This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153141.roa File: AS153141.roa (raw, json) Hash identifier: jzB5do7cEc0qkaoA5hTVrQMO4FaovCxL40/cV1oDBLc= Subject key identifier: 67:A8:AB:E1:74:E6:79:24:02:D0:4D:2F:ED:B9:42:FD:0D:0E:6D:F7 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 707D19A3C417234750C7462E11560E3683E91CB4 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153141.roa Signing time: Thu 08 Jan 2026 11:00:09 +0000 ROA not before: Thu 08 Jan 2026 10:55:09 +0000 ROA not after: Thu 07 Jan 2027 11:00:09 +0000 asID: 153141 IP address blocks: 160.191.130.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 24 Jan 2026 13:35:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:7d:19:a3:c4:17:23:47:50:c7:46:2e:11:56:0e:36:83:e9:1c:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:09 2026 GMT Not After : Jan 7 11:00:09 2027 GMT Subject: CN=67A8ABE174E6792402D04D2FEDB942FD0D0E6DF7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:cf:eb:4d:22:0b:e1:fb:dd:e2:cb:3e:7d:da: cc:aa:ff:22:ad:c9:75:ea:46:73:1e:8d:47:96:e5: 36:3a:d7:d4:22:98:27:89:cd:33:65:65:87:9e:df: e1:04:aa:0f:80:8e:40:94:38:6f:bc:df:1a:ea:ec: f6:25:5f:03:88:0d:35:d7:50:0f:da:57:6b:d9:d9: c2:fd:d3:dd:54:9a:31:3e:bb:19:27:5e:a7:23:b8: 0b:cf:d4:fc:b6:85:89:a7:d6:82:df:0d:1c:b5:15: f9:0a:ef:3e:aa:0e:6f:e9:57:cb:52:c4:5f:80:6a: a2:32:09:ab:d0:5a:c6:0d:a0:be:b9:5b:8c:62:4d: 78:df:1d:2a:2a:4f:b9:b8:dc:39:b3:07:a6:8d:51: f7:2e:be:7a:a1:c4:98:14:f1:57:32:79:dc:33:78: 4b:89:5b:b9:d8:fb:b2:c0:57:46:2f:64:99:01:1c: e8:2a:d8:5e:5b:d8:15:6a:ee:ed:79:22:70:fb:33: b1:a9:a6:5e:24:4a:15:42:70:a9:ac:e4:94:4f:4c: 64:6f:3c:7e:fe:21:85:6f:2d:3a:b0:71:c0:6a:94: d2:de:c7:aa:0a:7e:4f:de:74:f5:68:83:71:56:58: 4f:9e:4e:73:0b:25:d3:3d:81:45:aa:fa:bb:ae:27: b2:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:A8:AB:E1:74:E6:79:24:02:D0:4D:2F:ED:B9:42:FD:0D:0E:6D:F7 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153141.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.191.130.0/23 Signature Algorithm: sha256WithRSAEncryption 21:14:33:f7:c4:1a:7c:23:09:d3:ed:c2:d7:2a:6d:b1:38:7f: 66:55:1b:6d:ff:ee:2d:8d:44:fb:f7:f3:60:58:ee:e0:93:14: e0:2e:59:aa:72:94:4f:88:42:dc:9c:0a:47:04:6a:ad:ef:16: 9a:17:fa:3d:9a:f8:0e:32:f5:f2:6c:b3:83:45:cc:03:d7:a5: e4:3d:fe:58:7d:8c:f9:c3:e8:05:e5:8f:07:70:59:f5:fa:f7: a0:65:79:7f:7d:f0:10:35:07:34:92:d0:b3:e0:19:b7:d0:53: 2e:55:94:39:12:79:58:db:75:21:c1:3e:c3:6b:fc:a7:d8:29: cb:de:f1:5d:5b:18:0c:6e:0b:73:ad:3d:f1:43:8b:8c:6b:48: 2e:e1:1d:ea:40:d6:ba:cb:c9:6a:c9:f2:cd:b4:9d:84:99:6a: 8b:93:17:1e:b0:0b:e4:8e:65:37:fe:57:9e:9b:f8:0e:80:64: 61:b7:28:94:2c:87:27:a5:6b:03:78:d4:a6:ca:b2:65:4a:28: 0f:6c:7d:1a:aa:30:35:3a:c8:75:84:65:bf:6a:ce:31:b7:89: ee:b8:01:78:f3:a7:ec:94:27:fe:9e:ac:0e:f0:f9:c6:23:8f: 39:92:89:6b:c7:97:e2:f3:0c:e8:33:11:e8:85:4a:55:c2:9a: 5c:86:25:d3 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUcH0Zo8QXI0dQx0YuEVYONoPpHLQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwOVoX DTI3MDEwNzExMDAwOVowMzExMC8GA1UEAxMoNjdBOEFCRTE3NEU2NzkyNDAyRDA0 RDJGRURCOTQyRkQwRDBFNkRGNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAODP600iC+H73eLLPn3azKr/Iq3JdepGcx6NR5blNjrX1CKYJ4nNM2Vlh57f 4QSqD4COQJQ4b7zfGurs9iVfA4gNNddQD9pXa9nZwv3T3VSaMT67GSdepyO4C8/U /LaFiafWgt8NHLUV+QrvPqoOb+lXy1LEX4BqojIJq9Baxg2gvrlbjGJNeN8dKipP ubjcObMHpo1R9y6+eqHEmBTxVzJ53DN4S4lbudj7ssBXRi9kmQEc6CrYXlvYFWru 7XkicPszsammXiRKFUJwqazklE9MZG88fv4hhW8tOrBxwGqU0t7Hqgp+T9509WiD cVZYT55Ocwsl0z2BRar6u64nstcCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRnqKvh dOZ5JALQTS/tuUL9DQ5t9zAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzE0MS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaC/gjANBgkqhkiG9w0BAQsFAAOCAQEAIRQz98QafCMJ0+3C1ypt sTh/ZlUbbf/uLY1E+/fzYFju4JMU4C5ZqnKUT4hC3JwKRwRqre8Wmhf6PZr4DjL1 8myzg0XMA9el5D3+WH2M+cPoBeWPB3BZ9fr3oGV5f33wEDUHNJLQs+AZt9BTLlWU ORJ5WNt1IcE+w2v8p9gpy97xXVsYDG4Lc6098UOLjGtILuEd6kDWusvJasnyzbSd hJlqi5MXHrAL5I5lN/5Xnpv4DoBkYbcolCyHJ6VrA3jUpsqyZUooD2x9GqowNTrI dYRlv2rOMbeJ7rgBePOn7JQn/p6sDvD5xiOPOZKJa8eX4vMM6DMR6IVKVcKaXIYl 0w== -----END CERTIFICATE-----Generated at Wed Jan 21 10:30:34 2026 by rpki-client