This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153140.roa File: AS153140.roa (raw, json) Hash identifier: sYr1d6TDiYOKD2ykfuJ9yRvEOLWM3jLbKDqm2BDkzEs= Subject key identifier: DC:53:A9:5D:D0:B3:4A:CE:6F:4C:27:4F:4E:56:ED:A5:D5:44:DE:42 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 71D343713950BCC86D9908CD6E475BFD3342B2B1 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153140.roa Signing time: Tue 11 Nov 2025 11:00:00 +0000 ROA not before: Tue 11 Nov 2025 10:55:00 +0000 ROA not after: Tue 10 Nov 2026 11:00:00 +0000 asID: 153140 IP address blocks: 2001:df4:64c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 12:07:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:d3:43:71:39:50:bc:c8:6d:99:08:cd:6e:47:5b:fd:33:42:b2:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 11 10:55:00 2025 GMT Not After : Nov 10 11:00:00 2026 GMT Subject: CN=DC53A95DD0B34ACE6F4C274F4E56EDA5D544DE42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:ac:8e:2e:9a:74:73:42:f5:9b:00:ee:9f:fd: aa:4d:da:c6:47:1c:3b:8f:5d:64:f2:2c:92:b1:11: 42:9a:9d:ab:ba:2f:0e:e8:6a:94:76:cc:3e:53:e0: 43:92:be:44:0d:a3:bc:8c:a7:a7:33:26:c0:b3:f8: 73:28:9d:cc:96:30:13:ce:58:74:a0:d6:be:31:90: 62:0c:bb:03:41:19:c4:8b:a8:34:a1:46:6c:ba:84: 03:76:2f:87:81:c8:c2:68:38:89:00:ad:fe:99:a2: 6c:b2:2d:46:00:da:82:6d:3e:7e:79:b9:f7:65:93: 04:b5:5d:4e:6e:89:ec:0c:b3:07:8f:49:d0:f9:8a: ca:c0:ef:a0:26:d6:7b:02:ec:68:01:7f:94:d8:74: ec:0a:ec:96:eb:c5:bc:5b:18:65:3b:44:53:a8:82: 1e:09:1d:cd:45:fd:28:25:97:05:32:f2:46:ef:0e: 39:d1:70:48:95:cf:10:6d:18:64:9a:5d:80:bc:79: 05:0a:f3:1c:48:b4:bc:46:8a:d9:c2:f4:8a:47:12: 2e:38:af:49:ff:23:a6:bb:e6:c1:38:81:12:65:95: 03:37:66:6b:ea:11:2d:6b:68:62:32:56:5c:d6:7e: 59:d3:7b:c2:b8:b6:4b:99:ae:cf:46:87:52:f6:da: 43:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:53:A9:5D:D0:B3:4A:CE:6F:4C:27:4F:4E:56:ED:A5:D5:44:DE:42 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153140.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:64c0::/48 Signature Algorithm: sha256WithRSAEncryption 47:8f:00:58:8f:a7:56:e7:38:48:40:c4:02:c0:8a:21:bc:b3: 66:13:44:e0:7e:2d:3b:03:c4:dd:6b:ed:0a:de:77:f4:ac:ac: e2:a4:9b:be:c7:4b:ad:80:ea:74:76:4f:7c:00:63:eb:0c:0e: 9b:cc:17:ee:5c:d8:d4:5f:49:77:0e:49:42:d3:8f:09:b6:9b: 05:dd:cc:c0:ef:8a:ec:49:eb:53:8c:2f:f1:6d:ab:b6:12:bd: c0:1f:3b:d0:45:a1:56:72:c7:9a:32:37:92:a6:aa:ef:7b:46: 88:7a:32:bf:80:bf:6f:63:f5:fa:e2:68:0f:b0:e2:77:ec:91: c9:e1:f7:8d:65:3b:bc:16:9f:03:06:93:4f:13:fc:c0:71:79: ab:da:b4:03:54:43:75:0d:e8:cc:3b:08:5a:c8:a5:38:c7:91: 8e:37:b7:b1:6d:d3:e3:6b:d4:3d:6d:af:f5:7c:0c:ba:e2:c9: e1:9c:09:a8:56:5e:0a:94:cd:95:98:0e:1f:47:e1:f5:b0:ae: c2:50:d8:e3:8a:76:a6:6e:2e:fb:7a:27:07:0a:2e:78:f9:8d: e7:82:a0:4b:ab:d2:41:48:68:08:33:05:c4:6b:a0:39:4e:ed: 12:fe:f6:ca:de:37:88:64:67:d1:0e:07:80:59:15:60:a3:a9: 73:62:ee:30 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUcdNDcTlQvMhtmQjNbkdb/TNCsrEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTExMTEwNTUwMFoX DTI2MTExMDExMDAwMFowMzExMC8GA1UEAxMoREM1M0E5NUREMEIzNEFDRTZGNEMy NzRGNEU1NkVEQTVENTQ0REU0MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPKsji6adHNC9ZsA7p/9qk3axkccO49dZPIskrERQpqdq7ovDuhqlHbMPlPg Q5K+RA2jvIynpzMmwLP4cyidzJYwE85YdKDWvjGQYgy7A0EZxIuoNKFGbLqEA3Yv h4HIwmg4iQCt/pmibLItRgDagm0+fnm592WTBLVdTm6J7AyzB49J0PmKysDvoCbW ewLsaAF/lNh07ArsluvFvFsYZTtEU6iCHgkdzUX9KCWXBTLyRu8OOdFwSJXPEG0Y ZJpdgLx5BQrzHEi0vEaK2cL0ikcSLjivSf8jprvmwTiBEmWVAzdma+oRLWtoYjJW XNZ+WdN7wri2S5muz0aHUvbaQ7MCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBTcU6ld 0LNKzm9MJ09OVu2l1UTeQjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MzE0MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfRkwDANBgkqhkiG9w0BAQsFAAOCAQEAR48AWI+nVuc4SEDE AsCKIbyzZhNE4H4tOwPE3WvtCt539Kys4qSbvsdLrYDqdHZPfABj6wwOm8wX7lzY 1F9Jdw5JQtOPCbabBd3MwO+K7EnrU4wv8W2rthK9wB870EWhVnLHmjI3kqaq73tG iHoyv4C/b2P1+uJoD7Did+yRyeH3jWU7vBafAwaTTxP8wHF5q9q0A1RDdQ3ozDsI WsilOMeRjje3sW3T42vUPW2v9XwMuuLJ4ZwJqFZeCpTNlZgOH0fh9bCuwlDY44p2 pm4u+3onBwouePmN54KgS6vSQUhoCDMFxGugOU7tEv72yt43iGRn0Q4HgFkVYKOp c2LuMA== -----END CERTIFICATE-----Generated at Wed Dec 3 13:14:57 2025 by rpki-client