This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152395.roa File: AS152395.roa (raw, json) Hash identifier: bap1kqop09BUYEmzyvod0kzgyi4JbekFzJ0gqKvlyO4= Subject key identifier: 3F:A7:AD:F4:80:0A:17:1D:B7:98:DC:6E:42:58:FC:E0:B7:F4:CD:48 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1359B790E27B7446238551C11189F58AED143D34 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152395.roa Signing time: Fri 16 Jan 2026 05:00:00 +0000 ROA not before: Fri 16 Jan 2026 04:55:00 +0000 ROA not after: Fri 15 Jan 2027 05:00:00 +0000 asID: 152395 IP address blocks: 2001:df3:84c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 24 Jan 2026 13:18:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:59:b7:90:e2:7b:74:46:23:85:51:c1:11:89:f5:8a:ed:14:3d:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 16 04:55:00 2026 GMT Not After : Jan 15 05:00:00 2027 GMT Subject: CN=3FA7ADF4800A171DB798DC6E4258FCE0B7F4CD48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:6b:fd:30:df:a1:32:69:63:1b:05:7c:32:26: 21:ff:49:e6:b0:78:56:50:ec:a2:aa:22:ea:cc:6f: 39:72:9b:97:04:d0:2b:a4:d1:89:0a:4b:63:b0:79: 5f:da:32:56:ec:3a:6e:02:64:5a:38:6a:d1:60:e3: 58:ce:2e:5f:03:7e:cb:1f:3c:96:57:83:e3:88:56: 2e:85:b5:0d:68:48:aa:e0:d0:58:81:e6:8a:5d:48: d4:e2:13:8a:72:59:f4:09:85:c7:87:37:75:79:dd: cd:23:04:72:93:f6:0b:b1:19:b8:cf:0b:14:3a:b9: 38:5b:14:4f:35:18:89:73:51:0a:f2:23:c3:77:91: 32:b2:f5:65:db:ae:dd:3b:e5:f1:8f:fb:3e:cc:a0: e6:c8:fe:00:78:d5:8a:0e:77:1f:65:7b:2b:fa:5f: aa:19:83:dc:41:4b:9b:c7:6d:02:50:d7:e5:f9:1e: bc:74:03:93:ae:3e:3f:3f:c0:74:2e:95:d6:b4:c0: 91:50:45:f8:12:e3:8e:fc:58:d2:2d:04:a1:29:d1: 51:cf:18:c6:61:50:3b:73:3b:f6:82:f7:b7:64:ca: 18:6e:3f:5d:d2:52:90:52:07:80:35:aa:45:c8:57: 01:71:92:d6:9a:97:83:29:5e:7d:66:18:8d:a8:56: bb:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:A7:AD:F4:80:0A:17:1D:B7:98:DC:6E:42:58:FC:E0:B7:F4:CD:48 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152395.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:84c0::/48 Signature Algorithm: sha256WithRSAEncryption 79:0c:2f:33:d4:4c:4b:65:0a:53:f6:23:e9:ea:9c:c7:d9:90: 0c:3a:6d:51:d8:48:8a:44:98:9f:d6:a5:2a:f6:e3:70:90:c8: 7e:cf:79:24:8e:e9:40:97:5c:6b:f5:25:1c:6b:b2:86:46:73: e8:81:26:77:16:ea:08:37:f8:2e:19:90:da:88:42:f8:c5:d8: ec:8a:23:bd:80:7c:5a:6e:00:37:ab:e8:c8:d0:86:f7:15:03: f7:cf:fb:b7:87:d0:7e:83:b1:bf:a3:ed:5b:10:92:92:b2:24: e5:b3:01:b7:ce:44:27:62:77:27:5f:34:bf:ba:a9:e6:6d:fb: 70:2d:08:e5:09:a7:9a:93:bf:d4:b7:b7:1b:bf:21:23:52:0b: 8e:5f:a0:c7:bb:9c:76:da:94:76:77:60:5a:ad:56:f2:37:37: 76:3b:dd:39:70:41:3e:0c:82:03:a9:a4:2f:27:9b:da:cd:21: 22:8f:d9:71:6f:54:7a:dd:21:ef:1b:64:81:11:0b:2d:6d:33: a9:8b:6e:44:bc:ce:01:92:87:52:52:f3:81:bf:11:1c:3f:e4: e7:08:49:0d:ab:5b:68:b7:13:b6:b1:80:d0:30:ce:e0:fc:62: be:89:bb:68:65:06:26:65:13:32:2e:14:7f:41:c2:ba:27:49: 9a:e5:a5:37 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUE1m3kOJ7dEYjhVHBEYn1iu0UPTQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDExNjA0NTUwMFoX DTI3MDExNTA1MDAwMFowMzExMC8GA1UEAxMoM0ZBN0FERjQ4MDBBMTcxREI3OThE QzZFNDI1OEZDRTBCN0Y0Q0Q0ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMJr/TDfoTJpYxsFfDImIf9J5rB4VlDsoqoi6sxvOXKblwTQK6TRiQpLY7B5 X9oyVuw6bgJkWjhq0WDjWM4uXwN+yx88lleD44hWLoW1DWhIquDQWIHmil1I1OIT inJZ9AmFx4c3dXndzSMEcpP2C7EZuM8LFDq5OFsUTzUYiXNRCvIjw3eRMrL1Zduu 3Tvl8Y/7Psyg5sj+AHjVig53H2V7K/pfqhmD3EFLm8dtAlDX5fkevHQDk64+Pz/A dC6V1rTAkVBF+BLjjvxY0i0EoSnRUc8YxmFQO3M79oL3t2TKGG4/XdJSkFIHgDWq RchXAXGS1pqXgylefWYYjahWuycCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQ/p630 gAoXHbeY3G5CWPzgt/TNSDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjM5NS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfOEwDANBgkqhkiG9w0BAQsFAAOCAQEAeQwvM9RMS2UKU/Yj 6eqcx9mQDDptUdhIikSYn9alKvbjcJDIfs95JI7pQJdca/UlHGuyhkZz6IEmdxbq CDf4LhmQ2ohC+MXY7IojvYB8Wm4AN6voyNCG9xUD98/7t4fQfoOxv6PtWxCSkrIk 5bMBt85EJ2J3J180v7qp5m37cC0I5QmnmpO/1Le3G78hI1ILjl+gx7ucdtqUdndg Wq1W8jc3djvdOXBBPgyCA6mkLyeb2s0hIo/ZcW9Uet0h7xtkgRELLW0zqYtuRLzO AZKHUlLzgb8RHD/k5whJDatbaLcTtrGA0DDO4Pxivom7aGUGJmUTMi4Uf0HCuidJ muWlNw== -----END CERTIFICATE-----Generated at Wed Jan 21 13:24:56 2026 by rpki-client