:3a:2b:e7:55:1e:83:5c:d6:ff:b7:6d:a0:83:19: db:95:25:bb:6d:35:27:db:dc:c7:a3:d7:0c:07:17: 17:78:27:56:ca:7c:d2:00:d3:dd:08:75:7b:0e:ac: 15:c1:88:5a:b6:20:48:64:52:1d:bf:04:b8:a9:a6: 57:9e:da:f5:e2:bc:3a:7a:98:9b:69:66:c1:d0:72: 0f:50:9c:93:bb:32:d7:80:eb:5a:94:c3:f3:79:28: 50:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:A9:CC:CB:34:F5:5D:7B:1E:2D:2B:F9:D9:EF:79:79:89:32:1E:40 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152036.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:5d40::/48 Signature Algorithm: sha256WithRSAEncryption 2f:22:77:95:f8:22:7f:4f:a4:c7:55:4b:1b:7d:66:b1:c2:70: b0:06:7a:bf:10:99:40:23:44:e1:62:77:a6:67:4b:41:05:ab: 93:57:96:cf:0a:0d:ab:f8:75:03:d3:fb:1e:9b:94:b4:d1:5f: c0:73:88:0e:28:d2:75:b6:3c:8d:86:06:6d:f4:af:46:e3:80: 71:af:77:f7:c2:c2:ae:ff:9c:b1:0f:a8:4f:9f:32:36:8d:02: 9e:24:14:52:5d:a0:c2:f4:81:31:0f:ce:12:bf:89:44:ba:21: 83:a5:55:7c:db:cd:a7:03:8f:e5:40:3d:67:20:e7:0d:9b:d4: 5c:ac:59:85:6f:04:a1:44:da:81:f1:07:3c:7c:5c:db:61:9d: 8d:99:52:a7:a1:3b:83:ed:fa:e6:d1:94:35:aa:03:43:78:ef: 83:fa:f3:ea:e6:a2:05:48:c3:69:24:51:3d:97:83:71:a6:90: 87:b5:05:69:5f:40:73:e0:9f:e6:2b:3e:d7:99:85:21:ab:d0: 70:d8:12:62:fa:8f:7f:40:f8:67:23:8d:9a:ea:d1:4a:89:a8: 3c:cc:6a:f4:d6:5b:5b:c6:72:ca:40:9a:a6:c9:00:75:88:4d: b1:9d:96:31:74:c0:da:37:dc:89:17:28:74:dd:f9:51:32:a2: 1d:81:52:a2 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUUTama34IBI/0iuK/r74b9XcijQUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTExODA4NTUwMFoX DTI2MTExNzA5MDAwMFowMzExMC8GA1UEAxMoMjBBOUNDQ0IzNEY1NUQ3QjFFMkQy QkY5RDlFRjc5Nzk4OTMyMUU0MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPcbrXbFlB4xyb7WRo4pqFkkp7QIa5SOTamb4GRUI3Zw1x+IxT+26ZeXLtCv NIgUS7OfpeyCr8mAq8Sxx9zpU1lUyzGGoX5tzBcG5X0qGzxChoEdh3FfXIOUz+nR BIlWHbtJn5PhFq9banu38eA3wWnnfBAfsNogNYgJyatjAGwAK+rqhYVa5f25CanT Vmilwr7pfdDImOc5DvhbTajNjKgElLHlPTor51Ueg1zW/7dtoIMZ25Ulu201J9vc x6PXDAcXF3gnVsp80gDT3Qh1ew6sFcGIWrYgSGRSHb8EuKmmV57a9eK8OnqYm2lm wdByD1Cck7sy14DrWpTD83koUGkCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQgqczL NPVdex4tK/nZ73l5iTIeQDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjAzNi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfNdQDANBgkqhkiG9w0BAQsFAAOCAQEALyJ3lfgif0+kx1VL G31mscJwsAZ6vxCZQCNE4WJ3pmdLQQWrk1eWzwoNq/h1A9P7HpuUtNFfwHOIDijS dbY8jYYGbfSvRuOAca9398LCrv+csQ+oT58yNo0CniQUUl2gwvSBMQ/OEr+JRLoh g6VVfNvNpwOP5UA9ZyDnDZvUXKxZhW8EoUTagfEHPHxc22GdjZlSp6E7g+365tGU NaoDQ3jvg/rz6uaiBUjDaSRRPZeDcaaQh7UFaV9Ac+Cf5is+15mFIavQcNgSYvqP f0D4ZyONmurRSomoPMxq9NZbW8ZyykCapskAdYhNsZ2WMXTA2jfciRcodN35UTKi HYFSog== -----END CERTIFICATE-----Generated at Wed Dec 3 13:55:09 2025 by rpki-client