This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153553.roa File: AS153553.roa (raw, json) Hash identifier: BniSvNZXCCdqjbzcJ/3xZndR0xYs459lQNrGBmpp1y8= Subject key identifier: E3:59:82:7E:43:80:8A:59:AC:71:12:F8:D3:84:C7:A2:49:4C:25:60 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 7619CB6D92AC65ADCC69CC1BFB8436CFC6CA8626 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153553.roa Signing time: Tue 20 Jan 2026 02:00:00 +0000 ROA not before: Tue 20 Jan 2026 01:55:00 +0000 ROA not after: Tue 19 Jan 2027 02:00:00 +0000 asID: 153553 IP address blocks: 161.248.164.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 24 Jan 2026 13:35:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:19:cb:6d:92:ac:65:ad:cc:69:cc:1b:fb:84:36:cf:c6:ca:86:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 20 01:55:00 2026 GMT Not After : Jan 19 02:00:00 2027 GMT Subject: CN=E359827E43808A59AC7112F8D384C7A2494C2560 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:2d:09:08:8b:9b:5a:3a:73:8d:52:72:72:8a: 25:e1:ef:b9:57:97:80:14:af:bf:6f:62:f8:5b:63: 88:90:0f:85:b4:30:04:1a:18:6c:ca:94:36:8a:46: 90:d8:6a:e0:1a:1a:f9:0f:fa:81:5c:b0:b5:c9:89: 63:15:50:9b:19:6c:75:1b:c9:eb:03:fb:6c:c1:31: 05:39:bd:d7:be:94:b6:1b:70:92:e3:b2:c2:37:65: cd:54:77:cd:f3:13:9d:7d:b1:9b:4a:92:a4:94:3c: 67:4e:5b:b7:32:21:bf:01:4c:b2:15:7d:5c:a3:05: 75:ab:08:68:ae:fc:54:85:61:d8:c5:70:39:96:92: 94:78:be:76:d5:95:95:f1:cf:b7:be:ed:ec:15:8c: ae:64:28:57:14:ed:30:de:29:8f:ca:f2:7f:3c:ca: c8:43:bd:46:c5:88:6d:77:33:b9:6a:8f:63:c6:f8: c1:16:21:8e:62:e8:80:61:3d:be:e9:16:24:ec:0c: 33:30:66:db:8d:d4:3b:bc:31:a6:ec:6c:7a:ea:f8: e5:7b:91:0f:c5:d6:c5:9b:22:6e:fb:e9:cf:6f:a1: 4e:ea:af:17:59:97:e3:a6:a7:46:26:2d:d0:1c:44: d9:e2:a3:d4:c8:01:98:69:29:e6:bc:4e:21:30:0a: 91:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:59:82:7E:43:80:8A:59:AC:71:12:F8:D3:84:C7:A2:49:4C:25:60 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153553.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 161.248.164.0/23 Signature Algorithm: sha256WithRSAEncryption 26:7a:5d:4e:be:6d:79:a8:b0:0c:27:e6:30:61:e9:83:1b:ca: e2:d8:7d:bd:43:9a:c9:66:d4:3e:e4:37:fa:f3:ae:61:65:93: e9:b4:a7:12:aa:8b:06:11:0f:eb:3e:b2:7a:24:32:43:34:b1: cf:e7:a0:f8:5a:48:26:a9:3e:2e:e5:cf:9f:31:dc:06:e3:79: ad:ba:0d:65:09:5c:c9:10:2f:23:b9:5a:9f:cf:7f:50:e4:70: 12:c5:76:3d:5c:3b:32:3c:d9:99:a7:63:06:28:d1:32:13:8b: fa:0c:87:e5:cd:47:0a:cc:ab:6e:12:de:4e:d8:cc:d7:fc:01: 92:57:fb:2b:b4:85:69:89:e2:4e:97:c4:0b:c7:d9:20:e3:98: 74:51:39:81:59:5d:5e:73:c2:3c:94:c7:8e:cd:25:53:dd:14: 71:ff:14:2a:4e:d2:f9:c3:ba:29:c9:c6:fe:88:2c:61:5e:2c: 64:e3:9d:51:4d:25:be:ed:7f:df:98:3f:c5:fb:95:c9:47:30: 12:63:2a:f5:9c:ee:7f:ea:ca:06:67:3b:1c:ae:a9:34:22:4f: d7:e9:d4:8a:c3:02:87:e5:53:89:6b:b3:d4:cc:c2:d0:ca:e0: 81:32:49:50:4c:93:5b:a6:df:fb:dd:13:d3:b9:30:e0:be:d7: 46:f8:ca:d8 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUdhnLbZKsZa3Macwb+4Q2z8bKhiYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEyMDAxNTUwMFoX DTI3MDExOTAyMDAwMFowMzExMC8GA1UEAxMoRTM1OTgyN0U0MzgwOEE1OUFDNzEx MkY4RDM4NEM3QTI0OTRDMjU2MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOYtCQiLm1o6c41ScnKKJeHvuVeXgBSvv29i+FtjiJAPhbQwBBoYbMqUNopG kNhq4Boa+Q/6gVywtcmJYxVQmxlsdRvJ6wP7bMExBTm9176UthtwkuOywjdlzVR3 zfMTnX2xm0qSpJQ8Z05btzIhvwFMshV9XKMFdasIaK78VIVh2MVwOZaSlHi+dtWV lfHPt77t7BWMrmQoVxTtMN4pj8ryfzzKyEO9RsWIbXczuWqPY8b4wRYhjmLogGE9 vukWJOwMMzBm243UO7wxpuxseur45XuRD8XWxZsibvvpz2+hTuqvF1mX46anRiYt 0BxE2eKj1MgBmGkp5rxOITAKkdcCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTjWYJ+ Q4CKWaxxEvjThMeiSUwlYDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzU1My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaH4pDANBgkqhkiG9w0BAQsFAAOCAQEAJnpdTr5teaiwDCfmMGHp gxvK4th9vUOayWbUPuQ3+vOuYWWT6bSnEqqLBhEP6z6yeiQyQzSxz+eg+FpIJqk+ LuXPnzHcBuN5rboNZQlcyRAvI7lan89/UORwEsV2PVw7MjzZmadjBijRMhOL+gyH 5c1HCsyrbhLeTtjM1/wBklf7K7SFaYniTpfEC8fZIOOYdFE5gVldXnPCPJTHjs0l U90Ucf8UKk7S+cO6KcnG/ogsYV4sZOOdUU0lvu1/35g/xfuVyUcwEmMq9Zzuf+rK Bmc7HK6pNCJP1+nUisMCh+VTiWuz1MzC0MrggTJJUEyTW6bf+90T07kw4L7XRvjK 2A== -----END CERTIFICATE-----Generated at Wed Jan 21 10:30:14 2026 by rpki-client