This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138064.roa File: AS138064.roa (raw, json) Hash identifier: nCO3kfTgqZ5ETVRz/e17KUMFHCu7YRzC2gTz8L058e8= Subject key identifier: E7:28:23:12:3F:94:24:1B:10:47:33:8D:75:BA:38:C8:55:DD:C1:CD Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2971EC07788E6D4535CE45D15255E113DDE2426E Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138064.roa Signing time: Tue 11 Nov 2025 06:00:26 +0000 ROA not before: Tue 11 Nov 2025 05:55:26 +0000 ROA not after: Tue 10 Nov 2026 06:00:26 +0000 asID: 138064 IP address blocks: 103.122.64.0/22 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 15:57:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:71:ec:07:78:8e:6d:45:35:ce:45:d1:52:55:e1:13:dd:e2:42:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 11 05:55:26 2025 GMT Not After : Nov 10 06:00:26 2026 GMT Subject: CN=E72823123F94241B1047338D75BA38C855DDC1CD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:e3:3d:b7:1f:d4:b5:5a:3a:fd:26:87:54:fe: 0a:7f:af:6f:88:d0:3c:8b:30:56:8a:1d:58:e4:82: e9:f5:16:59:b4:42:7f:c6:4c:ac:30:16:30:e0:2c: c1:7e:18:b8:44:bb:86:16:48:11:da:cb:f9:60:9c: cd:29:06:fe:24:11:81:da:b6:46:dc:ee:ca:b0:8d: b8:cd:a8:64:f4:41:4b:28:65:3b:ce:1d:61:00:84: 2c:6e:63:55:1f:9f:02:11:06:c0:90:f7:bb:c6:56: 02:e5:8d:fb:3b:7b:d2:57:e0:c7:d8:ae:5f:39:25: 5e:17:f2:09:ec:4c:b2:1e:c5:8c:f1:4b:5d:68:82: 33:8b:83:02:2b:b1:62:7c:8e:74:b0:c7:ab:5a:1a: 41:d0:a9:9d:b6:a1:6b:98:9a:3b:3b:68:64:0a:46: 49:88:31:e2:37:58:62:78:f7:2f:12:cd:53:e1:ce: 4c:09:6c:89:bf:a9:b0:ff:bf:e8:56:3e:e0:55:f0: 07:1f:10:fe:82:f9:8a:e3:09:80:0b:9d:77:97:d7: b6:90:31:db:f5:a1:0b:93:10:23:d9:04:3f:47:62: 4a:01:23:3a:86:55:1f:5a:be:2d:ff:67:0d:8f:0e: 75:94:37:93:23:a0:76:06:0f:b9:80:6c:f2:54:8f: eb:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:28:23:12:3F:94:24:1B:10:47:33:8D:75:BA:38:C8:55:DD:C1:CD X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138064.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.122.64.0/22 Signature Algorithm: sha256WithRSAEncryption 6d:75:de:4e:f4:d9:24:b6:d2:71:8c:a8:ab:67:76:5e:c2:20: 9b:44:2e:58:b1:3b:7e:32:64:d0:92:45:47:a9:64:4d:67:13: 28:70:c3:30:03:ab:0b:b5:21:03:05:a6:5a:1a:86:92:14:62: 41:89:03:46:3b:93:1f:f3:80:42:d4:51:2b:94:80:a2:ce:56: cd:29:11:59:ea:d1:51:ed:86:9d:87:1e:e7:40:f8:ef:ba:f8: c4:af:f2:60:77:0f:43:ef:32:7a:43:6c:ab:5a:70:ff:85:ae: 00:a0:a0:4d:1f:a3:f2:a7:be:69:50:c0:52:97:b6:db:85:67: 34:90:e7:35:66:4a:cc:0b:d3:35:ec:98:d1:90:59:6a:c6:7e: 4a:08:6f:6f:f0:33:72:c3:a8:de:b3:a0:f4:4f:57:28:dc:1c: 1c:44:f3:5d:ef:23:4e:7a:2a:0a:95:a1:05:c0:5a:e2:70:dd: a2:6b:c4:1d:d4:e0:75:7e:bc:08:06:23:9e:e1:ed:94:3d:76: 20:31:fd:54:39:e3:7d:b9:03:d1:68:18:90:57:2d:3d:89:bb: 12:33:79:ac:3b:81:71:98:cd:e4:2b:c5:03:a9:61:fa:0d:3b: 7f:3f:43:12:7b:e3:21:85:ff:d5:25:e8:36:3b:25:f8:a3:85: a3:e9:57:d7 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUKXHsB3iObUU1zkXRUlXhE93iQm4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTExMTA1NTUyNloX DTI2MTExMDA2MDAyNlowMzExMC8GA1UEAxMoRTcyODIzMTIzRjk0MjQxQjEwNDcz MzhENzVCQTM4Qzg1NUREQzFDRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM/jPbcf1LVaOv0mh1T+Cn+vb4jQPIswVoodWOSC6fUWWbRCf8ZMrDAWMOAs wX4YuES7hhZIEdrL+WCczSkG/iQRgdq2RtzuyrCNuM2oZPRBSyhlO84dYQCELG5j VR+fAhEGwJD3u8ZWAuWN+zt70lfgx9iuXzklXhfyCexMsh7FjPFLXWiCM4uDAiux YnyOdLDHq1oaQdCpnbaha5iaOztoZApGSYgx4jdYYnj3LxLNU+HOTAlsib+psP+/ 6FY+4FXwBx8Q/oL5iuMJgAudd5fXtpAx2/WhC5MQI9kEP0diSgEjOoZVH1q+Lf9n DY8OdZQ3kyOgdgYPuYBs8lSP68ECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTnKCMS P5QkGxBHM411ujjIVd3BzTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzODA2NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAmd6QDANBgkqhkiG9w0BAQsFAAOCAQEAbXXeTvTZJLbScYyoq2d2 XsIgm0QuWLE7fjJk0JJFR6lkTWcTKHDDMAOrC7UhAwWmWhqGkhRiQYkDRjuTH/OA QtRRK5SAos5WzSkRWerRUe2GnYce50D477r4xK/yYHcPQ+8yekNsq1pw/4WuAKCg TR+j8qe+aVDAUpe224VnNJDnNWZKzAvTNeyY0ZBZasZ+Sghvb/AzcsOo3rOg9E9X KNwcHETzXe8jTnoqCpWhBcBa4nDdomvEHdTgdX68CAYjnuHtlD12IDH9VDnjfbkD 0WgYkFctPYm7EjN5rDuBcZjN5CvFA6lh+g07fz9DEnvjIYX/1SXoNjsl+KOFo+lX 1w== -----END CERTIFICATE-----Generated at Sun Dec 7 02:22:22 2025 by rpki-client