This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152407.roa File: AS152407.roa (raw, json) Hash identifier: MjPqYGbkuYUOkenmuhHiK/pwV6I1ovNYaRtGqh7sxcc= Subject key identifier: C4:A5:34:D5:C0:83:89:84:77:32:21:3A:11:55:67:C2:2F:58:D1:2E Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 1B1A89C526B3F416AAB433CC96327982A45A45AA Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152407.roa Signing time: Thu 08 Jan 2026 11:00:08 +0000 ROA not before: Thu 08 Jan 2026 10:55:08 +0000 ROA not after: Thu 07 Jan 2027 11:00:08 +0000 asID: 152407 IP address blocks: 157.20.92.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 28 Jan 2026 21:04:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:1a:89:c5:26:b3:f4:16:aa:b4:33:cc:96:32:79:82:a4:5a:45:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:08 2026 GMT Not After : Jan 7 11:00:08 2027 GMT Subject: CN=C4A534D5C08389847732213A115567C22F58D12E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:6d:07:65:d1:06:c9:90:d8:73:f7:8a:4d:a9: 5b:f0:d2:23:d1:1d:4d:05:f0:c4:f8:53:e9:2f:a4: 0f:cc:38:ea:f8:c8:5b:bf:d8:2c:a0:12:b3:4e:eb: 40:07:64:01:3e:fb:cf:e2:a9:04:60:af:95:f9:2c: 75:cd:03:e4:61:2e:11:c3:52:bb:cb:28:96:de:42: a6:13:00:b5:6e:a9:49:ca:38:4a:4c:f4:f9:67:d2: 1f:a1:28:61:2a:f0:f5:06:f2:bb:2d:77:53:fd:54: f4:7d:40:31:24:1c:5b:89:01:d9:c2:d0:fb:66:35: df:9f:d7:ad:a3:87:4c:86:4c:99:fd:0c:39:ec:bb: 23:e4:a5:1d:14:54:bf:07:b7:84:87:92:f6:ca:45: da:8d:18:9e:e4:f8:77:d9:bb:c2:90:ca:e2:59:24: 89:af:39:e3:dd:05:34:49:e9:3f:2a:d6:7e:44:2a: 1e:05:34:be:3f:3b:cf:9a:9a:77:2d:dc:84:ff:2d: f6:24:e4:6a:96:63:fd:c5:fc:b9:01:a5:8b:2b:dd: 33:21:69:9e:99:b2:af:a5:b6:98:a6:f7:3c:84:49: e1:59:89:a7:f5:2f:b0:f6:3e:9d:37:7e:e8:18:61: 95:64:c9:b8:7c:ef:27:44:22:73:ae:dd:90:ef:d6: 43:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:A5:34:D5:C0:83:89:84:77:32:21:3A:11:55:67:C2:2F:58:D1:2E X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152407.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.92.0/23 Signature Algorithm: sha256WithRSAEncryption 7c:0c:8a:17:eb:0a:69:fe:46:92:85:9f:ed:99:d2:b5:82:83: 7c:70:24:3b:23:e3:6e:63:f8:2e:06:7f:24:46:e3:7d:d2:4d: d7:78:7c:0b:54:90:bf:48:9b:1b:d4:29:74:1a:74:5b:0d:a4: 15:52:01:94:43:c6:e0:c7:ac:f9:c5:c2:24:d4:48:eb:6d:47: a3:1b:9a:98:64:57:54:d0:7b:f9:c8:e9:d2:a4:bd:fc:43:e4: 96:4a:7b:b1:af:5e:4d:ca:a7:c0:51:57:0c:e1:bc:a9:88:f1: 59:5a:c8:45:00:8e:e8:44:84:9e:b6:1e:a7:1e:84:24:1f:a0: 52:97:9e:4c:b5:0f:16:de:da:46:cc:92:e0:88:d6:66:53:0c: 2c:a6:24:e7:ef:90:a3:7d:53:fd:10:5d:d5:fe:a5:8b:f1:37: 92:30:4a:a5:d8:a6:f5:33:b0:5e:ec:2e:b7:bd:7c:63:bb:09: 5a:b8:ac:06:f9:4a:54:da:2a:35:18:7a:ec:5e:1a:82:14:b7: e9:71:45:eb:e1:dc:bb:ed:b7:7a:c2:3d:c9:8e:6d:85:29:5f: 82:d9:e4:2b:8b:97:b0:ab:45:e1:b8:33:d8:1f:7b:b3:1e:cb: 23:11:b2:f0:42:b9:75:8e:89:a2:86:96:8a:48:a4:5e:45:db: 67:54:5a:05 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUGxqJxSaz9BaqtDPMljJ5gqRaRaowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwOFoX DTI3MDEwNzExMDAwOFowMzExMC8GA1UEAxMoQzRBNTM0RDVDMDgzODk4NDc3MzIy MTNBMTE1NTY3QzIyRjU4RDEyRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJJtB2XRBsmQ2HP3ik2pW/DSI9EdTQXwxPhT6S+kD8w46vjIW7/YLKASs07r QAdkAT77z+KpBGCvlfksdc0D5GEuEcNSu8solt5CphMAtW6pSco4Skz0+WfSH6Eo YSrw9Qbyuy13U/1U9H1AMSQcW4kB2cLQ+2Y135/XraOHTIZMmf0MOey7I+SlHRRU vwe3hIeS9spF2o0YnuT4d9m7wpDK4lkkia85490FNEnpPyrWfkQqHgU0vj87z5qa dy3chP8t9iTkapZj/cX8uQGliyvdMyFpnpmyr6W2mKb3PIRJ4VmJp/UvsPY+nTd+ 6BhhlWTJuHzvJ0Qic67dkO/WQwkCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTEpTTV wIOJhHcyIToRVWfCL1jRLjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjQwNy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0UXDANBgkqhkiG9w0BAQsFAAOCAQEAfAyKF+sKaf5GkoWf7ZnS tYKDfHAkOyPjbmP4LgZ/JEbjfdJN13h8C1SQv0ibG9QpdBp0Ww2kFVIBlEPG4Mes +cXCJNRI621HoxuamGRXVNB7+cjp0qS9/EPklkp7sa9eTcqnwFFXDOG8qYjxWVrI RQCO6ESEnrYepx6EJB+gUpeeTLUPFt7aRsyS4IjWZlMMLKYk5++Qo31T/RBd1f6l i/E3kjBKpdim9TOwXuwut718Y7sJWrisBvlKVNoqNRh67F4aghS36XFF6+Hcu+23 esI9yY5thSlfgtnkK4uXsKtF4bgz2B97sx7LIxGy8EK5dY6JooaWikikXkXbZ1Ra BQ== -----END CERTIFICATE-----Generated at Mon Jan 26 03:09:51 2026 by rpki-client