This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149667.roa File: AS149667.roa (raw, json) Hash identifier: X2osExqyzkzST28ZI4U0a2S789JNgCyGveB8OQyoGhI= Subject key identifier: 7C:45:A5:3C:74:BE:29:B1:EC:80:82:16:4F:AA:B5:D0:3D:D8:2F:E7 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 0DF5064CB51D25685976EBDF29072FEF3F5DAC7F Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149667.roa Signing time: Wed 15 Oct 2025 04:00:00 +0000 ROA not before: Wed 15 Oct 2025 03:55:00 +0000 ROA not after: Wed 14 Oct 2026 04:00:00 +0000 asID: 149667 IP address blocks: 103.156.221.0/24 maxlen: 24 2401:da0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 12:07:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:f5:06:4c:b5:1d:25:68:59:76:eb:df:29:07:2f:ef:3f:5d:ac:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Oct 15 03:55:00 2025 GMT Not After : Oct 14 04:00:00 2026 GMT Subject: CN=7C45A53C74BE29B1EC8082164FAAB5D03DD82FE7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:09:d6:47:18:d5:17:1d:8e:15:fb:32:5a:f6: d5:4f:59:cb:7c:75:1a:cc:9a:ce:7b:04:20:ce:c3: 1d:c7:be:3e:6d:b6:83:41:88:5f:c4:a7:83:48:bc: 0f:ac:1b:a6:77:5c:fd:16:a2:f1:4d:f4:59:5d:b6: c4:cb:3b:05:eb:aa:80:aa:11:f8:7a:4e:65:24:ab: 30:6c:14:e7:7e:1c:53:1a:59:99:d4:3b:a8:41:e3: 30:bb:7a:3f:96:e3:28:30:71:df:18:60:94:b8:f0: f9:20:30:de:90:8a:9a:83:f2:96:e7:55:e9:f1:47: cf:7f:23:71:88:39:c3:51:a8:88:31:ea:54:b4:7a: fa:90:65:fa:4c:d4:f1:ad:84:6f:e3:9c:ba:bc:f0: b9:05:ec:ba:05:1a:a9:46:97:79:c9:e3:d8:88:0a: 87:8c:86:be:d1:39:de:3a:55:21:66:13:3a:37:28: f1:1a:36:26:c7:66:e9:8a:4f:0f:b7:6f:1b:37:20: 6d:bd:d5:7a:b2:38:a8:4e:ff:6f:1f:7b:dc:e1:52: d4:cd:7e:a0:60:85:da:c7:60:76:b4:23:ef:b5:34: 81:c3:f5:bb:e5:8d:c1:ed:0f:1e:04:75:63:47:d5: 6c:69:f5:3a:37:ef:3c:61:18:d0:c8:8b:25:95:4e: 73:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:45:A5:3C:74:BE:29:B1:EC:80:82:16:4F:AA:B5:D0:3D:D8:2F:E7 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149667.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.156.221.0/24 IPv6: 2401:da0::/32 Signature Algorithm: sha256WithRSAEncryption 64:d6:da:4a:56:1d:b5:00:f7:79:df:b0:8c:97:72:ef:9c:6e: ec:3a:1b:3d:a5:ac:94:8e:f8:d9:8e:c5:f0:30:4a:a4:77:a5: 3d:d5:15:e9:77:fa:94:aa:55:c9:f3:be:8e:a5:19:33:11:5d: 49:5d:25:ba:08:e8:d6:a0:52:39:d6:ba:83:b6:16:2d:00:2a: 0f:55:a2:aa:d5:09:43:3c:0c:b7:c6:10:d9:aa:fc:dc:f0:b8: b3:9c:69:e8:e2:fc:36:59:03:67:84:13:95:3b:ff:32:d3:66: 02:e3:0a:be:16:39:2a:50:ca:82:02:60:0d:c4:10:a5:35:31: f9:f5:fc:72:0a:04:59:b7:be:d2:e1:92:30:fe:c9:6a:a2:47: b2:d8:39:20:90:ee:da:25:c7:36:30:81:f8:35:02:65:d6:b8: 42:ec:54:d3:d6:4c:e9:80:e6:81:84:3f:7d:13:6c:81:7d:f3: 89:d6:dc:3c:4d:51:05:be:c4:b2:14:05:55:5f:6a:e3:d9:ba: ea:48:61:17:e4:6e:ca:70:d4:cd:52:c5:97:f5:a8:4a:b1:8e: 99:3b:cb:54:98:7a:9c:df:74:17:23:7d:d1:f6:9d:71:b1:7a: 2e:ac:9b:0f:9e:cc:32:7f:bc:fe:0d:f5:e2:82:20:a4:d7:11: fb:60:d0:18 -----BEGIN CERTIFICATE----- MIIE7DCCA9SgAwIBAgIUDfUGTLUdJWhZduvfKQcv7z9drH8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTAxNTAzNTUwMFoX DTI2MTAxNDA0MDAwMFowMzExMC8GA1UEAxMoN0M0NUE1M0M3NEJFMjlCMUVDODA4 MjE2NEZBQUI1RDAzREQ4MkZFNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKQJ1kcY1RcdjhX7Mlr21U9Zy3x1GsyaznsEIM7DHce+Pm22g0GIX8Sng0i8 D6wbpndc/Rai8U30WV22xMs7BeuqgKoR+HpOZSSrMGwU534cUxpZmdQ7qEHjMLt6 P5bjKDBx3xhglLjw+SAw3pCKmoPyludV6fFHz38jcYg5w1GoiDHqVLR6+pBl+kzU 8a2Eb+OcurzwuQXsugUaqUaXecnj2IgKh4yGvtE53jpVIWYTOjco8Ro2Jsdm6YpP D7dvGzcgbb3VerI4qE7/bx973OFS1M1+oGCF2sdgdrQj77U0gcP1u+WNwe0PHgR1 Y0fVbGn1OjfvPGEY0MiLJZVOc9kCAwEAAaOCAd8wggHbMB0GA1UdDgQWBBR8RaU8 dL4pseyAghZPqrXQPdgv5zAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTY2Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0w DAQCAAEwBgMEAGec3TANBAIAAjAHAwUAJAENoDANBgkqhkiG9w0BAQsFAAOCAQEA ZNbaSlYdtQD3ed+wjJdy75xu7DobPaWslI742Y7F8DBKpHelPdUV6Xf6lKpVyfO+ jqUZMxFdSV0lugjo1qBSOda6g7YWLQAqD1WiqtUJQzwMt8YQ2ar83PC4s5xp6OL8 NlkDZ4QTlTv/MtNmAuMKvhY5KlDKggJgDcQQpTUx+fX8cgoEWbe+0uGSMP7JaqJH stg5IJDu2iXHNjCB+DUCZda4QuxU09ZM6YDmgYQ/fRNsgX3zidbcPE1RBb7EshQF VV9q49m66khhF+RuynDUzVLFl/WoSrGOmTvLVJh6nN90FyN90fadcbF6LqybD57M Mn+8/g314oIgpNcR+2DQGA== -----END CERTIFICATE-----Generated at Wed Dec 3 13:15:37 2025 by rpki-client