This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152373.roa File: AS152373.roa (raw, json) Hash identifier: CvXd6xmLIR9usuCjyN9fAkad6rksS8uGIP3m7t4cgPo= Subject key identifier: 67:1F:22:59:7A:2A:95:22:09:DF:9B:79:35:81:C9:8C:4B:BB:BE:F0 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 39B9499AFE77E80CE7013285D2E85079ACDB77EA Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152373.roa Signing time: Wed 21 Jan 2026 05:00:00 +0000 ROA not before: Wed 21 Jan 2026 04:55:00 +0000 ROA not after: Wed 20 Jan 2027 05:00:00 +0000 asID: 152373 IP address blocks: 2001:df3:72c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 24 Jan 2026 13:18:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:b9:49:9a:fe:77:e8:0c:e7:01:32:85:d2:e8:50:79:ac:db:77:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 21 04:55:00 2026 GMT Not After : Jan 20 05:00:00 2027 GMT Subject: CN=671F22597A2A952209DF9B793581C98C4BBBBEF0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:fd:f9:89:a1:7f:a0:6b:b4:eb:8c:2b:07:f3: 8b:e2:50:89:e2:0e:4f:4f:f4:06:44:3f:a4:7e:fe: e1:3e:c5:00:93:9a:a6:de:74:3a:bc:e4:c9:ec:4d: 4e:15:73:dc:e2:e2:0e:5a:88:39:d8:2d:41:bf:99: 9d:0c:f3:d7:a0:7b:91:c7:08:58:5f:92:dc:58:be: 8d:45:ec:42:cc:72:6c:b0:12:b1:97:85:35:16:81: 81:31:fa:82:1a:5a:e0:01:57:a5:11:a4:7b:9a:01: 01:bd:e1:5d:1a:d3:7f:8a:a1:97:b4:9b:0e:be:35: a3:ae:7f:a9:34:69:0a:ff:44:e4:a0:91:d8:55:69: 79:40:d5:96:ad:53:17:67:7b:20:45:89:0b:7e:08: ba:df:a6:38:da:88:49:73:53:c6:36:3e:e7:29:99: 23:2f:77:a6:bd:a4:a4:da:78:0b:2f:16:2c:78:da: 06:0b:f7:3b:f9:0f:a4:ee:74:96:17:8d:48:1a:64: d7:28:8e:eb:89:57:58:e1:9e:48:2a:ab:0a:21:e8: 99:2b:31:66:c5:97:7c:a4:07:90:9c:b7:c0:f2:d0: 58:cb:b8:e2:9a:45:71:fb:84:03:98:74:76:ee:f2: 63:98:37:a0:28:78:45:79:b1:33:8d:7b:40:4f:57: 41:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:1F:22:59:7A:2A:95:22:09:DF:9B:79:35:81:C9:8C:4B:BB:BE:F0 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152373.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:72c0::/48 Signature Algorithm: sha256WithRSAEncryption 7e:68:ae:70:23:d4:af:86:2e:19:b5:43:2b:b4:82:ee:30:1f: de:41:f3:4a:83:89:f2:a7:9d:c5:45:f0:31:3d:15:9f:ed:ca: f0:03:45:9a:c5:ed:16:18:8f:ed:69:88:9b:af:70:be:28:e4: 27:b3:7b:f5:e9:85:50:7e:9a:e2:f1:e8:14:b9:83:6a:d0:54: c1:be:39:4a:c2:9f:7f:47:b7:24:25:24:ab:d4:36:e3:b2:e0: 8f:02:ff:5f:98:2f:1e:3d:5c:71:81:23:75:9f:c4:1f:47:ba: 95:84:46:b1:3d:61:a5:71:d1:a7:d3:aa:4f:02:f8:a2:71:b6: e6:c8:df:a4:45:e8:a1:16:47:1d:24:7e:71:e5:aa:a2:b6:f8: 04:cd:b8:bc:8a:59:65:d5:fe:2d:ef:aa:ab:81:d2:99:18:64: 97:5d:1c:d4:d8:d5:af:c9:0a:30:18:b4:7e:f0:ed:48:9e:e0: 39:b9:2b:44:2e:a6:3f:58:12:01:e9:17:53:b0:ea:87:fc:f2: ab:c0:c0:b7:25:3c:73:97:e0:9c:a1:07:1d:27:ba:41:d8:7c: 1a:39:40:64:c5:62:ac:67:5b:33:f5:1c:55:fb:80:2c:91:99: 6d:5d:0c:15:5a:66:31:10:f7:1e:62:6c:1d:50:b5:9b:78:4d: 04:7d:9a:d2 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUOblJmv536AznATKF0uhQeazbd+owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDEyMTA0NTUwMFoX DTI3MDEyMDA1MDAwMFowMzExMC8GA1UEAxMoNjcxRjIyNTk3QTJBOTUyMjA5REY5 Qjc5MzU4MUM5OEM0QkJCQkVGMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPL9+Ymhf6BrtOuMKwfzi+JQieIOT0/0BkQ/pH7+4T7FAJOapt50OrzkyexN ThVz3OLiDlqIOdgtQb+ZnQzz16B7kccIWF+S3Fi+jUXsQsxybLASsZeFNRaBgTH6 ghpa4AFXpRGke5oBAb3hXRrTf4qhl7SbDr41o65/qTRpCv9E5KCR2FVpeUDVlq1T F2d7IEWJC34Iut+mONqISXNTxjY+5ymZIy93pr2kpNp4Cy8WLHjaBgv3O/kPpO50 lheNSBpk1yiO64lXWOGeSCqrCiHomSsxZsWXfKQHkJy3wPLQWMu44ppFcfuEA5h0 du7yY5g3oCh4RXmxM417QE9XQcUCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBRnHyJZ eiqVIgnfm3k1gcmMS7u+8DAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjM3My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfNywDANBgkqhkiG9w0BAQsFAAOCAQEAfmiucCPUr4YuGbVD K7SC7jAf3kHzSoOJ8qedxUXwMT0Vn+3K8ANFmsXtFhiP7WmIm69wvijkJ7N79emF UH6a4vHoFLmDatBUwb45SsKff0e3JCUkq9Q247LgjwL/X5gvHj1ccYEjdZ/EH0e6 lYRGsT1hpXHRp9OqTwL4onG25sjfpEXooRZHHSR+ceWqorb4BM24vIpZZdX+Le+q q4HSmRhkl10c1NjVr8kKMBi0fvDtSJ7gObkrRC6mP1gSAekXU7Dqh/zyq8DAtyU8 c5fgnKEHHSe6Qdh8GjlAZMVirGdbM/UcVfuALJGZbV0MFVpmMRD3HmJsHVC1m3hN BH2a0g== -----END CERTIFICATE-----Generated at Wed Jan 21 13:24:55 2026 by rpki-client