This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153111.roa File: AS153111.roa (raw, json) Hash identifier: y+fd+tCFgXXQ+DbM2p0d6/NlMgV4XfSs+LrIsKzTCQw= Subject key identifier: EC:5A:28:BA:AE:BE:C6:A8:BC:E2:C2:A1:43:A9:5C:EE:85:EA:82:9D Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 3FACAAE91C0758F63EBA88E21402F829377C681A Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153111.roa Signing time: Mon 17 Nov 2025 04:00:18 +0000 ROA not before: Mon 17 Nov 2025 03:55:18 +0000 ROA not after: Mon 16 Nov 2026 04:00:18 +0000 asID: 153111 IP address blocks: 160.25.244.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 11:07:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:ac:aa:e9:1c:07:58:f6:3e:ba:88:e2:14:02:f8:29:37:7c:68:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Nov 17 03:55:18 2025 GMT Not After : Nov 16 04:00:18 2026 GMT Subject: CN=EC5A28BAAEBEC6A8BCE2C2A143A95CEE85EA829D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:98:ad:cb:87:1b:ff:7f:dc:f0:a2:4a:7c:22: bf:54:77:86:97:9b:b0:99:1c:84:52:d6:58:bb:d6: f9:74:72:31:99:94:f0:7f:61:81:db:a5:c7:c6:20: 1e:a3:7d:40:6b:ff:a4:a3:25:c6:6d:e6:e5:d0:f4: c5:2b:a0:25:71:f1:be:28:b7:79:b2:d0:af:34:ae: 30:e1:89:cb:8a:7b:f7:83:33:20:25:58:ba:47:9e: fc:10:d7:81:79:70:b7:c8:3c:a3:6b:ab:86:91:ea: 61:24:eb:92:73:e9:12:dc:76:97:15:b8:fa:c3:96: 5a:b5:f6:91:ef:6f:1c:78:a1:a2:b7:e9:c6:11:89: a2:bf:32:a1:44:c5:0a:47:94:ea:10:e6:4d:d2:58: 9c:75:7f:f0:26:da:fa:a6:60:a8:2e:42:bf:4f:3a: 51:f8:6f:4d:01:03:f1:e8:57:73:1a:a5:af:48:c9: a3:59:ac:b1:e9:fc:14:8b:50:70:f7:0e:57:5b:5d: df:0d:dd:7f:39:3b:3f:5a:c8:5a:9b:77:0f:d2:c2: 70:9d:70:b6:90:58:4b:ac:71:12:87:2f:d2:e8:8c: d0:81:95:42:55:1c:c4:f6:3e:4b:8b:52:2f:ae:00: 2d:c3:ac:1d:81:48:a9:31:77:76:e6:0a:f7:79:4e: 87:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:5A:28:BA:AE:BE:C6:A8:BC:E2:C2:A1:43:A9:5C:EE:85:EA:82:9D X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153111.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.244.0/23 Signature Algorithm: sha256WithRSAEncryption 68:8d:e2:91:fb:f8:e6:04:44:01:8c:6a:e5:cb:87:9c:19:cf: 5c:4f:3a:c8:06:d1:5b:19:99:b8:8f:44:8f:47:0c:84:e4:b6: 91:a2:02:fa:a2:dc:ce:77:63:b1:79:a0:39:cb:73:63:db:8d: f2:a3:40:a1:85:f0:67:1e:f0:ca:2b:02:9e:7a:c2:c4:dc:3f: c1:1b:fe:62:bf:e3:d7:c5:96:d4:e3:ba:e7:65:2a:b7:7f:5a: fa:cc:d9:0e:ba:ca:70:51:67:08:52:78:cd:16:0a:06:08:34: 91:1e:12:7e:a6:c2:39:ee:ec:e8:59:be:7a:eb:8c:87:9d:7d: 99:54:88:92:8b:4e:34:5b:c5:28:ee:0c:a2:11:bc:98:4b:dd: 24:57:5e:92:db:54:1b:9d:00:4b:b2:08:e5:23:e6:92:31:ab: d2:4d:d7:99:2f:9e:0e:f6:69:47:a7:b7:ab:dd:91:e0:ef:af: b2:89:36:37:5d:67:7a:0f:8f:0d:b7:43:f2:37:7e:8f:67:83: 49:0e:ea:27:9d:a6:6e:a6:ee:0a:88:44:31:d9:ff:ba:ef:46: 88:e7:0d:a5:34:4c:02:d7:ee:32:60:a0:a3:e3:6f:ad:8b:4c: b3:90:e2:7d:6d:82:15:9a:80:06:4e:04:02:c8:f1:6c:50:fe: a5:da:a6:59 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUP6yq6RwHWPY+uojiFAL4KTd8aBowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MTExNzAzNTUxOFoX DTI2MTExNjA0MDAxOFowMzExMC8GA1UEAxMoRUM1QTI4QkFBRUJFQzZBOEJDRTJD MkExNDNBOTVDRUU4NUVBODI5RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKeYrcuHG/9/3PCiSnwiv1R3hpebsJkchFLWWLvW+XRyMZmU8H9hgdulx8Yg HqN9QGv/pKMlxm3m5dD0xSugJXHxvii3ebLQrzSuMOGJy4p794MzICVYukee/BDX gXlwt8g8o2urhpHqYSTrknPpEtx2lxW4+sOWWrX2ke9vHHihorfpxhGJor8yoUTF CkeU6hDmTdJYnHV/8Cba+qZgqC5Cv086UfhvTQED8ehXcxqlr0jJo1mssen8FItQ cPcOV1td3w3dfzk7P1rIWpt3D9LCcJ1wtpBYS6xxEocv0uiM0IGVQlUcxPY+S4tS L64ALcOsHYFIqTF3duYK93lOh3MCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTsWii6 rr7GqLziwqFDqVzuheqCnTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzExMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaAZ9DANBgkqhkiG9w0BAQsFAAOCAQEAaI3ikfv45gREAYxq5cuH nBnPXE86yAbRWxmZuI9Ej0cMhOS2kaIC+qLczndjsXmgOctzY9uN8qNAoYXwZx7w yisCnnrCxNw/wRv+Yr/j18WW1OO652Uqt39a+szZDrrKcFFnCFJ4zRYKBgg0kR4S fqbCOe7s6Fm+euuMh519mVSIkotONFvFKO4MohG8mEvdJFdekttUG50AS7II5SPm kjGr0k3XmS+eDvZpR6e3q92R4O+vsok2N11neg+PDbdD8jd+j2eDSQ7qJ52mbqbu CohEMdn/uu9GiOcNpTRMAtfuMmCgo+NvrYtMs5DifW2CFZqABk4EAsjxbFD+pdqm WQ== -----END CERTIFICATE-----Generated at Wed Dec 3 16:39:36 2025 by rpki-client