This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS133811.roa File: AS133811.roa (raw, json) Hash identifier: 6ChUzWNK771r0VE37GVEWOBZJ8DSj/jafMqsONsCnbc= Subject key identifier: 19:B0:18:92:33:4F:B3:00:0A:7C:BF:50:A6:35:45:90:D1:99:4B:C6 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1D030241519F5AA2F1B2758115751713E188179C Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS133811.roa Signing time: Tue 11 Nov 2025 06:00:14 +0000 ROA not before: Tue 11 Nov 2025 05:55:14 +0000 ROA not after: Tue 10 Nov 2026 06:00:14 +0000 asID: 133811 IP address blocks: 2406:ef40::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 15:57:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:03:02:41:51:9f:5a:a2:f1:b2:75:81:15:75:17:13:e1:88:17:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 11 05:55:14 2025 GMT Not After : Nov 10 06:00:14 2026 GMT Subject: CN=19B01892334FB3000A7CBF50A6354590D1994BC6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:c6:1a:32:d0:79:92:55:00:ab:49:53:b5:a6: b5:20:9c:5a:92:7e:69:4b:ba:56:9b:ba:2b:f0:5a: 77:08:15:2d:48:fb:61:30:0b:cb:1e:47:ae:80:6a: c8:a3:d5:e3:6d:66:6f:cd:d5:a4:46:36:28:1b:05: fe:05:73:30:9a:a9:ad:bb:3c:d0:6d:a2:df:ce:f2: cd:c8:53:29:24:80:59:f7:21:36:df:09:34:78:de: e7:a9:27:e0:ab:84:88:05:24:fe:4c:34:c7:fc:06: 2f:aa:a2:01:0b:9e:3d:c6:d9:cb:0e:0f:d6:b8:a4: 58:fa:a9:ca:6d:e4:15:8d:ee:b7:cc:b2:0f:4f:93: 2e:79:7c:98:b0:e9:2a:30:76:f5:d4:1b:0a:1d:99: 64:4a:f4:91:fa:b9:90:6a:b5:63:79:cb:80:4d:f9: 8b:cf:36:df:b9:b4:54:25:3e:34:51:26:35:9d:b8: b2:c7:64:8e:15:92:ce:0f:3e:b5:03:a5:2f:69:41: b7:e4:28:0d:83:8f:69:e9:3e:a2:14:28:eb:dd:c5: ac:ad:9c:54:6d:f4:0b:9c:ef:a6:a3:d5:cf:70:99: 09:af:aa:fc:77:df:51:28:0f:b9:b6:4e:e7:78:20: 76:e1:33:8a:c6:08:82:ff:43:cf:4e:25:6e:b9:a4: fc:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:B0:18:92:33:4F:B3:00:0A:7C:BF:50:A6:35:45:90:D1:99:4B:C6 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS133811.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:ef40::/32 Signature Algorithm: sha256WithRSAEncryption 5c:b4:9e:5a:61:43:88:27:af:78:b9:fe:78:aa:b2:d0:99:a9: d1:b2:5a:19:4f:91:79:a3:97:43:5f:74:a1:90:e2:63:ef:4b: bd:25:cb:f9:e4:7d:8c:2c:ff:05:40:28:32:28:1c:d9:03:c0: 07:11:46:26:3e:38:95:fc:31:71:cf:c2:c9:7a:e8:62:c2:17: 9a:89:b9:49:7c:47:43:4c:4f:10:c6:16:e2:0a:bc:74:63:46: 61:e4:e4:2c:2f:0e:18:da:65:62:1a:78:12:f9:06:f7:16:84: 69:9f:97:83:ec:19:f1:c1:61:5f:89:b0:af:d2:d3:f9:25:aa: 1e:1e:4c:26:0d:b3:35:b3:92:6b:81:9a:dc:c3:e5:61:be:3f: d3:65:f1:ed:a4:d3:0b:fe:72:93:ef:a6:5c:dd:27:5b:36:d7: 5d:d8:64:39:d0:62:a5:89:11:2e:01:c4:a8:ee:f1:e3:3a:9e: b3:33:36:95:88:cd:d5:ff:54:4e:0a:51:45:e2:c3:4a:f4:f6: 4f:bc:2a:38:15:b9:30:ba:99:12:96:9c:01:a5:f9:24:f6:64: 39:42:bc:7f:28:f9:de:ba:60:9b:29:7a:6e:4c:e2:de:a5:48: 82:fb:a7:cb:c7:c4:10:f6:0e:8f:3f:0d:bf:b8:3e:ca:f5:3b: 3d:b7:5f:22 -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIUHQMCQVGfWqLxsnWBFXUXE+GIF5wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTExMTA1NTUxNFoX DTI2MTExMDA2MDAxNFowMzExMC8GA1UEAxMoMTlCMDE4OTIzMzRGQjMwMDBBN0NC RjUwQTYzNTQ1OTBEMTk5NEJDNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKjGGjLQeZJVAKtJU7WmtSCcWpJ+aUu6Vpu6K/BadwgVLUj7YTALyx5HroBq yKPV421mb83VpEY2KBsF/gVzMJqprbs80G2i387yzchTKSSAWfchNt8JNHje56kn 4KuEiAUk/kw0x/wGL6qiAQuePcbZyw4P1rikWPqpym3kFY3ut8yyD0+TLnl8mLDp KjB29dQbCh2ZZEr0kfq5kGq1Y3nLgE35i88237m0VCU+NFEmNZ24ssdkjhWSzg8+ tQOlL2lBt+QoDYOPaek+ohQo693FrK2cVG30C5zvpqPVz3CZCa+q/HffUSgPubZO 53ggduEzisYIgv9Dz04lbrmk/EMCAwEAAaOCAdEwggHNMB0GA1UdDgQWBBQZsBiS M0+zAAp8v1CmNUWQ0ZlLxjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzMzgxMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQG70AwDQYJKoZIhvcNAQELBQADggEBAFy0nlphQ4gnr3i5/niq stCZqdGyWhlPkXmjl0NfdKGQ4mPvS70ly/nkfYws/wVAKDIoHNkDwAcRRiY+OJX8 MXHPwsl66GLCF5qJuUl8R0NMTxDGFuIKvHRjRmHk5CwvDhjaZWIaeBL5BvcWhGmf l4PsGfHBYV+JsK/S0/klqh4eTCYNszWzkmuBmtzD5WG+P9Nl8e2k0wv+cpPvplzd J1s2113YZDnQYqWJES4BxKju8eM6nrMzNpWIzdX/VE4KUUXiw0r09k+8KjgVuTC6 mRKWnAGl+ST2ZDlCvH8o+d66YJspem5M4t6lSIL7p8vHxBD2Do8/Db+4Psr1Oz23 XyI= -----END CERTIFICATE-----Generated at Sat Dec 6 22:51:35 2025 by rpki-client