This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152086.roa File: AS152086.roa (raw, json) Hash identifier: gL4QiZ2TMCMPab1OMNTg/Y9PIamSZB82eZ0AF4o1zmw= Subject key identifier: BA:83:72:4B:51:66:D3:67:DA:90:48:1B:64:FB:F2:C5:D3:D5:7B:AE Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1F07FEAC91FE00DF90A34561079B55F0AC6D663E Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152086.roa Signing time: Tue 23 Dec 2025 03:00:01 +0000 ROA not before: Tue 23 Dec 2025 02:55:01 +0000 ROA not after: Tue 22 Dec 2026 03:00:01 +0000 asID: 152086 IP address blocks: 2001:df3:5dc0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 24 Jan 2026 13:18:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:07:fe:ac:91:fe:00:df:90:a3:45:61:07:9b:55:f0:ac:6d:66:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Dec 23 02:55:01 2025 GMT Not After : Dec 22 03:00:01 2026 GMT Subject: CN=BA83724B5166D367DA90481B64FBF2C5D3D57BAE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:3a:c1:a9:05:2d:f0:64:cb:41:a5:f4:fc:27: 0d:77:65:8e:e0:da:4c:2d:62:5c:19:53:c9:2b:36: a1:27:83:7f:3b:2e:68:33:30:f3:0d:7f:66:8b:4a: e3:e4:8b:2a:11:16:9e:3a:ad:68:a8:02:c5:24:85: 0b:a1:82:d4:9d:ef:34:3f:95:d0:90:dd:ad:cd:4b: 10:8a:d2:91:cf:be:27:d5:ce:49:a1:8a:3c:ff:51: 4f:ba:2e:1c:ee:5e:43:1b:9d:88:0d:93:fd:6d:6b: 0c:0d:da:79:bb:13:6b:d0:71:1f:e4:47:19:c2:bc: de:85:f9:3d:96:08:b1:74:6c:b3:25:2a:e3:ce:73: 77:02:34:bf:f9:ab:e7:fa:0b:22:f0:0a:c6:52:f1: 4c:28:35:d8:52:4f:ae:69:23:4f:11:75:fc:85:dc: 7d:b3:6e:dd:f9:29:77:9f:2d:13:3b:4f:ed:d2:23: d6:e5:61:f9:cb:1c:b6:86:f1:ad:ee:67:94:b5:63: e8:78:af:e5:84:53:04:a4:2e:df:c6:b1:e9:dd:c2: 09:15:a9:a6:77:db:e8:cc:83:3c:5b:9c:20:e5:c4: f0:27:72:75:5c:1b:07:18:5c:2e:53:26:e4:2c:0c: 59:10:ac:18:25:7b:1c:b5:d3:e6:84:d9:dc:61:f5: 9c:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:83:72:4B:51:66:D3:67:DA:90:48:1B:64:FB:F2:C5:D3:D5:7B:AE X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152086.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:5dc0::/48 Signature Algorithm: sha256WithRSAEncryption 0c:ec:6b:77:a5:72:58:36:c2:14:b3:41:da:67:e3:30:bc:82: 66:26:e7:4c:55:63:92:b9:5d:23:a1:de:9c:39:47:ce:51:e2: 87:9e:ac:28:62:37:86:82:05:9e:e0:89:2d:c2:d3:c4:1d:e9: 7b:b3:cd:1c:ad:20:93:1d:d2:45:e9:8c:27:56:31:02:75:3d: e6:5d:97:17:df:db:7b:19:aa:f4:29:8a:0f:54:8d:3f:a2:60: 2a:14:e9:e8:21:cd:47:04:77:f3:37:1c:a8:f1:6e:13:dd:b8: 63:06:fc:4a:e4:d0:6d:81:26:8a:44:3b:62:fa:76:62:51:dc: 21:69:4c:47:a2:bd:bc:a8:9c:d1:8a:be:18:64:17:71:4e:a2: 86:09:37:c8:11:a9:7f:94:ed:f5:61:d5:0a:2a:56:1d:76:38: 4f:e4:f1:bd:ac:4a:75:97:b9:6d:27:24:7b:69:ec:e7:4a:f0: 6a:22:10:95:c0:d5:e6:dd:9d:cf:09:cd:ff:d0:4e:b2:92:78: d1:10:2b:3a:7b:79:f8:6f:de:09:af:6b:76:33:74:7b:66:62: 06:86:d4:fe:96:3d:1b:4b:0d:7a:6f:42:0c:4d:33:ae:d7:40: 21:3d:4e:c2:b4:2b:96:a8:04:39:84:4b:60:c0:92:55:dd:17: 70:72:f6:be -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUHwf+rJH+AN+Qo0VhB5tV8KxtZj4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTIyMzAyNTUwMVoX DTI2MTIyMjAzMDAwMVowMzExMC8GA1UEAxMoQkE4MzcyNEI1MTY2RDM2N0RBOTA0 ODFCNjRGQkYyQzVEM0Q1N0JBRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJg6wakFLfBky0Gl9PwnDXdljuDaTC1iXBlTySs2oSeDfzsuaDMw8w1/ZotK 4+SLKhEWnjqtaKgCxSSFC6GC1J3vND+V0JDdrc1LEIrSkc++J9XOSaGKPP9RT7ou HO5eQxudiA2T/W1rDA3aebsTa9BxH+RHGcK83oX5PZYIsXRssyUq485zdwI0v/mr 5/oLIvAKxlLxTCg12FJPrmkjTxF1/IXcfbNu3fkpd58tEztP7dIj1uVh+csctobx re5nlLVj6Hiv5YRTBKQu38ax6d3CCRWppnfb6MyDPFucIOXE8CdydVwbBxhcLlMm 5CwMWRCsGCV7HLXT5oTZ3GH1nD0CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBS6g3JL UWbTZ9qQSBtk+/LF09V7rjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjA4Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfNdwDANBgkqhkiG9w0BAQsFAAOCAQEADOxrd6VyWDbCFLNB 2mfjMLyCZibnTFVjkrldI6HenDlHzlHih56sKGI3hoIFnuCJLcLTxB3pe7PNHK0g kx3SRemMJ1YxAnU95l2XF9/bexmq9CmKD1SNP6JgKhTp6CHNRwR38zccqPFuE924 Ywb8SuTQbYEmikQ7Yvp2YlHcIWlMR6K9vKic0Yq+GGQXcU6ihgk3yBGpf5Tt9WHV CipWHXY4T+TxvaxKdZe5bScke2ns50rwaiIQlcDV5t2dzwnN/9BOspJ40RArOnt5 +G/eCa9rdjN0e2ZiBobU/pY9G0sNem9CDE0zrtdAIT1OwrQrlqgEOYRLYMCSVd0X cHL2vg== -----END CERTIFICATE-----Generated at Wed Jan 21 16:16:56 2026 by rpki-client