This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS154372.roa File: AS154372.roa (raw, json) Hash identifier: AP/2p5Rh48Qf4L3hMgc/EWuovh7OxYdJS6mLt+nFMY4= Subject key identifier: 54:0D:33:AB:AA:F6:C5:D3:89:CD:8B:48:A1:90:85:8C:6F:5E:02:E7 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 01EF57DDE4FD586DBF8E3F63D3743F64CD57B377 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS154372.roa Signing time: Tue 18 Nov 2025 07:49:14 +0000 ROA not before: Tue 18 Nov 2025 07:44:14 +0000 ROA not after: Tue 17 Nov 2026 07:49:14 +0000 asID: 154372 IP address blocks: 138.252.158.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 06:55:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:ef:57:dd:e4:fd:58:6d:bf:8e:3f:63:d3:74:3f:64:cd:57:b3:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Nov 18 07:44:14 2025 GMT Not After : Nov 17 07:49:14 2026 GMT Subject: CN=540D33ABAAF6C5D389CD8B48A190858C6F5E02E7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:89:31:d7:97:ec:eb:b5:3f:e1:d0:4a:83:f9: 57:e6:58:71:42:62:1c:07:68:ac:d8:13:c7:66:2d: c4:e0:6b:47:37:f4:17:80:13:e0:f3:63:08:80:7e: 63:99:45:bb:e8:d6:85:6b:f3:60:3c:d7:8d:0f:72: 19:2f:5c:56:cf:c6:89:c4:97:93:36:e2:52:cc:37: b6:35:0a:ce:da:d5:4c:19:61:09:f5:aa:a7:a4:ab: 1f:f2:05:01:99:aa:ba:6c:9c:3b:af:70:17:98:c9: 12:5f:4d:f2:b7:74:84:b4:97:f1:4e:64:e7:1d:2e: 3a:5b:05:09:bb:00:b9:f7:d0:4d:11:ea:fe:fe:21: a1:68:ff:e7:32:d0:a1:45:83:3c:6d:d5:4d:36:37: 6f:2c:58:86:8b:9d:8b:89:fd:05:1c:7d:81:c5:8e: f8:b2:66:40:a7:bb:51:39:a3:5b:d3:86:ac:8b:10: 8d:cf:d6:f1:9a:78:73:08:9b:dc:3f:24:42:50:bb: d1:94:fd:30:e2:d9:eb:29:83:a1:7f:cb:62:0e:6b: 4a:e1:ad:9a:4b:54:d0:0c:a0:84:77:18:7e:6d:73: 6e:15:09:49:7b:c2:57:7c:de:89:e9:32:ba:ff:c0: 07:1c:13:70:62:1b:97:88:6d:42:cc:91:ad:ac:5f: b9:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:0D:33:AB:AA:F6:C5:D3:89:CD:8B:48:A1:90:85:8C:6F:5E:02:E7 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS154372.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.252.158.0/23 Signature Algorithm: sha256WithRSAEncryption 21:1f:ed:7f:68:4e:a5:c2:63:8d:1f:f1:46:91:2f:c7:9c:98: fc:a8:f2:d9:58:3a:98:dd:3d:64:f3:1c:89:91:ce:23:b4:dd: 18:26:df:5c:32:ea:66:36:f1:b1:b8:db:4f:53:02:2a:a3:18: 20:4f:b4:10:94:e0:4a:15:12:9a:b9:b9:c1:b7:84:3f:94:13: 2c:f0:64:c9:94:52:5c:cd:d9:2e:d1:9f:de:2a:9b:60:d7:2f: 5a:c0:f5:8c:ae:29:b4:f3:22:d3:3e:a6:3f:1e:1c:80:28:b1: 5c:82:b8:67:63:0f:f4:11:60:f5:bf:8e:e8:a0:38:8d:b5:c6: 1e:fc:a6:ae:59:f6:ad:71:32:ca:f9:73:09:cf:ec:87:59:c2: 56:04:de:91:88:7a:81:a7:ea:3b:b4:33:c1:71:9f:e7:a0:26: db:72:71:9b:18:1a:e8:38:25:0e:32:2f:b6:07:23:85:d9:16: 0d:b2:ef:9e:91:47:71:00:ab:dc:4e:57:18:84:9a:84:60:10: c6:13:30:08:75:af:61:45:55:67:48:b8:76:a7:2a:fc:f6:ea: a2:78:d9:d3:03:6e:07:53:76:5a:58:41:67:90:ea:53:95:28: 16:26:10:c9:44:79:45:4b:0c:16:94:ab:25:ad:a2:e2:11:3c: 80:bf:ac:77 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUAe9X3eT9WG2/jj9j03Q/ZM1Xs3cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MTExODA3NDQxNFoX DTI2MTExNzA3NDkxNFowMzExMC8GA1UEAxMoNTQwRDMzQUJBQUY2QzVEMzg5Q0Q4 QjQ4QTE5MDg1OEM2RjVFMDJFNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALqJMdeX7Ou1P+HQSoP5V+ZYcUJiHAdorNgTx2YtxOBrRzf0F4AT4PNjCIB+ Y5lFu+jWhWvzYDzXjQ9yGS9cVs/GicSXkzbiUsw3tjUKztrVTBlhCfWqp6SrH/IF AZmqumycO69wF5jJEl9N8rd0hLSX8U5k5x0uOlsFCbsAuffQTRHq/v4hoWj/5zLQ oUWDPG3VTTY3byxYhoudi4n9BRx9gcWO+LJmQKe7UTmjW9OGrIsQjc/W8Zp4cwib 3D8kQlC70ZT9MOLZ6ymDoX/LYg5rSuGtmktU0AyghHcYfm1zbhUJSXvCV3zeieky uv/ABxwTcGIbl4htQsyRraxfuYUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRUDTOr qvbF04nNi0ihkIWMb14C5zAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1NDM3Mi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAYr8njANBgkqhkiG9w0BAQsFAAOCAQEAIR/tf2hOpcJjjR/xRpEv x5yY/Kjy2Vg6mN09ZPMciZHOI7TdGCbfXDLqZjbxsbjbT1MCKqMYIE+0EJTgShUS mrm5wbeEP5QTLPBkyZRSXM3ZLtGf3iqbYNcvWsD1jK4ptPMi0z6mPx4cgCixXIK4 Z2MP9BFg9b+O6KA4jbXGHvymrln2rXEyyvlzCc/sh1nCVgTekYh6gafqO7QzwXGf 56Am23Jxmxga6DglDjIvtgcjhdkWDbLvnpFHcQCr3E5XGISahGAQxhMwCHWvYUVV Z0i4dqcq/PbqonjZ0wNuB1N2WlhBZ5DqU5UoFiYQyUR5RUsMFpSrJa2i4hE8gL+s dw== -----END CERTIFICATE-----Generated at Sat Dec 6 12:54:11 2025 by rpki-client