This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149966.roa File: AS149966.roa (raw, json) Hash identifier: oxmwGwhJYlX0xspMnh+pncgwfNrnzGKVLbvCuxcuGD8= Subject key identifier: 40:95:36:C4:1D:A1:A5:D6:2C:3E:E3:6F:C4:88:4E:B1:B2:48:70:DD Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1E882B429ACAEF9DDC1C3201B843A7EAB13EC5AD Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149966.roa Signing time: Thu 20 Nov 2025 02:34:34 +0000 ROA not before: Thu 20 Nov 2025 02:29:34 +0000 ROA not after: Thu 19 Nov 2026 02:34:34 +0000 asID: 149966 IP address blocks: 103.191.152.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 12:07:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:88:2b:42:9a:ca:ef:9d:dc:1c:32:01:b8:43:a7:ea:b1:3e:c5:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 20 02:29:34 2025 GMT Not After : Nov 19 02:34:34 2026 GMT Subject: CN=409536C41DA1A5D62C3EE36FC4884EB1B24870DD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:99:08:59:8b:b6:26:6c:99:91:c4:6a:93:b5: 9b:7b:7a:95:06:e8:3c:a0:66:4b:60:21:03:76:1f: 3b:00:cc:01:bf:08:87:08:7e:a3:fd:08:a1:ef:c2: d7:5b:a4:fe:b9:0d:7d:4e:6d:cb:d1:a7:4a:e6:8e: ff:3f:61:cf:af:2b:5e:ea:7a:05:a6:c7:5b:40:79: aa:e2:ee:2f:5c:4f:95:24:ce:62:89:d7:7f:b2:92: f1:6e:ee:77:ef:1f:17:8e:2d:b1:f0:61:52:4d:fd: 9f:17:1f:5a:94:f0:62:9a:04:a1:39:d2:22:13:4d: 4c:44:00:ec:d2:f0:6d:bb:d8:21:bf:74:55:0f:78: 62:ad:ce:0a:ac:3c:2d:ed:1c:3c:14:0f:15:bf:e8: b6:62:0e:80:c8:b0:f8:3f:6f:ae:0e:b6:bd:e0:ab: d5:cd:09:98:51:98:02:9d:e3:31:8f:96:ed:52:4d: 26:fd:7b:e5:18:5e:a7:fb:ba:25:cb:ba:39:5a:a2: b1:9e:58:0b:49:d2:55:d7:31:6f:42:db:9e:8b:85: 08:03:8f:98:fc:88:43:b9:5f:fc:e8:49:0c:89:4b: 45:87:d8:b3:56:3a:60:38:e5:06:b3:c4:46:bd:c8: 99:2e:f1:4b:1a:97:03:a3:ef:4a:87:44:59:26:25: af:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:95:36:C4:1D:A1:A5:D6:2C:3E:E3:6F:C4:88:4E:B1:B2:48:70:DD X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149966.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.191.152.0/23 Signature Algorithm: sha256WithRSAEncryption 60:b2:07:88:c7:0a:93:b8:69:ee:44:cc:91:18:5c:2a:fd:f8: 58:67:9f:6c:eb:f9:e8:c3:18:ff:ad:9a:4d:9c:01:47:26:6d: fb:44:4c:27:84:42:da:e3:6d:5d:41:5a:57:1b:98:1f:e9:e8: 9e:fe:5e:c7:9f:b5:c9:65:ee:65:cc:48:10:f6:f5:7c:bf:d7: c3:0b:ae:78:96:19:f2:80:88:d9:13:60:e5:90:5a:4e:b8:3d: bb:fb:1d:df:19:f8:09:e0:da:3a:ee:73:d8:a8:f3:8a:db:22: b6:8e:31:e8:74:58:13:f9:6c:82:c4:d8:33:51:fd:9c:b2:8d: 98:22:0d:9a:23:5d:03:52:cb:ed:a2:db:b4:29:3e:ef:b3:f2: 1c:b8:10:8b:fe:c0:a3:08:5e:27:8d:4e:6e:e2:8c:23:c8:fb: 07:91:76:53:22:a9:76:55:85:70:da:06:48:35:82:26:0b:ec: b1:02:93:1c:d0:95:53:f3:8e:c3:95:6a:41:f8:e7:f1:6c:1f: fd:27:d5:5b:d0:20:0b:e9:8e:fa:09:2d:90:43:be:25:8a:cc: 54:3d:f1:93:95:a4:a1:67:03:13:0c:12:5e:ba:bc:20:45:52: 37:e8:06:eb:31:96:9e:46:29:9f:63:7a:19:2e:a9:f9:a2:d8: 3d:ea:67:a6 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUHogrQprK753cHDIBuEOn6rE+xa0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTEyMDAyMjkzNFoX DTI2MTExOTAyMzQzNFowMzExMC8GA1UEAxMoNDA5NTM2QzQxREExQTVENjJDM0VF MzZGQzQ4ODRFQjFCMjQ4NzBERDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALaZCFmLtiZsmZHEapO1m3t6lQboPKBmS2AhA3YfOwDMAb8Ihwh+o/0Ioe/C 11uk/rkNfU5ty9GnSuaO/z9hz68rXup6BabHW0B5quLuL1xPlSTOYonXf7KS8W7u d+8fF44tsfBhUk39nxcfWpTwYpoEoTnSIhNNTEQA7NLwbbvYIb90VQ94Yq3OCqw8 Le0cPBQPFb/otmIOgMiw+D9vrg62veCr1c0JmFGYAp3jMY+W7VJNJv175Rhep/u6 Jcu6OVqisZ5YC0nSVdcxb0LbnouFCAOPmPyIQ7lf/OhJDIlLRYfYs1Y6YDjlBrPE Rr3ImS7xSxqXA6PvSodEWSYlr3sCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRAlTbE HaGl1iw+42/EiE6xskhw3TAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTk2Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWe/mDANBgkqhkiG9w0BAQsFAAOCAQEAYLIHiMcKk7hp7kTMkRhc Kv34WGefbOv56MMY/62aTZwBRyZt+0RMJ4RC2uNtXUFaVxuYH+nonv5ex5+1yWXu ZcxIEPb1fL/XwwuueJYZ8oCI2RNg5ZBaTrg9u/sd3xn4CeDaOu5z2Kjzitsito4x 6HRYE/lsgsTYM1H9nLKNmCINmiNdA1LL7aLbtCk+77PyHLgQi/7AowheJ41ObuKM I8j7B5F2UyKpdlWFcNoGSDWCJgvssQKTHNCVU/OOw5VqQfjn8Wwf/SfVW9AgC+mO +gktkEO+JYrMVD3xk5WkoWcDEwwSXrq8IEVSN+gG6zGWnkYpn2N6GS6p+aLYPepn pg== -----END CERTIFICATE-----Generated at Wed Dec 3 14:50:03 2025 by rpki-client