This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24209.roa File: AS24209.roa (raw, json) Hash identifier: /V9hjng5kPkglZ63HTlYyQgP6Q0CxhZ7kRt/eCc9kS0= Subject key identifier: CE:B7:6E:79:3C:21:3B:ED:34:85:99:E7:D1:5B:70:2B:6C:FA:25:18 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1FA729ECCDB8DAC73936D92896133A8E6EBC4D8E Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24209.roa Signing time: Tue 11 Nov 2025 06:00:14 +0000 ROA not before: Tue 11 Nov 2025 05:55:14 +0000 ROA not after: Tue 10 Nov 2026 06:00:14 +0000 asID: 24209 IP address blocks: 202.122.8.0/21 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 12:07:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:a7:29:ec:cd:b8:da:c7:39:36:d9:28:96:13:3a:8e:6e:bc:4d:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 11 05:55:14 2025 GMT Not After : Nov 10 06:00:14 2026 GMT Subject: CN=CEB76E793C213BED348599E7D15B702B6CFA2518 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:f3:0e:84:14:91:16:3a:65:ed:14:33:09:87: d6:5e:13:a1:f9:88:c5:d1:0b:a9:c5:dc:d5:21:4a: 82:5f:dc:7b:0d:0a:b2:f1:5c:28:dc:1b:0f:e1:b7: d0:64:70:1b:85:75:ad:82:37:90:44:1b:e6:59:36: a7:1e:c8:83:a0:9e:3e:13:56:d4:63:78:73:1d:1b: 01:b7:cb:2c:25:91:54:94:f5:f4:2f:c8:f0:30:12: cc:99:9a:a4:aa:55:31:cb:9b:f2:4a:22:5c:af:85: a2:46:5a:22:d9:25:3f:33:42:78:56:b8:af:83:1e: d9:b6:9e:a2:ac:ba:e1:31:84:73:af:3d:1a:9d:42: 64:30:8b:22:f6:dc:dc:ee:fa:c4:72:66:55:54:5d: 4e:32:61:1a:67:2f:56:56:f9:a4:31:e3:0a:3a:5e: 53:63:6d:3a:14:e9:35:20:99:68:1c:70:c4:37:68: a8:a0:d5:23:32:e6:71:64:44:7e:75:59:06:69:09: a4:db:5e:82:22:ac:07:93:40:a9:6b:c2:ce:33:94: 16:84:8e:8a:37:ed:43:cb:6a:a1:d3:1f:a0:2f:fb: 0f:e7:36:71:c9:08:93:3f:87:40:38:43:0a:e9:d9: d5:a9:50:59:ea:e4:27:11:02:d1:60:62:7c:65:2e: c9:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:B7:6E:79:3C:21:3B:ED:34:85:99:E7:D1:5B:70:2B:6C:FA:25:18 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24209.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.122.8.0/21 Signature Algorithm: sha256WithRSAEncryption 7e:86:22:61:f4:10:21:46:ce:fb:f9:b3:1f:0b:b1:73:69:cb: 25:25:19:14:3a:d6:ad:f6:cc:0a:fb:64:fe:7c:78:4c:d7:04: e7:10:a4:fa:08:5c:ab:22:04:1a:3f:c3:8b:cb:5c:f2:8e:a6: 87:45:97:40:d8:b4:d7:cb:00:59:b4:cb:bb:a4:c1:8c:7f:2a: 9b:b8:fd:e3:a7:82:ef:57:ee:20:bc:47:bb:42:a7:e4:64:fe: dc:e9:8d:b4:2c:ed:c9:ea:b4:32:4d:b5:bc:aa:97:ae:ec:f6: 83:8b:aa:3a:e2:8b:9f:48:71:06:5b:f4:74:8a:9d:af:fa:40: d9:61:e3:3d:b1:62:0d:fd:26:b0:52:93:c2:0b:87:c9:7c:4f: 74:d0:0b:84:41:dd:f7:8e:c6:73:5a:04:da:b1:a7:06:3b:78: 18:81:51:fe:3b:f2:46:10:22:31:02:33:48:44:ee:58:be:f9: a5:4e:6d:2e:65:cc:eb:de:d4:70:3b:37:66:8b:5a:7d:94:93: 08:50:f7:df:e7:5a:d3:56:3b:53:d8:a8:5f:a8:21:c7:6a:1b: 9f:34:26:3e:f2:f0:01:01:fe:92:58:10:df:ae:80:d8:93:d4: 28:b5:e9:d0:8c:c7:a7:d8:a4:de:c8:2a:43:a7:1d:a2:58:a3: 55:0f:9e:95 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUH6cp7M242sc5NtkolhM6jm68TY4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTExMTA1NTUxNFoX DTI2MTExMDA2MDAxNFowMzExMC8GA1UEAxMoQ0VCNzZFNzkzQzIxM0JFRDM0ODU5 OUU3RDE1QjcwMkI2Q0ZBMjUxODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALrzDoQUkRY6Ze0UMwmH1l4TofmIxdELqcXc1SFKgl/cew0KsvFcKNwbD+G3 0GRwG4V1rYI3kEQb5lk2px7Ig6CePhNW1GN4cx0bAbfLLCWRVJT19C/I8DASzJma pKpVMcub8koiXK+FokZaItklPzNCeFa4r4Me2baeoqy64TGEc689Gp1CZDCLIvbc 3O76xHJmVVRdTjJhGmcvVlb5pDHjCjpeU2NtOhTpNSCZaBxwxDdoqKDVIzLmcWRE fnVZBmkJpNtegiKsB5NAqWvCzjOUFoSOijftQ8tqodMfoC/7D+c2cckIkz+HQDhD CunZ1alQWerkJxEC0WBifGUuyS0CAwEAAaOCAc8wggHLMB0GA1UdDgQWBBTOt255 PCE77TSFmefRW3ArbPolGDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzI0MjA5LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDynoIMA0GCSqGSIb3DQEBCwUAA4IBAQB+hiJh9BAhRs77+bMfC7Fz acslJRkUOtat9swK+2T+fHhM1wTnEKT6CFyrIgQaP8OLy1zyjqaHRZdA2LTXywBZ tMu7pMGMfyqbuP3jp4LvV+4gvEe7QqfkZP7c6Y20LO3J6rQyTbW8qpeu7PaDi6o6 4oufSHEGW/R0ip2v+kDZYeM9sWIN/SawUpPCC4fJfE900AuEQd33jsZzWgTasacG O3gYgVH+O/JGECIxAjNIRO5YvvmlTm0uZczr3tRwOzdmi1p9lJMIUPff51rTVjtT 2KhfqCHHahufNCY+8vABAf6SWBDfroDYk9QotenQjMen2KTeyCpDpx2iWKNVD56V -----END CERTIFICATE-----Generated at Wed Dec 3 13:15:05 2025 by rpki-client