This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/a945b86e-0895-4759-a77c-a06ce14e243c/0/323430343a333930303a313a3a2f34382d3438203d3e203338333230.roa File: 323430343a333930303a313a3a2f34382d3438203d3e203338333230.roa (raw, json) Hash identifier: bZIz402y8HeI28WEFFpDnjFVUP7vZBGPQIM5w8kbN1g= Subject key identifier: 3A:57:4E:19:71:14:A3:AC:BE:87:2F:AC:F5:08:37:AD:67:AA:19:96 Certificate issuer: /CN=C8DD5D84FAFABF7EAF62B3B0F4E45A2331F802E1 Certificate serial: 71A71DFFBE3BAC538DFA7A61ECB0ABB957BA6116 Authority key identifier: C8:DD:5D:84:FA:FA:BF:7E:AF:62:B3:B0:F4:E4:5A:23:31:F8:02:E1 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C8DD5D84FAFABF7EAF62B3B0F4E45A2331F802E1.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a945b86e-0895-4759-a77c-a06ce14e243c/0/323430343a333930303a313a3a2f34382d3438203d3e203338333230.roa Signing time: Thu 25 Dec 2025 03:02:35 +0000 ROA not before: Thu 25 Dec 2025 02:57:35 +0000 ROA not after: Thu 24 Dec 2026 03:02:35 +0000 asID: 38320 IP address blocks: 2404:3900:1::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a945b86e-0895-4759-a77c-a06ce14e243c/0/C8DD5D84FAFABF7EAF62B3B0F4E45A2331F802E1.crl rsync://repo-rpki.idnic.net/repo/a945b86e-0895-4759-a77c-a06ce14e243c/0/C8DD5D84FAFABF7EAF62B3B0F4E45A2331F802E1.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C8DD5D84FAFABF7EAF62B3B0F4E45A2331F802E1.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 28 Dec 2025 03:28:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:a7:1d:ff:be:3b:ac:53:8d:fa:7a:61:ec:b0:ab:b9:57:ba:61:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C8DD5D84FAFABF7EAF62B3B0F4E45A2331F802E1 Validity Not Before: Dec 25 02:57:35 2025 GMT Not After : Dec 24 03:02:35 2026 GMT Subject: CN=3A574E197114A3ACBE872FACF50837AD67AA1996 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:1d:c4:3c:8f:c8:b2:c6:6c:75:58:d2:b7:4f: 34:19:24:f8:40:47:90:18:38:0b:ff:cb:54:37:a9: fd:dd:f3:36:7c:be:39:c4:20:12:80:23:dc:16:f1: 45:62:9a:f3:ae:de:22:c2:88:9c:ab:06:54:3a:cc: 40:55:85:f6:98:50:29:60:0a:bb:29:2a:d3:e5:d0: 9a:b9:54:15:a5:fd:fb:10:53:df:ce:cf:6b:c7:45: 6c:6a:16:04:a0:06:64:16:09:c5:7d:1e:0d:e5:15: 0e:a6:df:26:92:18:81:41:74:8e:f2:cb:9e:54:13: db:51:8e:ab:6c:e1:9f:27:7b:34:7e:e6:e7:65:20: 8b:68:ef:f9:ba:f2:0d:9c:18:dc:7c:2e:38:d9:49: 1d:c4:03:8e:97:ea:3c:46:f3:59:ab:3e:d8:35:b0: 49:34:24:83:d9:44:29:b3:04:cd:c6:20:32:bb:6c: 3c:cd:69:fb:e4:eb:c9:5e:24:6b:08:a2:15:50:bb: 05:6b:a6:df:eb:a7:ec:dc:81:2e:96:cb:fd:fe:79: 2a:2b:e2:26:8e:fb:72:87:d5:46:7f:58:7e:3a:b0: f5:8e:c7:27:1b:a9:af:32:ea:b9:04:4a:03:1f:5c: 9d:ec:8b:26:cd:63:37:06:43:fe:27:0b:ba:a8:67: ae:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:57:4E:19:71:14:A3:AC:BE:87:2F:AC:F5:08:37:AD:67:AA:19:96 X509v3 Authority Key Identifier: keyid:C8:DD:5D:84:FA:FA:BF:7E:AF:62:B3:B0:F4:E4:5A:23:31:F8:02:E1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a945b86e-0895-4759-a77c-a06ce14e243c/0/C8DD5D84FAFABF7EAF62B3B0F4E45A2331F802E1.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C8DD5D84FAFABF7EAF62B3B0F4E45A2331F802E1.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a945b86e-0895-4759-a77c-a06ce14e243c/0/323430343a333930303a313a3a2f34382d3438203d3e203338333230.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:3900:1::/48 Signature Algorithm: sha256WithRSAEncryption d2:a2:9f:d6:c9:27:95:84:61:2a:08:6a:c7:8d:c1:8c:4b:24: c3:08:e5:ae:f8:37:f7:fc:44:75:36:20:43:e6:bd:9a:39:fb: 2d:1b:e2:34:52:4f:30:fc:cd:05:f8:8a:d7:a8:4d:8a:86:f5: 03:40:6b:c4:d9:51:e3:49:cf:cf:d7:69:82:db:9d:6d:a1:a5: 65:fe:74:2c:15:5a:d3:dc:03:cd:44:cf:76:f1:2f:c3:51:75: 99:12:b0:e8:ed:c7:3d:94:4a:ee:0c:5e:d7:09:f7:57:e8:12: 3a:e8:f6:cf:31:80:07:49:33:9b:6b:90:52:80:2c:cf:cc:6d: c7:55:e9:0f:33:3f:ae:f8:07:24:2a:25:a7:be:a4:02:f9:39: 7d:03:36:27:ab:ad:7a:fa:49:73:af:ad:a0:d0:44:fe:44:e7: 5a:95:c1:3b:59:77:9d:41:d0:e5:41:93:1c:ee:80:d3:72:f1: 64:9f:3c:6a:6d:9a:0e:78:90:7a:0a:73:ff:13:ae:1a:6d:ee: 10:c6:39:4d:7f:cf:92:72:9b:5f:46:3f:7c:54:be:67:b6:17: da:01:69:aa:f3:1e:33:7e:92:1a:39:06:cf:37:c2:d6:91:57: 51:80:32:32:95:ee:10:01:d9:46:80:85:8b:da:46:df:65:f3: 01:67:90:08 -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgIUcacd/747rFON+nph7LCruVe6YRYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzhERDVEODRGQUZBQkY3RUFGNjJCM0IwRjRFNDVBMjMz MUY4MDJFMTAeFw0yNTEyMjUwMjU3MzVaFw0yNjEyMjQwMzAyMzVaMDMxMTAvBgNV BAMTKDNBNTc0RTE5NzExNEEzQUNCRTg3MkZBQ0Y1MDgzN0FENjdBQTE5OTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEHcQ8j8iyxmx1WNK3TzQZJPhA R5AYOAv/y1Q3qf3d8zZ8vjnEIBKAI9wW8UVimvOu3iLCiJyrBlQ6zEBVhfaYUClg CrspKtPl0Jq5VBWl/fsQU9/Oz2vHRWxqFgSgBmQWCcV9Hg3lFQ6m3yaSGIFBdI7y y55UE9tRjqts4Z8nezR+5udlIIto7/m68g2cGNx8LjjZSR3EA46X6jxG81mrPtg1 sEk0JIPZRCmzBM3GIDK7bDzNafvk68leJGsIohVQuwVrpt/rp+zcgS6Wy/3+eSor 4iaO+3KH1UZ/WH46sPWOxycbqa8y6rkESgMfXJ3siybNYzcGQ/4nC7qoZ66ZAgMB AAGjggI3MIICMzAdBgNVHQ4EFgQUOldOGXEUo6y+hy+s9Qg3rWeqGZYwHwYDVR0j BBgwFoAUyN1dhPr6v36vYrOw9ORaIzH4AuEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h OTQ1Yjg2ZS0wODk1LTQ3NTktYTc3Yy1hMDZjZTE0ZTI0M2MvMC9DOERENUQ4NEZB RkFCRjdFQUY2MkIzQjBGNEU0NUEyMzMxRjgwMkUxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQzhERDVEODRGQUZBQkY3RUFGNjJCM0IwRjRFNDVBMjMzMUY4 MDJFMS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E5NDViODZlLTA4OTUtNDc1OS1h NzdjLWEwNmNlMTRlMjQzYy8wLzMyMzQzMDM0M2EzMzM5MzAzMDNhMzEzYTNhMmYz NDM4MmQzNDM4MjAzZDNlMjAzMzM4MzMzMjMwLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAQ5AAABMA0G CSqGSIb3DQEBCwUAA4IBAQDSop/WySeVhGEqCGrHjcGMSyTDCOWu+Df3/ER1NiBD 5r2aOfstG+I0Uk8w/M0F+IrXqE2KhvUDQGvE2VHjSc/P12mC251toaVl/nQsFVrT 3APNRM928S/DUXWZErDo7cc9lEruDF7XCfdX6BI66PbPMYAHSTOba5BSgCzPzG3H VekPMz+u+AckKiWnvqQC+Tl9AzYnq616+klzr62g0ET+ROdalcE7WXedQdDlQZMc 7oDTcvFknzxqbZoOeJB6CnP/E64abe4QxjlNf8+ScptfRj98VL5nthfaAWmq8x4z fpIaOQbPN8LWkVdRgDIyle4QAdlGgIWL2kbfZfMBZ5AI -----END CERTIFICATE-----Generated at Fri Dec 26 03:16:57 2025 by rpki-client