This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152799.roa File: AS152799.roa (raw, json) Hash identifier: xu1o67VA0b7kB983pENwXm5WU3G7d0x6XU9OpMX3gSg= Subject key identifier: 0F:D3:4A:BE:A5:09:3C:2F:5D:07:6A:66:47:0A:58:D8:1D:E7:FC:55 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 03E85D035BD294EE93C0FCA98B9D658B8F73CC59 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152799.roa Signing time: Fri 21 Nov 2025 08:59:24 +0000 ROA not before: Fri 21 Nov 2025 08:54:24 +0000 ROA not after: Fri 20 Nov 2026 08:59:24 +0000 asID: 152799 IP address blocks: 138.252.176.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 06:55:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:e8:5d:03:5b:d2:94:ee:93:c0:fc:a9:8b:9d:65:8b:8f:73:cc:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Nov 21 08:54:24 2025 GMT Not After : Nov 20 08:59:24 2026 GMT Subject: CN=0FD34ABEA5093C2F5D076A66470A58D81DE7FC55 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:28:fd:61:aa:68:db:ef:6f:22:e4:d0:55:4a: e6:b6:c5:a7:12:b9:72:47:1e:28:43:a8:94:45:14: 1d:8f:fd:a2:69:ae:d3:dc:da:79:c0:24:1d:9b:b8: 97:02:c9:4e:96:88:78:1c:8b:ab:f1:d6:ad:10:b3: 19:1d:b3:19:f3:f9:9e:e8:e2:ed:5f:35:52:30:cb: 07:af:1e:c8:52:7d:76:e8:9b:21:db:83:56:82:56: 2d:a3:2b:42:46:b8:65:86:d0:aa:03:1a:f4:f5:40: 16:60:11:8b:3b:3a:92:64:cd:48:ea:4f:35:46:b6: 98:99:70:af:f6:ba:e6:da:6e:e4:55:c8:e2:95:25: 2e:04:8e:3b:31:9e:ec:0a:52:74:9f:79:dd:8f:8e: fe:44:70:b7:40:f8:bb:68:b9:20:6e:fb:c8:7b:79: 20:4a:c9:0d:0f:32:9a:cc:18:9c:82:b1:fc:46:cc: af:4d:cc:4e:82:f7:6f:96:61:3d:6a:b8:c9:3f:a5: 7e:00:04:5b:49:a2:1f:92:9e:60:e7:90:27:25:41: 76:6a:ad:55:c0:14:71:05:6a:ae:4a:34:bc:df:08: f7:72:32:42:bd:91:e6:1d:43:09:29:ca:25:57:38: 3d:df:4d:52:3d:54:25:69:a4:80:c6:83:17:b0:37: 6a:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:D3:4A:BE:A5:09:3C:2F:5D:07:6A:66:47:0A:58:D8:1D:E7:FC:55 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152799.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.252.176.0/24 Signature Algorithm: sha256WithRSAEncryption 20:e2:31:9a:61:77:4f:57:3b:f2:e4:38:5f:c2:c6:62:40:53: b9:f6:bb:66:22:96:69:3c:e6:42:1b:2a:69:80:74:6f:e0:9f: ff:5d:a6:cf:d1:23:ef:e6:99:60:3d:b8:17:a4:d6:50:7b:65: fb:db:e8:c5:03:6a:d1:77:11:84:90:3c:f1:23:8e:c8:01:49: b3:43:a9:e7:ca:8c:65:96:b8:f6:ee:0c:4d:7a:4f:49:2e:01: 02:56:c2:83:41:cc:af:5c:24:4c:91:ff:11:59:18:04:c2:c5: dd:05:bf:d4:c0:31:a3:a8:bf:20:e8:9e:fd:ae:85:a0:6d:be: 7a:8c:42:da:5a:b5:3f:87:09:7a:dc:a8:3d:81:64:36:61:93: 2f:68:ea:ca:fb:85:16:e4:a0:c4:b3:3d:b2:2d:29:22:cd:4e: 2e:c2:dc:48:68:ff:47:35:3a:f6:93:0a:34:51:d0:f7:0c:d8: 93:cb:b6:77:1f:f2:8d:8d:e7:b8:d8:f7:60:02:07:73:19:98: 61:97:a5:39:2c:48:55:6d:ce:3b:40:20:59:3d:fb:29:46:a6: f7:6e:62:f6:90:6b:18:5f:7f:89:27:a4:6c:48:bf:8a:4c:21: 5d:b2:bf:aa:3c:e6:62:5a:0f:52:00:ec:80:c8:20:b4:a4:08: bf:ae:61:e8 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUA+hdA1vSlO6TwPypi51li49zzFkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MTEyMTA4NTQyNFoX DTI2MTEyMDA4NTkyNFowMzExMC8GA1UEAxMoMEZEMzRBQkVBNTA5M0MyRjVEMDc2 QTY2NDcwQTU4RDgxREU3RkM1NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJso/WGqaNvvbyLk0FVK5rbFpxK5ckceKEOolEUUHY/9ommu09zaecAkHZu4 lwLJTpaIeByLq/HWrRCzGR2zGfP5nuji7V81UjDLB68eyFJ9duibIduDVoJWLaMr Qka4ZYbQqgMa9PVAFmARizs6kmTNSOpPNUa2mJlwr/a65tpu5FXI4pUlLgSOOzGe 7ApSdJ953Y+O/kRwt0D4u2i5IG77yHt5IErJDQ8ymswYnIKx/EbMr03MToL3b5Zh PWq4yT+lfgAEW0miH5KeYOeQJyVBdmqtVcAUcQVqrko0vN8I93IyQr2R5h1DCSnK JVc4Pd9NUj1UJWmkgMaDF7A3auUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQP00q+ pQk8L10HamZHCljYHef8VTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1Mjc5OS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAIr8sDANBgkqhkiG9w0BAQsFAAOCAQEAIOIxmmF3T1c78uQ4X8LG YkBTufa7ZiKWaTzmQhsqaYB0b+Cf/12mz9Ej7+aZYD24F6TWUHtl+9voxQNq0XcR hJA88SOOyAFJs0Op58qMZZa49u4MTXpPSS4BAlbCg0HMr1wkTJH/EVkYBMLF3QW/ 1MAxo6i/IOie/a6FoG2+eoxC2lq1P4cJetyoPYFkNmGTL2jqyvuFFuSgxLM9si0p Is1OLsLcSGj/RzU69pMKNFHQ9wzYk8u2dx/yjY3nuNj3YAIHcxmYYZelOSxIVW3O O0AgWT37KUam925i9pBrGF9/iSekbEi/ikwhXbK/qjzmYloPUgDsgMggtKQIv65h 6A== -----END CERTIFICATE-----Generated at Sat Dec 6 12:54:05 2025 by rpki-client