This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS17538.roa File: AS17538.roa (raw, json) Hash identifier: bomlMcWA4PhcSX0XnoI1yoNiIaWTCwt5rQ6qD66nN1Q= Subject key identifier: 44:BC:15:3E:49:27:0D:46:B6:9A:C5:F4:54:A5:CA:C6:F0:DD:EF:9C Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 67ABD957D77F54CB89F01EA94A27DAAD98102FE6 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS17538.roa Signing time: Tue 11 Nov 2025 06:00:16 +0000 ROA not before: Tue 11 Nov 2025 05:55:16 +0000 ROA not after: Tue 10 Nov 2026 06:00:16 +0000 asID: 17538 IP address blocks: 2407:55c0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 12:07:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:ab:d9:57:d7:7f:54:cb:89:f0:1e:a9:4a:27:da:ad:98:10:2f:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 11 05:55:16 2025 GMT Not After : Nov 10 06:00:16 2026 GMT Subject: CN=44BC153E49270D46B69AC5F454A5CAC6F0DDEF9C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:ab:55:93:ad:73:aa:43:ff:bb:e7:ae:ab:7c: 7b:0c:70:2a:df:7c:40:63:ff:79:54:0b:3b:9c:d8: d8:1b:df:6e:69:9b:19:3b:48:36:16:96:5f:e4:98: 94:7d:f9:55:01:48:f9:65:b1:2b:48:0d:6b:e7:31: 68:5f:d4:4a:9d:3b:a7:c1:54:78:4b:d3:eb:62:d6: d7:86:a3:ca:0c:2c:40:2f:37:76:6c:ce:1b:01:59: fc:ef:e0:75:0d:01:da:03:84:39:c5:4d:e0:52:0f: 45:f3:94:da:02:d3:70:2c:03:b1:d2:9b:bc:5f:4f: 7c:aa:f6:4e:d9:0e:53:05:5a:9f:5b:5f:7e:be:bc: 57:58:f1:7f:5d:f3:de:37:73:37:fb:7d:f2:41:2a: 30:f3:66:0b:4d:3d:04:13:a7:d7:76:4b:e5:84:d3: 6b:53:c6:f7:16:59:f2:8f:17:dd:d2:e3:eb:9d:28: 2e:64:be:a3:ec:32:c6:1b:ea:39:9e:ea:30:2f:ef: 56:f5:d5:9a:f7:fc:df:ca:53:a9:f8:9e:35:2d:2d: 11:06:7c:df:87:32:01:38:31:b2:42:69:30:a6:15: 6f:19:91:0d:09:a3:11:75:8c:dc:ef:19:5c:ca:e2: d3:9f:02:75:34:f2:e8:ce:0f:a3:43:3b:30:ea:95: 58:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:BC:15:3E:49:27:0D:46:B6:9A:C5:F4:54:A5:CA:C6:F0:DD:EF:9C X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS17538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2407:55c0::/32 Signature Algorithm: sha256WithRSAEncryption 1a:fa:d0:bd:96:8a:79:f8:00:81:0a:29:00:91:36:3c:3c:4a: 86:08:2f:8f:c9:a5:58:81:d6:f0:ae:7e:49:cb:1e:c6:38:9c: 13:e1:1c:fd:3b:b3:94:56:76:70:84:6e:56:7a:86:8d:0b:88: 8c:02:9f:92:29:ac:41:0b:3d:3d:38:de:5d:b2:53:db:29:cd: d4:04:4b:30:d6:e2:44:f0:83:1d:cc:3f:a2:4f:3a:f0:1c:42: 2a:8a:d4:86:36:02:2a:83:c1:e0:c3:dc:98:ae:3f:60:cc:0c: 6f:7f:16:90:4a:ea:ec:2f:73:aa:6a:d3:65:38:81:b8:ae:95: df:f3:24:33:91:1e:6b:0b:46:c5:29:50:d8:a2:77:6d:53:01: 4a:28:76:be:e7:7e:ac:44:83:ab:b0:f6:ec:fb:fb:37:1f:60: cc:77:1d:66:9e:d8:cb:95:6d:db:4d:de:1a:d1:80:1d:27:24: b0:90:cd:3b:bb:c6:49:31:8f:7d:5e:82:13:9f:fd:60:50:a3: 11:26:b8:77:9d:ec:31:1f:0e:0f:fd:66:f1:6d:ec:4b:7a:e4: 07:b0:82:46:12:27:72:05:38:61:80:47:8b:fa:b6:13:d2:62: 8f:af:3d:5d:9c:34:98:55:6e:86:75:cd:2a:ce:d2:7e:88:94: 1a:99:78:f4 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUZ6vZV9d/VMuJ8B6pSifarZgQL+YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTExMTA1NTUxNloX DTI2MTExMDA2MDAxNlowMzExMC8GA1UEAxMoNDRCQzE1M0U0OTI3MEQ0NkI2OUFD NUY0NTRBNUNBQzZGMERERUY5QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALyrVZOtc6pD/7vnrqt8ewxwKt98QGP/eVQLO5zY2BvfbmmbGTtINhaWX+SY lH35VQFI+WWxK0gNa+cxaF/USp07p8FUeEvT62LW14ajygwsQC83dmzOGwFZ/O/g dQ0B2gOEOcVN4FIPRfOU2gLTcCwDsdKbvF9PfKr2TtkOUwVan1tffr68V1jxf13z 3jdzN/t98kEqMPNmC009BBOn13ZL5YTTa1PG9xZZ8o8X3dLj650oLmS+o+wyxhvq OZ7qMC/vVvXVmvf838pTqfieNS0tEQZ834cyATgxskJpMKYVbxmRDQmjEXWM3O8Z XMri058CdTTy6M4Po0M7MOqVWOECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBREvBU+ SScNRraaxfRUpcrG8N3vnDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE3NTM4LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAdVwDANBgkqhkiG9w0BAQsFAAOCAQEAGvrQvZaKefgAgQopAJE2 PDxKhggvj8mlWIHW8K5+ScsexjicE+Ec/TuzlFZ2cIRuVnqGjQuIjAKfkimsQQs9 PTjeXbJT2ynN1ARLMNbiRPCDHcw/ok868BxCKorUhjYCKoPB4MPcmK4/YMwMb38W kErq7C9zqmrTZTiBuK6V3/MkM5EeawtGxSlQ2KJ3bVMBSih2vud+rESDq7D27Pv7 Nx9gzHcdZp7Yy5Vt203eGtGAHScksJDNO7vGSTGPfV6CE5/9YFCjESa4d53sMR8O D/1m8W3sS3rkB7CCRhIncgU4YYBHi/q2E9Jij689XZw0mFVuhnXNKs7SfoiUGpl4 9A== -----END CERTIFICATE-----Generated at Wed Dec 3 13:14:50 2025 by rpki-client