This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152411.roa File: AS152411.roa (raw, json) Hash identifier: 5Koc/947fpfTMr2S5ho1A7VD9eQF6/Nw4ddmtVBRnY8= Subject key identifier: 5A:2D:D8:6A:05:49:84:12:93:CA:93:63:D2:9E:13:E1:59:50:8B:FA Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 39F281A97842C3B4E942E7FB9C96FC1BCEA8EB61 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152411.roa Signing time: Tue 04 Nov 2025 09:00:00 +0000 ROA not before: Tue 04 Nov 2025 08:55:00 +0000 ROA not after: Tue 03 Nov 2026 09:00:00 +0000 asID: 152411 IP address blocks: 2001:df3:a1c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 15:57:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:f2:81:a9:78:42:c3:b4:e9:42:e7:fb:9c:96:fc:1b:ce:a8:eb:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 4 08:55:00 2025 GMT Not After : Nov 3 09:00:00 2026 GMT Subject: CN=5A2DD86A0549841293CA9363D29E13E159508BFA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:b3:a8:93:31:1e:ba:ed:f8:ef:73:9d:11:fa: 18:dd:76:9e:2e:fb:12:86:3f:29:af:22:e3:e0:8f: 6e:b8:40:85:a5:06:61:87:5d:42:27:3d:67:91:45: 52:02:37:8f:01:8e:33:f3:24:d4:72:9f:20:d6:1e: f9:fd:4b:ee:e6:06:2c:7a:1f:21:56:db:cd:25:36: 2e:09:4f:a7:04:30:82:77:5d:41:32:1c:18:5d:d2: 90:52:6e:5c:49:4c:e4:6a:fe:ce:9a:a4:5f:39:49: 8c:7b:fc:18:df:2c:2e:bb:e3:5c:9f:01:a1:9e:d5: d2:8d:76:41:6a:bb:c8:12:d7:03:be:94:c2:f8:35: 72:7b:31:34:4e:e5:fe:23:22:92:88:49:92:57:0d: e4:fe:87:38:a0:bb:2f:49:54:eb:a9:20:d1:62:d3: 42:cb:00:ac:55:e8:8e:1a:3f:3c:63:3b:89:84:be: 72:df:ce:eb:bd:2f:20:fd:b8:2d:ee:5a:4e:40:70: 46:da:37:23:03:3c:1f:41:b2:2c:e4:3e:55:d2:3c: 89:40:05:12:cd:6a:0a:b3:cd:bf:ee:52:cd:4c:61: b7:76:db:f2:a5:55:19:53:97:55:e8:4c:28:35:75: 7b:36:c7:ef:8d:aa:b8:c5:5d:1d:e6:5f:6c:70:5e: 40:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:2D:D8:6A:05:49:84:12:93:CA:93:63:D2:9E:13:E1:59:50:8B:FA X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152411.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:a1c0::/48 Signature Algorithm: sha256WithRSAEncryption 05:a4:be:12:71:81:5a:c3:63:94:c9:95:19:9d:43:4f:6c:22: bc:66:3f:de:0b:f0:03:4c:fa:2c:cc:23:0d:e1:4d:f5:d6:c7: 44:88:d4:5c:dd:d7:56:a0:16:64:a1:cc:7e:55:8b:2f:a4:37: 2a:64:7f:7b:cd:f3:cb:8d:35:c7:47:f1:64:a1:e4:2c:7f:78: 57:66:f8:5f:c3:e7:8e:23:1d:60:ef:17:68:58:46:6f:ca:0e: 28:a6:19:85:ab:3d:73:da:ed:b9:a0:75:12:75:7f:8b:ed:8e: 71:bf:24:a3:0c:3f:45:ea:d1:05:e9:d4:91:b2:d7:0c:35:90: 21:45:ea:dd:6f:ce:9c:b2:54:40:2d:ff:aa:01:9b:e1:75:f7: c1:ca:de:25:65:64:c0:07:94:55:2e:5d:9a:bd:49:1d:f7:25: 7e:d9:54:3f:04:20:b7:91:dc:34:8d:85:42:8e:c4:81:4d:44: 00:66:22:f5:8c:9f:d9:c6:80:be:1b:06:f2:6c:4e:67:2b:97: b7:ac:5e:d4:5e:53:3e:1e:fd:2b:dd:b9:a6:83:b4:ea:92:7b: 57:a4:69:d5:3b:d4:2d:56:55:ba:7f:a5:95:16:cf:7b:95:16: 77:2b:32:96:3f:13:04:5e:ef:36:8f:10:e2:7a:43:b5:f9:76: be:f5:45:7e -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUOfKBqXhCw7TpQuf7nJb8G86o62EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTEwNDA4NTUwMFoX DTI2MTEwMzA5MDAwMFowMzExMC8GA1UEAxMoNUEyREQ4NkEwNTQ5ODQxMjkzQ0E5 MzYzRDI5RTEzRTE1OTUwOEJGQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKCzqJMxHrrt+O9znRH6GN12ni77EoY/Ka8i4+CPbrhAhaUGYYddQic9Z5FF UgI3jwGOM/Mk1HKfINYe+f1L7uYGLHofIVbbzSU2LglPpwQwgnddQTIcGF3SkFJu XElM5Gr+zpqkXzlJjHv8GN8sLrvjXJ8BoZ7V0o12QWq7yBLXA76Uwvg1cnsxNE7l /iMikohJklcN5P6HOKC7L0lU66kg0WLTQssArFXojho/PGM7iYS+ct/O670vIP24 Le5aTkBwRto3IwM8H0GyLOQ+VdI8iUAFEs1qCrPNv+5SzUxht3bb8qVVGVOXVehM KDV1ezbH742quMVdHeZfbHBeQFsCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBRaLdhq BUmEEpPKk2PSnhPhWVCL+jAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjQxMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfOhwDANBgkqhkiG9w0BAQsFAAOCAQEABaS+EnGBWsNjlMmV GZ1DT2wivGY/3gvwA0z6LMwjDeFN9dbHRIjUXN3XVqAWZKHMflWLL6Q3KmR/e83z y401x0fxZKHkLH94V2b4X8PnjiMdYO8XaFhGb8oOKKYZhas9c9rtuaB1EnV/i+2O cb8koww/RerRBenUkbLXDDWQIUXq3W/OnLJUQC3/qgGb4XX3wcreJWVkwAeUVS5d mr1JHfclftlUPwQgt5HcNI2FQo7EgU1EAGYi9Yyf2caAvhsG8mxOZyuXt6xe1F5T Ph79K925poO06pJ7V6Rp1TvULVZVun+llRbPe5UWdysylj8TBF7vNo8Q4npDtfl2 vvVFfg== -----END CERTIFICATE-----Generated at Sun Dec 7 00:48:02 2025 by rpki-client