This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/f96401e3-9f62-4b3c-bffb-783355ae6770/0/323430363a376263303a3a2f33322d3332203d3e20313431303737.roa File: 323430363a376263303a3a2f33322d3332203d3e20313431303737.roa (raw, json) Hash identifier: ycLrFSluhQHbHMeR5mx7HDHqT3Cknj/hMk/uIjRqWwc= Subject key identifier: E6:9D:F9:C2:BA:06:9E:04:F7:CC:D5:EA:DF:CB:E4:00:E7:2B:9D:32 Certificate issuer: /CN=C25D5056A69CE0D0685BAD8E48F33A4A62A5C582 Certificate serial: 505268DA88DE0C517E400D15F7636A68EE125695 Authority key identifier: C2:5D:50:56:A6:9C:E0:D0:68:5B:AD:8E:48:F3:3A:4A:62:A5:C5:82 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C25D5056A69CE0D0685BAD8E48F33A4A62A5C582.cer Subject info access: rsync://repo-rpki.idnic.net/repo/f96401e3-9f62-4b3c-bffb-783355ae6770/0/323430363a376263303a3a2f33322d3332203d3e20313431303737.roa Signing time: Sun 07 Dec 2025 19:00:03 +0000 ROA not before: Sun 07 Dec 2025 18:55:03 +0000 ROA not after: Sun 06 Dec 2026 19:00:03 +0000 asID: 141077 IP address blocks: 2406:7bc0::/32 maxlen: 32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/f96401e3-9f62-4b3c-bffb-783355ae6770/0/C25D5056A69CE0D0685BAD8E48F33A4A62A5C582.crl rsync://repo-rpki.idnic.net/repo/f96401e3-9f62-4b3c-bffb-783355ae6770/0/C25D5056A69CE0D0685BAD8E48F33A4A62A5C582.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C25D5056A69CE0D0685BAD8E48F33A4A62A5C582.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 20 Dec 2025 07:55:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:52:68:da:88:de:0c:51:7e:40:0d:15:f7:63:6a:68:ee:12:56:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C25D5056A69CE0D0685BAD8E48F33A4A62A5C582 Validity Not Before: Dec 7 18:55:03 2025 GMT Not After : Dec 6 19:00:03 2026 GMT Subject: CN=E69DF9C2BA069E04F7CCD5EADFCBE400E72B9D32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:2d:e4:2d:3b:16:3f:b8:a3:dd:e0:49:c5:4b: 11:68:2f:f5:be:6e:aa:b9:33:27:0a:a0:99:a7:bf: ab:0f:0f:5f:47:b5:de:8e:7a:3e:78:25:63:69:94: 3a:f8:21:98:5d:54:c6:97:6c:fd:f0:c3:f4:f0:af: 54:b3:52:2f:46:df:70:31:8c:92:ea:9d:4c:6a:98: 94:44:75:a2:89:7b:39:ac:8d:75:f2:3f:92:eb:4f: 52:48:55:30:45:64:ff:6d:f4:d8:e5:54:ce:d2:bb: 31:a2:27:2e:78:e3:23:7d:7a:d4:15:a5:c5:07:10: ef:32:ba:e0:f8:61:e1:12:a0:50:e8:43:7b:de:71: bc:0b:d8:94:af:c5:59:f1:c8:09:ba:28:58:69:ff: bf:ed:8a:fc:00:77:a2:11:28:17:cc:d3:58:8d:dd: 89:81:d2:50:ee:c2:f6:c9:4d:aa:e6:9a:63:5b:ae: e8:fc:5e:11:cb:79:ee:e8:fd:fd:75:d6:15:7d:65: 70:bd:46:ae:4b:ba:ae:29:35:0f:35:42:14:28:8b: ae:e6:55:54:f6:0a:51:88:06:57:e4:cb:ae:72:37: ea:2c:01:6d:01:8c:fb:f2:36:a4:63:5b:88:00:9d: c9:9a:20:39:22:8b:32:43:da:b7:44:ac:b0:0a:4d: 9f:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:9D:F9:C2:BA:06:9E:04:F7:CC:D5:EA:DF:CB:E4:00:E7:2B:9D:32 X509v3 Authority Key Identifier: keyid:C2:5D:50:56:A6:9C:E0:D0:68:5B:AD:8E:48:F3:3A:4A:62:A5:C5:82 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/f96401e3-9f62-4b3c-bffb-783355ae6770/0/C25D5056A69CE0D0685BAD8E48F33A4A62A5C582.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C25D5056A69CE0D0685BAD8E48F33A4A62A5C582.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f96401e3-9f62-4b3c-bffb-783355ae6770/0/323430363a376263303a3a2f33322d3332203d3e20313431303737.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:7bc0::/32 Signature Algorithm: sha256WithRSAEncryption b7:70:64:b8:8c:b1:72:04:1a:03:c5:e5:6b:fe:65:79:e2:cb: b4:a7:42:ea:5e:69:eb:b3:9e:fe:49:02:35:8e:f9:d2:84:a3: bb:bb:a0:be:67:40:8b:92:78:8b:59:0f:d8:45:20:4c:96:68: 2b:f0:e6:5a:54:e3:12:2d:8b:3e:a9:26:00:50:f5:3f:7d:d1: 83:87:1e:19:b8:dd:a5:9b:30:26:ec:45:d4:50:06:11:7b:86: f4:ce:0d:75:33:21:43:38:83:a8:3d:f6:39:40:41:c6:af:15: 1e:0e:5c:a4:7e:87:e4:15:98:06:7a:43:d9:fc:bb:96:0f:ca: 30:3b:75:f1:a5:9b:57:3a:dc:42:e9:be:da:8d:ec:e1:da:7d: 68:71:4f:eb:61:05:c5:ae:c5:82:8a:8d:2b:b7:bf:d8:c5:52: 0d:0a:dc:7f:35:f1:f5:0c:cd:5c:c1:6c:d3:8c:ca:69:87:4f: 74:45:c8:90:d2:98:66:04:8b:18:c8:8c:27:82:db:78:8b:c5: 68:fd:d1:91:8f:f9:b4:57:e1:86:f8:d4:29:69:cf:a6:19:6a: 7e:72:7b:e7:47:3a:8a:3d:22:43:52:23:e2:dc:9b:56:b9:32: 08:28:e7:3a:a4:28:38:04:96:a7:6b:0a:5c:83:28:24:e4:10: 1a:c2:ed:08 -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgIUUFJo2ojeDFF+QA0V92NqaO4SVpUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzI1RDUwNTZBNjlDRTBEMDY4NUJBRDhFNDhGMzNBNEE2 MkE1QzU4MjAeFw0yNTEyMDcxODU1MDNaFw0yNjEyMDYxOTAwMDNaMDMxMTAvBgNV BAMTKEU2OURGOUMyQkEwNjlFMDRGN0NDRDVFQURGQ0JFNDAwRTcyQjlEMzIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVLeQtOxY/uKPd4EnFSxFoL/W+ bqq5MycKoJmnv6sPD19Htd6Oej54JWNplDr4IZhdVMaXbP3ww/Twr1SzUi9G33Ax jJLqnUxqmJREdaKJezmsjXXyP5LrT1JIVTBFZP9t9NjlVM7SuzGiJy544yN9etQV pcUHEO8yuuD4YeESoFDoQ3vecbwL2JSvxVnxyAm6KFhp/7/tivwAd6IRKBfM01iN 3YmB0lDuwvbJTarmmmNbruj8XhHLee7o/f111hV9ZXC9Rq5Luq4pNQ81QhQoi67m VVT2ClGIBlfky65yN+osAW0BjPvyNqRjW4gAncmaIDkiizJD2rdErLAKTZ9RAgMB AAGjggIzMIICLzAdBgNVHQ4EFgQU5p35wroGngT3zNXq38vkAOcrnTIwHwYDVR0j BBgwFoAUwl1QVqac4NBoW62OSPM6SmKlxYIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m OTY0MDFlMy05ZjYyLTRiM2MtYmZmYi03ODMzNTVhZTY3NzAvMC9DMjVENTA1NkE2 OUNFMEQwNjg1QkFEOEU0OEYzM0E0QTYyQTVDNTgyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQzI1RDUwNTZBNjlDRTBEMDY4NUJBRDhFNDhGMzNBNEE2MkE1 QzU4Mi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2Y5NjQwMWUzLTlmNjItNGIzYy1i ZmZiLTc4MzM1NWFlNjc3MC8wLzMyMzQzMDM2M2EzNzYyNjMzMDNhM2EyZjMzMzIy ZDMzMzIyMDNkM2UyMDMxMzQzMTMwMzczNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQGe8AwDQYJKoZI hvcNAQELBQADggEBALdwZLiMsXIEGgPF5Wv+ZXniy7SnQupeaeuznv5JAjWO+dKE o7u7oL5nQIuSeItZD9hFIEyWaCvw5lpU4xItiz6pJgBQ9T990YOHHhm43aWbMCbs RdRQBhF7hvTODXUzIUM4g6g99jlAQcavFR4OXKR+h+QVmAZ6Q9n8u5YPyjA7dfGl m1c63ELpvtqN7OHafWhxT+thBcWuxYKKjSu3v9jFUg0K3H818fUMzVzBbNOMymmH T3RFyJDSmGYEixjIjCeC23iLxWj90ZGP+bRX4Yb41Clpz6YZan5ye+dHOoo9IkNS I+Lcm1a5Mggo5zqkKDgElqdrClyDKCTkEBrC7Qg= -----END CERTIFICATE-----Generated at Fri Dec 19 13:14:23 2025 by rpki-client