This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/f26e4564-48f2-43b5-8505-93b498e7d8ab/0/323430343a326338303a3a2f33322d3438203d3e20313334363433.roa File: 323430343a326338303a3a2f33322d3438203d3e20313334363433.roa (raw, json) Hash identifier: 9IhGsQ54tY2/cR1q0Xs6zMzTt5FF9c1oVfoMV5wVdC8= Subject key identifier: C1:C1:99:CB:35:3A:13:8C:65:2C:B9:12:8D:C3:C2:6D:F2:28:46:54 Certificate issuer: /CN=3BB7346C991B689223BADC6F82DD19BE3B017704 Certificate serial: 2E8AFF056502AAC555663267BEBFAC8FC58363BD Authority key identifier: 3B:B7:34:6C:99:1B:68:92:23:BA:DC:6F:82:DD:19:BE:3B:01:77:04 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3BB7346C991B689223BADC6F82DD19BE3B017704.cer Subject info access: rsync://repo-rpki.idnic.net/repo/f26e4564-48f2-43b5-8505-93b498e7d8ab/0/323430343a326338303a3a2f33322d3438203d3e20313334363433.roa Signing time: Sat 27 Dec 2025 11:00:01 +0000 ROA not before: Sat 27 Dec 2025 10:55:01 +0000 ROA not after: Sat 26 Dec 2026 11:00:01 +0000 asID: 134643 IP address blocks: 2404:2c80::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/f26e4564-48f2-43b5-8505-93b498e7d8ab/0/3BB7346C991B689223BADC6F82DD19BE3B017704.crl rsync://repo-rpki.idnic.net/repo/f26e4564-48f2-43b5-8505-93b498e7d8ab/0/3BB7346C991B689223BADC6F82DD19BE3B017704.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3BB7346C991B689223BADC6F82DD19BE3B017704.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 24 Jan 2026 01:21:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:8a:ff:05:65:02:aa:c5:55:66:32:67:be:bf:ac:8f:c5:83:63:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3BB7346C991B689223BADC6F82DD19BE3B017704 Validity Not Before: Dec 27 10:55:01 2025 GMT Not After : Dec 26 11:00:01 2026 GMT Subject: CN=C1C199CB353A138C652CB9128DC3C26DF2284654 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:2f:c3:df:cc:8a:e6:aa:0e:ba:f2:4f:50:c2: 5a:04:3d:20:78:fe:5a:63:5b:d5:d4:b3:8b:ac:39: fc:b8:9a:c0:39:22:41:bf:74:16:63:ba:f1:35:16: 5b:69:3b:8f:d7:f5:b2:70:63:43:cc:7f:dc:9e:a6: 00:ca:08:e5:5f:97:a4:fd:f8:f7:b6:91:64:e1:01: 05:bb:14:09:40:6f:95:ef:69:a7:2e:d8:f6:cd:d9: 0f:ca:44:d8:b1:9e:10:0e:e0:a6:9c:61:e7:d2:cb: 23:8d:7a:32:43:98:b6:f3:f6:cf:c1:d6:b5:a1:72: 13:96:fb:cc:8d:2e:96:87:70:9c:6d:ff:8e:ef:8a: b8:22:39:38:cb:8d:e9:0b:eb:17:f7:5e:36:c4:ce: 9b:6f:bf:f4:3e:de:48:ce:42:39:2d:9b:0d:ae:8e: 4a:98:8d:35:75:d0:40:4f:eb:6b:1d:7d:fb:6b:0a: 31:43:cd:3a:11:06:7d:7c:ff:c6:37:b9:15:ec:35: fd:3d:93:31:db:df:6f:f8:2d:bb:98:1f:5f:0c:0c: 74:88:96:2c:05:fa:23:55:02:0f:33:54:01:a9:d9: a0:72:fa:b0:cc:cb:d0:cf:49:2c:4d:e3:07:37:f4: 6e:6f:34:30:c3:db:35:73:ac:ad:59:e9:05:b3:96: f2:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:C1:99:CB:35:3A:13:8C:65:2C:B9:12:8D:C3:C2:6D:F2:28:46:54 X509v3 Authority Key Identifier: keyid:3B:B7:34:6C:99:1B:68:92:23:BA:DC:6F:82:DD:19:BE:3B:01:77:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/f26e4564-48f2-43b5-8505-93b498e7d8ab/0/3BB7346C991B689223BADC6F82DD19BE3B017704.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3BB7346C991B689223BADC6F82DD19BE3B017704.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f26e4564-48f2-43b5-8505-93b498e7d8ab/0/323430343a326338303a3a2f33322d3438203d3e20313334363433.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:2c80::/32 Signature Algorithm: sha256WithRSAEncryption 24:e9:ba:39:c2:5c:37:e1:5b:58:b7:a8:61:90:52:35:c3:cb: 05:bf:d7:65:ad:27:6a:0a:5e:b1:6a:31:7d:7c:0e:aa:a6:5f: a7:94:de:fb:ba:20:70:d5:62:da:c6:b0:17:39:d3:68:03:7c: 45:fe:87:07:10:3d:47:e0:b1:ad:33:2e:44:04:ae:53:87:99: fb:d1:38:ea:5c:5e:53:d0:16:24:e3:16:b7:ea:73:62:1e:78: aa:c1:2f:c4:0c:8d:d2:96:05:f2:d8:12:53:f8:a5:12:f4:b6: 68:7b:d3:9a:f5:31:2b:f7:82:e3:b8:51:60:19:41:82:e3:01: 83:20:bb:d4:51:3f:9d:34:6d:13:c3:21:cf:6a:05:e5:5f:4c: d6:49:11:d1:72:92:6b:7e:f8:c8:51:5d:d1:55:45:74:b1:3e: 3b:f7:37:37:b0:5c:b8:37:1a:cd:91:03:48:78:0b:a9:6e:0f: 91:3e:1c:41:29:06:22:b9:44:de:ec:5b:18:36:5b:7f:59:62: 15:81:08:7c:64:1b:49:6b:d5:09:0c:50:be:5d:b5:df:3a:f1: f9:e5:7d:9c:8e:f6:5b:9b:6e:53:4c:fe:33:e9:df:19:86:83: 49:7f:f4:0c:58:52:75:c3:1f:d9:2e:8c:6f:57:58:0a:d0:87: b7:18:e1:d5 -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgIULor/BWUCqsVVZjJnvr+sj8WDY70wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0JCNzM0NkM5OTFCNjg5MjIzQkFEQzZGODJERDE5QkUz QjAxNzcwNDAeFw0yNTEyMjcxMDU1MDFaFw0yNjEyMjYxMTAwMDFaMDMxMTAvBgNV BAMTKEMxQzE5OUNCMzUzQTEzOEM2NTJDQjkxMjhEQzNDMjZERjIyODQ2NTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdL8PfzIrmqg668k9QwloEPSB4 /lpjW9XUs4usOfy4msA5IkG/dBZjuvE1FltpO4/X9bJwY0PMf9yepgDKCOVfl6T9 +Pe2kWThAQW7FAlAb5Xvaacu2PbN2Q/KRNixnhAO4KacYefSyyONejJDmLbz9s/B 1rWhchOW+8yNLpaHcJxt/47virgiOTjLjekL6xf3XjbEzptvv/Q+3kjOQjktmw2u jkqYjTV10EBP62sdfftrCjFDzToRBn18/8Y3uRXsNf09kzHb32/4LbuYH18MDHSI liwF+iNVAg8zVAGp2aBy+rDMy9DPSSxN4wc39G5vNDDD2zVzrK1Z6QWzlvK/AgMB AAGjggIzMIICLzAdBgNVHQ4EFgQUwcGZyzU6E4xlLLkSjcPCbfIoRlQwHwYDVR0j BBgwFoAUO7c0bJkbaJIjutxvgt0ZvjsBdwQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m MjZlNDU2NC00OGYyLTQzYjUtODUwNS05M2I0OThlN2Q4YWIvMC8zQkI3MzQ2Qzk5 MUI2ODkyMjNCQURDNkY4MkREMTlCRTNCMDE3NzA0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0JCNzM0NkM5OTFCNjg5MjIzQkFEQzZGODJERDE5QkUzQjAx NzcwNC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2YyNmU0NTY0LTQ4ZjItNDNiNS04 NTA1LTkzYjQ5OGU3ZDhhYi8wLzMyMzQzMDM0M2EzMjYzMzgzMDNhM2EyZjMzMzIy ZDM0MzgyMDNkM2UyMDMxMzMzNDM2MzQzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQELIAwDQYJKoZI hvcNAQELBQADggEBACTpujnCXDfhW1i3qGGQUjXDywW/12WtJ2oKXrFqMX18Dqqm X6eU3vu6IHDVYtrGsBc502gDfEX+hwcQPUfgsa0zLkQErlOHmfvROOpcXlPQFiTj Frfqc2IeeKrBL8QMjdKWBfLYElP4pRL0tmh705r1MSv3guO4UWAZQYLjAYMgu9RR P500bRPDIc9qBeVfTNZJEdFykmt++MhRXdFVRXSxPjv3NzewXLg3Gs2RA0h4C6lu D5E+HEEpBiK5RN7sWxg2W39ZYhWBCHxkG0lr1QkMUL5dtd868fnlfZyO9lubblNM /jPp3xmGg0l/9AxYUnXDH9kujG9XWArQh7cY4dU= -----END CERTIFICATE-----Generated at Wed Jan 21 19:22:32 2026 by rpki-client