This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS154385.roa File: AS154385.roa (raw, json) Hash identifier: 8q+XezIhWCqWxAB0jLY22ZFUZ8dOfNoUpYDSCMgxBSU= Subject key identifier: 37:AA:09:D6:39:3A:CA:47:80:D1:CB:D7:5F:72:00:7E:4F:AB:70:76 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 4361633638E827E9C084FDD7ACE2B4F4027B83FE Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS154385.roa Signing time: Fri 21 Nov 2025 10:59:58 +0000 ROA not before: Fri 21 Nov 2025 10:54:58 +0000 ROA not after: Fri 20 Nov 2026 10:59:58 +0000 asID: 154385 IP address blocks: 138.252.237.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 06:55:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:61:63:36:38:e8:27:e9:c0:84:fd:d7:ac:e2:b4:f4:02:7b:83:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Nov 21 10:54:58 2025 GMT Not After : Nov 20 10:59:58 2026 GMT Subject: CN=37AA09D6393ACA4780D1CBD75F72007E4FAB7076 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:d7:52:4f:63:5f:ae:6a:55:a4:b8:91:3c:6e: 22:2f:0c:35:cb:00:dd:71:be:dc:71:29:1e:94:5e: 6a:02:4e:d5:80:bf:f4:b6:6d:a1:5d:44:a6:73:a5: 4e:b5:e6:44:f5:c3:a6:55:c0:6a:ed:95:17:90:34: 2f:dd:f3:a6:27:0e:11:6e:73:bd:4c:e9:20:c2:8b: 56:f6:02:18:cb:78:e3:0e:e0:fe:2b:57:59:f3:38: 75:c3:e1:e6:6c:63:f2:a4:2a:8d:ae:62:ae:c3:dc: e1:43:f2:80:4d:b8:65:b3:20:bc:51:58:60:34:c4: 62:df:e0:a3:61:d4:f6:44:cd:b6:13:61:dd:57:f1: e2:05:7f:37:64:46:1c:2b:fa:f8:53:66:52:8a:85: a5:d9:f2:54:e1:91:8f:6b:39:6c:0f:39:07:57:66: 0e:09:3e:e8:55:8b:0e:3b:b7:05:e4:17:8d:3c:67: be:62:fd:c4:d5:56:2d:3d:f9:ab:35:13:7a:3b:3f: 5b:95:84:d8:66:d4:b1:0e:b1:a9:2a:23:92:4a:58: b3:15:6f:68:e3:06:0d:10:f6:94:6a:9c:f7:8d:0f: 47:04:e6:75:98:80:06:54:d3:40:59:d7:95:d4:21: 1d:2f:b7:c2:bd:5c:f7:a6:fc:e9:a7:ce:7d:06:2a: ea:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:AA:09:D6:39:3A:CA:47:80:D1:CB:D7:5F:72:00:7E:4F:AB:70:76 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS154385.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.252.237.0/24 Signature Algorithm: sha256WithRSAEncryption 17:aa:de:01:5b:a1:db:a4:b0:1c:f9:ba:5c:40:ff:2b:ab:7c: 28:dd:95:1c:7b:e0:b6:f4:16:12:81:ef:0b:f1:43:18:ab:5b: 04:d4:c1:e8:7c:60:11:ec:c7:04:77:ab:28:e2:97:17:e6:8e: 06:e4:fe:e8:1e:a5:48:60:41:9e:4c:10:da:25:81:54:bf:2d: 96:ac:f4:db:99:a4:aa:9e:3c:a0:75:62:9c:3b:55:e1:38:1a: d8:5f:64:58:a1:63:38:34:70:54:16:81:99:d6:17:40:61:c9: ba:c5:44:c7:d1:9d:51:34:04:55:b1:b3:9d:e1:11:5c:24:d1: 83:28:0f:1a:ea:14:de:d7:69:e0:c0:2a:8b:1f:e1:68:04:b2: d4:a4:4c:d3:42:6d:60:00:f9:07:e5:88:33:80:1d:1b:94:4c: 97:f5:36:0d:9d:26:b2:41:86:60:7e:5e:86:69:b6:19:3f:c3: 1b:c5:fc:40:68:45:0b:fc:c3:d7:ff:32:82:df:26:22:44:12: 83:61:c2:c1:60:3c:88:82:cf:b1:28:0e:33:68:42:a6:91:27: 3f:90:56:fd:d3:0e:e0:79:af:5c:17:6a:e5:b2:0d:a3:8f:04: 37:ee:6c:ae:b9:c7:0b:80:db:15:3b:35:89:eb:48:64:50:e2: da:e6:42:35 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUQ2FjNjjoJ+nAhP3XrOK09AJ7g/4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MTEyMTEwNTQ1OFoX DTI2MTEyMDEwNTk1OFowMzExMC8GA1UEAxMoMzdBQTA5RDYzOTNBQ0E0NzgwRDFD QkQ3NUY3MjAwN0U0RkFCNzA3NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANnXUk9jX65qVaS4kTxuIi8MNcsA3XG+3HEpHpReagJO1YC/9LZtoV1EpnOl TrXmRPXDplXAau2VF5A0L93zpicOEW5zvUzpIMKLVvYCGMt44w7g/itXWfM4dcPh 5mxj8qQqja5irsPc4UPygE24ZbMgvFFYYDTEYt/go2HU9kTNthNh3Vfx4gV/N2RG HCv6+FNmUoqFpdnyVOGRj2s5bA85B1dmDgk+6FWLDju3BeQXjTxnvmL9xNVWLT35 qzUTejs/W5WE2GbUsQ6xqSojkkpYsxVvaOMGDRD2lGqc940PRwTmdZiABlTTQFnX ldQhHS+3wr1c96b86afOfQYq6rECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQ3qgnW OTrKR4DRy9dfcgB+T6twdjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1NDM4NS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAIr87TANBgkqhkiG9w0BAQsFAAOCAQEAF6reAVuh26SwHPm6XED/ K6t8KN2VHHvgtvQWEoHvC/FDGKtbBNTB6HxgEezHBHerKOKXF+aOBuT+6B6lSGBB nkwQ2iWBVL8tlqz025mkqp48oHVinDtV4Tga2F9kWKFjODRwVBaBmdYXQGHJusVE x9GdUTQEVbGzneERXCTRgygPGuoU3tdp4MAqix/haASy1KRM00JtYAD5B+WIM4Ad G5RMl/U2DZ0mskGGYH5ehmm2GT/DG8X8QGhFC/zD1/8ygt8mIkQSg2HCwWA8iILP sSgOM2hCppEnP5BW/dMO4HmvXBdq5bINo48EN+5srrnHC4DbFTs1ietIZFDi2uZC NQ== -----END CERTIFICATE-----Generated at Sat Dec 6 12:54:18 2025 by rpki-client