This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152390.roa File: AS152390.roa (raw, json) Hash identifier: h7ur2qTvCOPGcWGvuZ9FDSJqOnhSuHzLBPkW46zqbTA= Subject key identifier: 19:76:26:0B:A5:52:23:20:19:D6:39:1D:E0:74:9E:8D:EF:09:71:9E Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 2EF506FF0764785B2223747F48601F6A3E0041A8 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152390.roa Signing time: Thu 08 Jan 2026 11:00:02 +0000 ROA not before: Thu 08 Jan 2026 10:55:02 +0000 ROA not after: Thu 07 Jan 2027 11:00:02 +0000 asID: 152390 IP address blocks: 157.20.32.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 28 Jan 2026 21:04:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:f5:06:ff:07:64:78:5b:22:23:74:7f:48:60:1f:6a:3e:00:41:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:02 2026 GMT Not After : Jan 7 11:00:02 2027 GMT Subject: CN=1976260BA552232019D6391DE0749E8DEF09719E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:21:46:c5:33:41:ed:3a:35:8c:4d:59:c7:e7: 6e:ba:36:8d:f7:cb:40:ab:8e:f3:e7:66:8f:9d:7b: bc:68:16:fc:6a:d8:fc:23:ef:ce:4a:d0:38:93:a7: fb:1b:8f:26:5a:f1:fa:a7:ef:e2:a6:f5:b6:b0:25: 43:07:bf:37:2e:6e:33:03:86:c8:cd:70:ee:51:a0: 18:1c:57:99:e2:de:8f:bf:a5:4b:84:b3:31:2c:68: 96:47:34:d2:67:b4:8d:09:29:d8:bd:80:0f:2e:8e: 87:72:a7:91:52:ce:d9:83:92:f4:c6:89:9a:11:be: 4c:51:9d:71:3c:07:a9:ae:9f:2d:0b:0f:33:0e:f5: c0:d5:6f:46:54:f3:dd:e8:22:26:75:64:5d:8e:46: aa:5e:67:9d:f4:05:cc:96:24:99:d8:12:0f:aa:26: c2:e6:d6:d7:56:41:2f:5e:2d:2a:1c:7a:0d:86:28: 67:05:91:fe:23:11:bb:09:4c:80:f7:35:1c:f3:34: 1b:8e:b9:f6:0f:4c:41:dd:14:e3:7f:aa:12:75:d2: 3f:90:eb:c0:b4:90:46:19:31:68:45:b6:e1:a9:b7: 86:14:2c:4a:6c:bb:91:91:50:25:d9:2f:72:0e:70: ac:95:42:fd:85:2b:25:e0:ee:3f:41:d9:c7:b1:9f: e2:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:76:26:0B:A5:52:23:20:19:D6:39:1D:E0:74:9E:8D:EF:09:71:9E X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152390.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.32.0/24 Signature Algorithm: sha256WithRSAEncryption 7c:53:97:d2:f0:df:95:b2:65:23:a8:a2:f5:1e:20:5b:24:27: ac:bb:d2:36:6e:76:74:19:21:b8:38:62:08:ee:15:75:4b:0e: 94:c9:b4:d6:39:b5:36:b9:9c:43:52:3c:b2:82:c7:e4:12:10: d0:3c:84:50:e0:27:94:31:19:f4:aa:eb:9b:dd:d0:31:5e:5a: b1:17:bf:20:6b:34:4f:80:b0:5e:ea:fa:b8:de:55:3f:b3:03: 2f:fe:cf:e7:ea:5d:34:69:c1:e3:1f:14:8a:98:5a:eb:40:f6: c8:92:0a:66:5e:69:6f:90:4c:f7:e5:bb:1f:8e:d9:94:fa:82: 50:b2:11:c6:26:af:6b:f4:56:49:a3:aa:21:46:c0:f6:39:40: 10:c5:d5:08:70:b2:f3:9e:5e:c9:c1:d2:20:83:b7:5d:a6:36: 8c:4a:4c:33:27:f2:07:0d:a8:e1:26:32:02:97:6e:2e:60:4b: e9:bd:8a:38:1f:e5:5e:b0:56:b7:84:8d:fc:cc:8c:ae:a0:b3: 57:55:5f:4a:b2:64:57:dd:83:c3:a8:90:38:01:e7:c5:ef:be: b2:44:64:d6:da:bc:80:e9:c2:72:9b:23:10:bd:dc:1e:e2:07: b0:84:01:43:f3:ee:17:50:88:8a:57:2e:2d:b6:e1:0c:65:68: b0:47:03:dd -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIULvUG/wdkeFsiI3R/SGAfaj4AQagwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwMloX DTI3MDEwNzExMDAwMlowMzExMC8GA1UEAxMoMTk3NjI2MEJBNTUyMjMyMDE5RDYz OTFERTA3NDlFOERFRjA5NzE5RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL4hRsUzQe06NYxNWcfnbro2jffLQKuO8+dmj517vGgW/GrY/CPvzkrQOJOn +xuPJlrx+qfv4qb1trAlQwe/Ny5uMwOGyM1w7lGgGBxXmeLej7+lS4SzMSxolkc0 0me0jQkp2L2ADy6Oh3KnkVLO2YOS9MaJmhG+TFGdcTwHqa6fLQsPMw71wNVvRlTz 3egiJnVkXY5Gql5nnfQFzJYkmdgSD6omwubW11ZBL14tKhx6DYYoZwWR/iMRuwlM gPc1HPM0G4659g9MQd0U43+qEnXSP5DrwLSQRhkxaEW24am3hhQsSmy7kZFQJdkv cg5wrJVC/YUrJeDuP0HZx7Gf4p8CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQZdiYL pVIjIBnWOR3gdJ6N7wlxnjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjM5MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAJ0UIDANBgkqhkiG9w0BAQsFAAOCAQEAfFOX0vDflbJlI6ii9R4g WyQnrLvSNm52dBkhuDhiCO4VdUsOlMm01jm1NrmcQ1I8soLH5BIQ0DyEUOAnlDEZ 9Krrm93QMV5asRe/IGs0T4CwXur6uN5VP7MDL/7P5+pdNGnB4x8Uipha60D2yJIK Zl5pb5BM9+W7H47ZlPqCULIRxiava/RWSaOqIUbA9jlAEMXVCHCy855eycHSIIO3 XaY2jEpMMyfyBw2o4SYyApduLmBL6b2KOB/lXrBWt4SN/MyMrqCzV1VfSrJkV92D w6iQOAHnxe++skRk1tq8gOnCcpsjEL3cHuIHsIQBQ/PuF1CIilcuLbbhDGVosEcD 3Q== -----END CERTIFICATE-----Generated at Sun Jan 25 17:17:17 2026 by rpki-client