This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153149.roa File: AS153149.roa (raw, json) Hash identifier: mXUj94NQJWRS/buid152xf7yk7mHQsX5kuZX5v20Oi8= Subject key identifier: 27:99:60:37:16:8E:20:F6:58:8F:3C:34:33:68:5D:79:80:98:FA:1F Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 682AEAFE4982889D36C9F67982BE27A01529247F Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153149.roa Signing time: Tue 04 Nov 2025 09:00:00 +0000 ROA not before: Tue 04 Nov 2025 08:55:00 +0000 ROA not after: Tue 03 Nov 2026 09:00:00 +0000 asID: 153149 IP address blocks: 2001:df4:9a40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 12:07:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:2a:ea:fe:49:82:88:9d:36:c9:f6:79:82:be:27:a0:15:29:24:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 4 08:55:00 2025 GMT Not After : Nov 3 09:00:00 2026 GMT Subject: CN=27996037168E20F6588F3C3433685D798098FA1F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:c7:c0:62:27:6a:99:76:22:24:e3:4c:ee:8c: 06:0f:cf:e2:69:8f:41:7c:40:aa:c6:42:1d:5c:99: 23:03:68:8d:24:6d:b9:23:65:9c:35:13:77:c0:6a: 0c:ec:fe:ce:7a:96:f2:c0:14:5b:8f:05:63:b4:19: 17:48:e0:23:b3:e0:af:48:7f:e3:e0:89:79:e5:31: 40:83:b7:3c:5a:94:f8:d1:21:68:6b:c8:97:45:91: 47:b2:2b:22:2a:fc:2e:d5:c8:36:3f:c0:b4:78:a1: 25:39:3f:98:fd:b8:63:1d:ab:d4:d0:a0:c8:a5:47: a8:f3:6a:a6:cc:a7:c8:63:48:b3:66:2d:58:f5:f8: 79:d6:f1:86:55:39:84:4c:d9:25:2e:b8:46:e2:92: 97:6e:db:ae:a3:e3:9c:8e:07:a0:72:1a:64:cb:f9: 65:7e:86:bb:af:e0:61:2d:12:63:44:e2:ef:17:8d: 1b:51:c8:88:92:70:22:55:79:2c:21:9a:03:78:c3: fb:de:14:4d:aa:a9:69:0c:36:3b:e7:db:8f:fb:76: 23:cd:65:04:7b:84:38:0b:17:cf:df:8b:e4:08:36: 97:8f:0b:c5:94:70:c5:ae:41:47:57:bf:7b:a9:b2: d5:c5:02:b7:5b:b9:b8:14:a0:d6:45:c5:da:4d:3d: 01:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:99:60:37:16:8E:20:F6:58:8F:3C:34:33:68:5D:79:80:98:FA:1F X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153149.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:9a40::/48 Signature Algorithm: sha256WithRSAEncryption 2d:62:ca:b6:4f:9f:35:a1:95:cb:f6:24:18:f6:bb:12:c0:e6: fb:c6:42:e4:a4:6a:3c:e1:02:57:2f:f7:61:bd:51:29:3b:7e: f3:01:d2:e5:f7:f1:56:80:0f:df:cf:d6:5f:ef:bc:69:5c:94: a7:65:75:0d:81:25:89:80:e6:a1:91:af:16:28:4e:14:39:f9: 46:3f:81:f2:10:38:f2:87:95:de:9e:f2:bc:10:4e:81:f5:54: 43:85:34:0f:22:c2:49:67:d3:f7:8a:44:08:06:c0:d8:ab:66: f1:db:ed:53:2c:80:60:1b:c5:26:33:32:96:e0:6d:d5:65:a2: 30:7b:a1:b9:a6:d7:d4:a7:96:ff:45:83:da:9a:5e:93:3d:ca: ae:e3:18:f2:c9:1b:f3:8f:a6:02:18:8d:d9:ee:2d:12:61:1d: cc:e3:0f:33:a2:d5:f1:7e:5b:53:61:69:87:1d:b4:ba:82:ac: 85:ab:78:e7:da:77:73:93:78:86:1c:e7:bf:57:9c:df:83:10: a5:0c:b8:a8:a0:c0:95:7b:d7:b5:13:b7:77:c4:91:7c:55:4d: 05:76:50:79:4d:d3:42:63:47:c7:2d:a3:39:f2:3a:99:d3:74: 39:4e:1c:c1:89:f7:cc:fc:4e:7f:98:f4:0b:d8:cc:6a:32:3f: f2:c7:7c:de -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUaCrq/kmCiJ02yfZ5gr4noBUpJH8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTEwNDA4NTUwMFoX DTI2MTEwMzA5MDAwMFowMzExMC8GA1UEAxMoMjc5OTYwMzcxNjhFMjBGNjU4OEYz QzM0MzM2ODVENzk4MDk4RkExRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKbHwGInapl2IiTjTO6MBg/P4mmPQXxAqsZCHVyZIwNojSRtuSNlnDUTd8Bq DOz+znqW8sAUW48FY7QZF0jgI7Pgr0h/4+CJeeUxQIO3PFqU+NEhaGvIl0WRR7Ir Iir8LtXINj/AtHihJTk/mP24Yx2r1NCgyKVHqPNqpsynyGNIs2YtWPX4edbxhlU5 hEzZJS64RuKSl27brqPjnI4HoHIaZMv5ZX6Gu6/gYS0SY0Ti7xeNG1HIiJJwIlV5 LCGaA3jD+94UTaqpaQw2O+fbj/t2I81lBHuEOAsXz9+L5Ag2l48LxZRwxa5BR1e/ e6my1cUCt1u5uBSg1kXF2k09AW0CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQnmWA3 Fo4g9liPPDQzaF15gJj6HzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MzE0OS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfSaQDANBgkqhkiG9w0BAQsFAAOCAQEALWLKtk+fNaGVy/Yk GPa7EsDm+8ZC5KRqPOECVy/3Yb1RKTt+8wHS5ffxVoAP38/WX++8aVyUp2V1DYEl iYDmoZGvFihOFDn5Rj+B8hA48oeV3p7yvBBOgfVUQ4U0DyLCSWfT94pECAbA2Ktm 8dvtUyyAYBvFJjMyluBt1WWiMHuhuabX1KeW/0WD2ppekz3KruMY8skb84+mAhiN 2e4tEmEdzOMPM6LV8X5bU2Fphx20uoKshat459p3c5N4hhznv1ec34MQpQy4qKDA lXvXtRO3d8SRfFVNBXZQeU3TQmNHxy2jOfI6mdN0OU4cwYn3zPxOf5j0C9jMajI/ 8sd83g== -----END CERTIFICATE-----Generated at Wed Dec 3 13:15:28 2025 by rpki-client