This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153155.roa File: AS153155.roa (raw, json) Hash identifier: i0ii8LaZR1uTE1MvC0TjdMYvKPl9lB3Bi7W4FW39RzA= Subject key identifier: 3A:2A:1F:E6:F2:C2:93:51:AE:AF:32:7D:EB:25:8B:EA:D8:6A:37:9C Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 47E268A80967957B9FC0A0A162E8095A972A1E77 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153155.roa Signing time: Thu 08 Jan 2026 11:00:01 +0000 ROA not before: Thu 08 Jan 2026 10:55:01 +0000 ROA not after: Thu 07 Jan 2027 11:00:01 +0000 asID: 153155 IP address blocks: 160.191.192.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 24 Jan 2026 13:35:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:e2:68:a8:09:67:95:7b:9f:c0:a0:a1:62:e8:09:5a:97:2a:1e:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:01 2026 GMT Not After : Jan 7 11:00:01 2027 GMT Subject: CN=3A2A1FE6F2C29351AEAF327DEB258BEAD86A379C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:11:ec:0c:c6:2f:cb:f7:81:94:cf:27:11:6a: d9:f1:e0:0b:6a:fc:8b:14:2d:c2:5d:a7:1b:ba:67: e3:9f:c6:26:c9:3f:d7:96:63:35:10:89:36:42:93: b3:60:5a:fb:65:3e:d3:44:a8:c5:5f:d1:72:45:96: 67:4e:5b:bf:17:e1:61:43:23:af:58:2c:9e:52:55: 12:0f:23:ee:89:bf:c0:4f:79:5a:b1:18:8b:83:71: aa:13:72:c2:86:26:72:30:c2:1f:08:be:b7:65:5d: b0:9a:fc:b6:8e:b6:27:c4:d0:1b:27:dd:38:9d:e2: 49:43:cd:78:19:0d:cf:e8:d0:d9:79:a0:3e:11:31: 59:dd:2d:40:c0:56:cd:11:9a:ce:ce:cb:99:e5:29: 44:8c:55:a4:ad:55:95:44:83:7c:b4:3d:7e:74:9e: b5:b3:69:ff:ae:dc:f7:41:2b:b5:8c:35:bd:ec:d0: c3:cf:83:bd:e9:7b:2b:9b:6a:ee:2d:7c:aa:91:7b: 88:a8:a0:30:cf:11:f4:ce:13:3b:13:27:3c:86:0a: b1:f8:67:d1:f5:45:55:0d:ee:f3:cf:17:c1:12:dd: c9:da:09:51:ca:75:11:39:83:0e:53:c8:96:14:ec: 8c:84:41:d3:ca:b5:79:68:b1:b4:15:43:88:7b:69: dc:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:2A:1F:E6:F2:C2:93:51:AE:AF:32:7D:EB:25:8B:EA:D8:6A:37:9C X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153155.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.191.192.0/23 Signature Algorithm: sha256WithRSAEncryption 7f:33:78:4a:6f:61:9a:8b:9d:78:c1:1d:ad:e6:87:b5:7f:7e: 2e:4f:31:01:cd:26:38:37:ae:62:87:fb:24:c0:f6:71:c0:87: 2c:f4:4d:3d:27:53:19:9f:65:28:30:49:4b:09:61:eb:8b:19: f4:df:21:06:52:7f:37:29:11:7c:fa:59:63:47:fd:4c:75:1c: 98:16:fd:0c:3d:07:b9:d5:0a:d3:50:f4:2d:d8:ab:4e:09:51: 30:ec:5d:57:64:2b:e6:4a:a9:78:74:43:06:0e:23:55:88:eb: 4e:26:ce:fb:df:c6:f7:3f:05:80:92:26:7e:89:30:f5:f3:bc: c1:7e:10:c5:b3:02:2c:8e:78:8d:94:8d:e6:39:f5:13:2f:74: 3d:4f:22:05:3d:e2:61:9f:34:6a:ff:74:2a:88:3b:d9:32:b7: 70:f0:43:2a:f8:ad:bf:85:c5:91:7f:3c:84:2f:be:c3:75:ee: 9b:4d:28:ed:20:01:af:4b:87:f6:96:5c:21:53:df:e9:81:32: 20:22:67:41:1c:15:a3:7c:2f:ea:53:e9:70:77:88:79:15:8b: da:a0:f7:27:9d:fc:4b:cd:9a:b2:b6:c9:c3:69:cd:07:ea:35: 9b:39:6c:13:5f:a8:4d:59:e1:b4:e8:e7:4a:07:2f:3b:c2:df: 48:f2:2b:0d -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUR+JoqAlnlXufwKChYugJWpcqHncwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwMVoX DTI3MDEwNzExMDAwMVowMzExMC8GA1UEAxMoM0EyQTFGRTZGMkMyOTM1MUFFQUYz MjdERUIyNThCRUFEODZBMzc5QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPAR7AzGL8v3gZTPJxFq2fHgC2r8ixQtwl2nG7pn45/GJsk/15ZjNRCJNkKT s2Ba+2U+00SoxV/RckWWZ05bvxfhYUMjr1gsnlJVEg8j7om/wE95WrEYi4NxqhNy woYmcjDCHwi+t2VdsJr8to62J8TQGyfdOJ3iSUPNeBkNz+jQ2XmgPhExWd0tQMBW zRGazs7LmeUpRIxVpK1VlUSDfLQ9fnSetbNp/67c90ErtYw1vezQw8+Dvel7K5tq 7i18qpF7iKigMM8R9M4TOxMnPIYKsfhn0fVFVQ3u888XwRLdydoJUcp1ETmDDlPI lhTsjIRB08q1eWixtBVDiHtp3H0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQ6Kh/m 8sKTUa6vMn3rJYvq2Go3nDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzE1NS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaC/wDANBgkqhkiG9w0BAQsFAAOCAQEAfzN4Sm9hmoudeMEdreaH tX9+Lk8xAc0mODeuYof7JMD2ccCHLPRNPSdTGZ9lKDBJSwlh64sZ9N8hBlJ/NykR fPpZY0f9THUcmBb9DD0HudUK01D0LdirTglRMOxdV2Qr5kqpeHRDBg4jVYjrTibO +9/G9z8FgJImfokw9fO8wX4QxbMCLI54jZSN5jn1Ey90PU8iBT3iYZ80av90Kog7 2TK3cPBDKvitv4XFkX88hC++w3Xum00o7SABr0uH9pZcIVPf6YEyICJnQRwVo3wv 6lPpcHeIeRWL2qD3J538S82asrbJw2nNB+o1mzlsE1+oTVnhtOjnSgcvO8LfSPIr DQ== -----END CERTIFICATE-----Generated at Wed Jan 21 10:30:34 2026 by rpki-client