This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152436.roa File: AS152436.roa (raw, json) Hash identifier: csHeeRHjZv1Ea2f8E1o38WuC1dVZKsTTREtba4Q8Lws= Subject key identifier: 3E:E2:2C:80:86:55:C9:06:00:85:2B:6F:10:66:7A:94:17:AE:ED:DF Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 66B3563A71F5FBC03DA06F0C30EC47B071978D6F Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152436.roa Signing time: Sun 11 Jan 2026 09:00:00 +0000 ROA not before: Sun 11 Jan 2026 08:55:00 +0000 ROA not after: Sun 10 Jan 2027 09:00:00 +0000 asID: 152436 IP address blocks: 157.20.206.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 28 Jan 2026 21:04:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:b3:56:3a:71:f5:fb:c0:3d:a0:6f:0c:30:ec:47:b0:71:97:8d:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 11 08:55:00 2026 GMT Not After : Jan 10 09:00:00 2027 GMT Subject: CN=3EE22C808655C90600852B6F10667A9417AEEDDF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:ac:da:36:e7:57:ce:9a:71:6d:5c:b2:86:50: bf:e7:51:f0:81:e4:32:6f:94:95:7c:57:5e:89:a9: 59:66:30:a0:88:44:29:1e:26:60:9e:9a:bf:61:a8: cf:2f:dc:0d:f5:0a:b9:56:e3:51:19:70:64:95:4b: 28:f3:1a:36:b7:c8:bf:91:5e:d6:9b:89:fd:ef:b0: 4d:40:d4:c2:ce:cb:d8:6e:96:25:ff:55:b5:21:f3: 95:e8:51:02:54:a2:e8:76:18:2a:ed:6a:6a:45:7f: 56:e1:e8:3f:95:33:90:19:be:30:5c:c3:43:11:2f: f6:b5:2f:29:cf:68:6a:f6:67:dd:49:0f:43:e5:10: 7e:d0:d3:d0:97:83:ae:40:b4:c1:c3:9a:6b:aa:ee: 61:1e:38:e2:b3:02:60:db:fd:de:a9:08:ff:20:8b: 69:8d:9c:5e:2b:63:14:b3:b2:9d:29:5d:df:58:77: 14:30:81:62:fe:9c:92:9f:87:26:89:ad:db:27:df: 0c:a0:08:2e:0f:98:f3:ca:b3:50:cc:44:13:97:12: b3:2a:76:aa:e6:ad:14:da:04:e6:c1:80:e2:ec:27: a3:77:1c:63:e4:01:4f:22:4c:a1:57:d5:1d:9b:c9: ce:e1:c9:56:02:90:cf:d3:a2:5d:50:9a:ee:35:5a: 1d:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:E2:2C:80:86:55:C9:06:00:85:2B:6F:10:66:7A:94:17:AE:ED:DF X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152436.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.206.0/23 Signature Algorithm: sha256WithRSAEncryption 85:07:41:c5:78:9b:80:ee:37:c8:ba:cc:5c:b1:6b:5d:ea:9a: a2:c4:e0:71:d3:d0:a9:ee:69:d5:89:fb:38:09:99:b7:12:99: c9:c6:c4:7a:69:d9:e8:18:48:42:48:83:a5:7f:5f:fb:f6:60: 20:e9:30:fb:a0:05:76:74:ed:12:8e:f3:00:ef:aa:a9:19:6f: f5:40:bb:93:ad:3d:47:1c:07:8a:ab:bd:a2:26:02:93:88:68: a0:25:4e:a3:45:cd:4e:46:31:10:48:d1:6e:61:72:3a:34:10: d9:45:cb:9f:7c:05:cb:8d:0f:bc:52:ca:39:48:08:6c:76:e8: e7:99:02:ad:74:af:6d:d0:31:98:10:6c:14:3f:8a:96:33:e7: f4:64:06:b6:3c:dd:bd:64:96:29:50:df:5e:47:9c:ba:0c:8d: d4:77:9b:16:54:56:67:b3:cb:da:14:b9:dd:c4:51:8d:f1:a7: 98:10:93:71:f4:8a:b5:cb:0e:65:f6:19:25:87:42:d9:ad:2c: d1:dd:9d:04:f4:45:79:c2:4b:bc:4f:bb:8f:8b:a5:f3:36:80: 1a:b7:93:12:03:7a:11:7b:34:db:7b:24:a5:45:75:46:48:3c: b2:89:ce:ab:b7:0f:8a:c3:1d:d6:57:77:aa:95:05:63:37:55: c1:bf:5e:2c -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUZrNWOnH1+8A9oG8MMOxHsHGXjW8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDExMTA4NTUwMFoX DTI3MDExMDA5MDAwMFowMzExMC8GA1UEAxMoM0VFMjJDODA4NjU1QzkwNjAwODUy QjZGMTA2NjdBOTQxN0FFRURERjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM+s2jbnV86acW1csoZQv+dR8IHkMm+UlXxXXompWWYwoIhEKR4mYJ6av2Go zy/cDfUKuVbjURlwZJVLKPMaNrfIv5Fe1puJ/e+wTUDUws7L2G6WJf9VtSHzlehR AlSi6HYYKu1qakV/VuHoP5UzkBm+MFzDQxEv9rUvKc9oavZn3UkPQ+UQftDT0JeD rkC0wcOaa6ruYR444rMCYNv93qkI/yCLaY2cXitjFLOynSld31h3FDCBYv6ckp+H Jomt2yffDKAILg+Y88qzUMxEE5cSsyp2quatFNoE5sGA4uwno3ccY+QBTyJMoVfV HZvJzuHJVgKQz9OiXVCa7jVaHcUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQ+4iyA hlXJBgCFK28QZnqUF67t3zAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjQzNi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0UzjANBgkqhkiG9w0BAQsFAAOCAQEAhQdBxXibgO43yLrMXLFr XeqaosTgcdPQqe5p1Yn7OAmZtxKZycbEemnZ6BhIQkiDpX9f+/ZgIOkw+6AFdnTt Eo7zAO+qqRlv9UC7k609RxwHiqu9oiYCk4hooCVOo0XNTkYxEEjRbmFyOjQQ2UXL n3wFy40PvFLKOUgIbHbo55kCrXSvbdAxmBBsFD+KljPn9GQGtjzdvWSWKVDfXkec ugyN1HebFlRWZ7PL2hS53cRRjfGnmBCTcfSKtcsOZfYZJYdC2a0s0d2dBPRFecJL vE+7j4ul8zaAGreTEgN6EXs023skpUV1Rkg8sonOq7cPisMd1ld3qpUFYzdVwb9e LA== -----END CERTIFICATE-----Generated at Sun Jan 25 22:20:19 2026 by rpki-client