This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS38761.roa File: AS38761.roa (raw, json) Hash identifier: gHWJdIixGODwLhDi10Qkfv+GSuzFsELEOiGTC+JIdmY= Subject key identifier: 4A:AC:32:58:FE:D8:4D:DF:5E:CF:10:D4:21:23:7B:27:BE:9F:72:15 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4A1AD72EEB51806F0D42E64C1D1E08177962B019 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS38761.roa Signing time: Tue 25 Nov 2025 13:00:00 +0000 ROA not before: Tue 25 Nov 2025 12:55:00 +0000 ROA not after: Tue 24 Nov 2026 13:00:00 +0000 asID: 38761 IP address blocks: 121.100.24.0/21 maxlen: 24 2406:8f00::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 12:07:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:1a:d7:2e:eb:51:80:6f:0d:42:e6:4c:1d:1e:08:17:79:62:b0:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 25 12:55:00 2025 GMT Not After : Nov 24 13:00:00 2026 GMT Subject: CN=4AAC3258FED84DDF5ECF10D421237B27BE9F7215 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:62:5b:60:de:82:29:bf:b2:dd:b2:fd:e0:ed: 49:1b:f5:4a:86:23:3a:ad:65:7d:69:7f:3a:af:54: a6:6d:91:9c:36:5b:34:9b:ea:25:f7:db:04:15:d1: 9b:8c:4f:bc:c1:ca:0b:0e:34:2c:d2:64:a1:88:01: 0b:fb:06:d7:ba:c0:41:a4:40:41:f4:a0:20:f6:8e: 55:30:9c:c3:c7:cd:07:56:5b:75:54:27:8c:56:a9: 14:4d:db:ae:7a:1e:f2:59:dd:6f:85:ce:8f:8a:1a: 4e:1d:3d:69:1f:59:04:53:fe:c4:ce:69:aa:b8:02: 60:df:c8:ce:eb:1f:9a:c1:29:60:76:63:22:cd:ce: ca:59:32:f8:9c:ed:07:8c:45:3d:f6:5d:e3:29:d6: f0:72:90:96:fd:a7:51:e8:e8:ab:e3:c9:78:94:c4: 95:ad:c9:0e:16:df:61:6c:34:fb:f0:7b:f8:f9:ad: be:73:12:0e:45:ff:eb:bc:b6:44:50:6b:e0:57:f0: 0e:d8:9a:ff:c7:02:7c:e3:0b:47:bf:af:21:b9:f8: 02:b5:5d:e6:27:0b:f9:a0:a6:65:2f:3c:b9:42:83: 00:1a:94:da:47:99:cc:3d:89:ff:af:f2:40:da:46: d1:80:13:51:22:53:81:04:84:32:68:08:0d:d8:7a: b3:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:AC:32:58:FE:D8:4D:DF:5E:CF:10:D4:21:23:7B:27:BE:9F:72:15 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS38761.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 121.100.24.0/21 IPv6: 2406:8f00::/32 Signature Algorithm: sha256WithRSAEncryption 4e:99:70:03:63:4a:6b:b4:17:21:28:c7:f1:30:a7:a1:a9:19: 50:6b:cd:bc:34:3d:ce:04:1c:24:a2:1d:bd:68:9e:51:49:b1: 91:64:b9:5a:ca:b2:c7:f3:b9:91:61:b0:bc:f4:0f:e8:96:22: 6f:e3:67:75:d0:b0:d8:3c:26:7b:e6:41:f7:61:41:9c:8a:8f: 9f:b2:af:7a:f8:60:d5:54:74:45:a4:5c:90:f6:a0:6d:da:88: 29:f4:12:37:84:e4:26:85:fd:ed:77:ec:28:e4:ee:b0:bc:06: 4d:a5:32:a8:70:60:8a:36:f9:f9:34:c1:77:e8:af:d0:5c:80: 1b:89:76:aa:eb:c4:72:7b:f4:34:ee:6b:40:4a:3d:e5:71:e6: 5b:3d:f6:55:a3:34:3a:c0:b0:db:48:de:6e:1a:dc:51:63:4d: a5:ec:40:62:73:4c:ab:79:67:7d:b0:ab:3c:a0:29:cd:f8:f1: 95:fd:53:cf:7c:c2:bb:84:c3:01:92:b4:7a:eb:7f:5c:18:3d: e4:ca:ff:13:32:1e:14:88:d9:c8:20:35:07:c2:46:c2:14:be: 67:b3:de:e9:95:44:f4:c2:f1:5a:25:80:44:bb:71:58:c8:ea: a9:26:d5:48:4b:91:ca:c3:88:61:b6:70:f0:9f:39:bd:18:33: a8:c0:1e:82 -----BEGIN CERTIFICATE----- MIIE6zCCA9OgAwIBAgIUShrXLutRgG8NQuZMHR4IF3lisBkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTEyNTEyNTUwMFoX DTI2MTEyNDEzMDAwMFowMzExMC8GA1UEAxMoNEFBQzMyNThGRUQ4NERERjVFQ0Yx MEQ0MjEyMzdCMjdCRTlGNzIxNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMliW2Degim/st2y/eDtSRv1SoYjOq1lfWl/Oq9Upm2RnDZbNJvqJffbBBXR m4xPvMHKCw40LNJkoYgBC/sG17rAQaRAQfSgIPaOVTCcw8fNB1ZbdVQnjFapFE3b rnoe8lndb4XOj4oaTh09aR9ZBFP+xM5pqrgCYN/IzusfmsEpYHZjIs3Oylky+Jzt B4xFPfZd4ynW8HKQlv2nUejoq+PJeJTEla3JDhbfYWw0+/B7+PmtvnMSDkX/67y2 RFBr4FfwDtia/8cCfOMLR7+vIbn4ArVd5icL+aCmZS88uUKDABqU2keZzD2J/6/y QNpG0YATUSJTgQSEMmgIDdh6s1ECAwEAAaOCAd4wggHaMB0GA1UdDgQWBBRKrDJY /thN317PENQhI3snvp9yFTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzM4NzYxLnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAM BAIAATAGAwQDeWQYMA0EAgACMAcDBQAkBo8AMA0GCSqGSIb3DQEBCwUAA4IBAQBO mXADY0prtBchKMfxMKehqRlQa828ND3OBBwkoh29aJ5RSbGRZLlayrLH87mRYbC8 9A/oliJv42d10LDYPCZ75kH3YUGcio+fsq96+GDVVHRFpFyQ9qBt2ogp9BI3hOQm hf3td+wo5O6wvAZNpTKocGCKNvn5NMF36K/QXIAbiXaq68Rye/Q07mtASj3lceZb PfZVozQ6wLDbSN5uGtxRY02l7EBic0yreWd9sKs8oCnN+PGV/VPPfMK7hMMBkrR6 639cGD3kyv8TMh4UiNnIIDUHwkbCFL5ns97plUT0wvFaJYBEu3FYyOqpJtVIS5HK w4hhtnDwnzm9GDOowB6C -----END CERTIFICATE-----Generated at Wed Dec 3 13:55:15 2025 by rpki-client