This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152394.roa File: AS152394.roa (raw, json) Hash identifier: sAIa5ODgvlYyBLGO6RYHdCZmnqjNUn7Sm2t92zQAHPs= Subject key identifier: 85:F5:3B:7A:F3:7A:F3:20:4C:CB:81:B9:3D:90:DE:06:7D:F6:9A:37 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 74754440F6B21C08F070D8C29553A5B9456EB89B Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152394.roa Signing time: Fri 23 Jan 2026 04:00:00 +0000 ROA not before: Fri 23 Jan 2026 03:55:00 +0000 ROA not after: Fri 22 Jan 2027 04:00:00 +0000 asID: 152394 IP address blocks: 2001:df3:98c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 28 Jan 2026 14:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:75:44:40:f6:b2:1c:08:f0:70:d8:c2:95:53:a5:b9:45:6e:b8:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 23 03:55:00 2026 GMT Not After : Jan 22 04:00:00 2027 GMT Subject: CN=85F53B7AF37AF3204CCB81B93D90DE067DF69A37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:ff:a4:e5:d3:c0:dc:85:6f:b5:7d:2c:0a:e2: 6c:be:1d:d8:b7:fc:62:50:e5:c4:3d:7a:2e:94:63: b0:33:f9:8e:64:9c:3a:ec:a6:06:37:8c:48:39:e3: f7:d5:7c:9f:72:21:39:5d:ca:32:bb:c7:30:27:0a: a7:e4:91:bd:99:16:b7:da:5e:66:ee:e6:63:3c:d9: 55:1f:4e:18:6c:ec:e6:6f:1c:a8:ae:2a:ba:cc:91: 28:6f:22:56:6e:e5:63:12:1c:3c:2e:f3:7e:62:f2: 79:c0:04:da:38:2b:9c:5d:de:c7:54:5c:e4:c1:2f: 1a:20:84:50:47:16:1b:de:cf:b9:7a:b1:b2:79:34: ca:36:e8:37:28:b5:9f:9a:86:a8:4f:67:2c:9a:09: a0:9e:ee:d0:bb:29:08:34:1b:62:35:a1:11:e1:57: c1:07:00:b3:b8:ad:08:c8:d4:58:2a:5f:18:ee:be: 36:36:d8:df:cf:f7:07:f6:37:95:a3:da:82:0b:80: 3c:72:9d:d0:98:6b:c9:02:cc:27:f8:3a:d4:9b:f5: 96:ea:29:6d:02:f5:a5:a8:e3:df:67:ca:0d:3e:d2: 08:89:6d:07:fc:e6:7e:5a:e9:8f:07:47:59:28:b2: db:23:02:14:d4:66:a0:a7:e5:22:71:2a:66:c6:dd: 72:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:F5:3B:7A:F3:7A:F3:20:4C:CB:81:B9:3D:90:DE:06:7D:F6:9A:37 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152394.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:98c0::/48 Signature Algorithm: sha256WithRSAEncryption 7a:16:a6:21:00:8e:21:3f:67:43:ec:65:33:6c:d6:e9:57:7e: d9:7a:93:b0:ee:ad:8c:fe:91:95:eb:3a:40:52:a3:d7:4b:31: 9f:70:34:d5:c6:dd:7d:2b:de:5a:bb:f8:2b:8a:da:19:2c:50: ec:f7:ef:fc:0f:4f:fb:9e:8b:06:fd:67:f6:83:1c:ba:64:30: 99:7c:8c:b1:b2:30:28:9d:d4:b9:3f:73:1e:36:09:3a:5e:c7: cf:e5:76:da:58:3f:29:d2:19:09:76:b6:be:3a:42:69:e5:87: d9:61:7f:e5:80:06:ee:70:d9:09:06:a3:eb:a1:dd:14:7c:d0: 58:32:0d:76:3c:12:f7:8b:9c:68:b6:f0:5d:d5:b5:44:28:b5: ce:ae:a1:20:9c:03:8e:6d:92:d2:98:26:ef:c9:7e:2f:02:f6: e5:71:5d:d6:7b:1b:15:9b:c1:aa:fc:18:7c:27:44:13:27:db: cc:38:8d:94:71:93:9b:96:fa:8d:6b:c7:39:41:07:ee:41:75: 99:b6:f7:f9:dd:5d:4e:d9:2a:3d:87:57:fc:8a:e8:df:a9:ef: 16:0c:ec:e5:d6:e1:20:ba:f0:09:ba:fe:ef:e4:4c:1c:a3:0a: f1:f9:f7:66:93:d2:48:4f:a6:b3:1b:43:e2:99:a5:c4:93:d6: d3:de:ca:4a -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUdHVEQPayHAjwcNjClVOluUVuuJswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDEyMzAzNTUwMFoX DTI3MDEyMjA0MDAwMFowMzExMC8GA1UEAxMoODVGNTNCN0FGMzdBRjMyMDRDQ0I4 MUI5M0Q5MERFMDY3REY2OUEzNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALL/pOXTwNyFb7V9LAribL4d2Lf8YlDlxD16LpRjsDP5jmScOuymBjeMSDnj 99V8n3IhOV3KMrvHMCcKp+SRvZkWt9peZu7mYzzZVR9OGGzs5m8cqK4qusyRKG8i Vm7lYxIcPC7zfmLyecAE2jgrnF3ex1Rc5MEvGiCEUEcWG97PuXqxsnk0yjboNyi1 n5qGqE9nLJoJoJ7u0LspCDQbYjWhEeFXwQcAs7itCMjUWCpfGO6+NjbY38/3B/Y3 laPagguAPHKd0JhryQLMJ/g61Jv1luopbQL1pajj32fKDT7SCIltB/zmflrpjwdH WSiy2yMCFNRmoKflInEqZsbdcvUCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBSF9Tt6 83rzIEzLgbk9kN4GffaaNzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjM5NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfOYwDANBgkqhkiG9w0BAQsFAAOCAQEAehamIQCOIT9nQ+xl M2zW6Vd+2XqTsO6tjP6Rles6QFKj10sxn3A01cbdfSveWrv4K4raGSxQ7Pfv/A9P +56LBv1n9oMcumQwmXyMsbIwKJ3UuT9zHjYJOl7Hz+V22lg/KdIZCXa2vjpCaeWH 2WF/5YAG7nDZCQaj66HdFHzQWDINdjwS94ucaLbwXdW1RCi1zq6hIJwDjm2S0pgm 78l+LwL25XFd1nsbFZvBqvwYfCdEEyfbzDiNlHGTm5b6jWvHOUEH7kF1mbb3+d1d TtkqPYdX/Iro36nvFgzs5dbhILrwCbr+7+RMHKMK8fn3ZpPSSE+msxtD4pmlxJPW 097KSg== -----END CERTIFICATE-----Generated at Sun Jan 25 18:11:38 2026 by rpki-client