This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153553.roa File: AS153553.roa (raw, json) Hash identifier: X3+E9l/cUdl3riZgYNL6gteYukUg4asYxtlqNtzxa3I= Subject key identifier: 22:15:54:29:A6:4C:77:D6:F2:B1:44:7B:00:9C:A3:C3:04:9B:F2:70 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1230A5317949EBB18634A4E26607DF64F983E2AD Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153553.roa Signing time: Tue 20 Jan 2026 02:00:00 +0000 ROA not before: Tue 20 Jan 2026 01:55:00 +0000 ROA not after: Tue 19 Jan 2027 02:00:00 +0000 asID: 153553 IP address blocks: 2001:df4:e440::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 24 Jan 2026 13:18:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:30:a5:31:79:49:eb:b1:86:34:a4:e2:66:07:df:64:f9:83:e2:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 20 01:55:00 2026 GMT Not After : Jan 19 02:00:00 2027 GMT Subject: CN=22155429A64C77D6F2B1447B009CA3C3049BF270 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:4e:c8:de:8e:bb:cd:5d:68:c7:e4:c1:1c:29: 8c:e6:00:05:ae:5d:cd:c2:d9:89:17:68:1d:ed:5c: c1:6b:f1:27:1d:94:f4:44:55:cb:e4:c7:fc:e0:36: 5a:cf:25:2e:47:03:05:7e:89:ae:4c:65:ad:7f:6b: 00:ea:21:1e:b7:84:8d:8d:e0:06:a1:cf:8b:ce:52: 69:db:e2:fd:4f:d5:ed:bd:9a:d0:c8:74:e5:e5:11: 0e:f3:54:ba:56:58:c2:eb:93:13:2e:0f:a5:60:12: ea:04:eb:5d:61:b8:1a:79:b8:0a:a4:c8:b9:90:4e: f6:9a:a1:2c:d9:2f:de:4e:d0:94:94:80:b7:ad:7a: d9:26:a6:e7:5b:db:e7:15:e9:49:1b:7a:15:0c:ee: 77:1e:f9:8c:23:68:3d:f5:3e:ae:14:24:bf:6f:8e: 1e:8f:8f:cc:7e:75:cf:ed:97:f3:97:58:9e:94:a8: cd:0b:45:b6:4f:72:6d:db:e6:9c:44:16:54:0c:1c: 91:0d:9e:83:65:e9:97:e4:28:84:92:de:dc:bb:c0: 5b:5f:c7:f1:45:d1:a3:e2:7d:8a:ce:fa:30:2b:62: 16:6e:2e:72:9a:7d:5f:17:2d:67:88:e3:0c:a8:d7: ee:2d:2e:e8:ee:3e:83:90:40:a3:7e:3f:69:c0:b8: 17:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:15:54:29:A6:4C:77:D6:F2:B1:44:7B:00:9C:A3:C3:04:9B:F2:70 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153553.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:e440::/48 Signature Algorithm: sha256WithRSAEncryption 6d:71:20:0b:e2:1e:df:e4:e6:0e:21:ef:34:f9:66:3d:3b:6b: 1b:10:4f:56:9b:f2:04:1a:89:f1:51:34:3f:41:f3:70:46:9a: c1:75:68:39:cc:17:ed:9e:f9:d0:24:de:72:1d:54:b0:2c:71: f2:8e:81:d1:f1:ba:24:e0:09:8b:47:b4:dc:cf:cc:34:90:dd: c1:36:a0:50:d7:d2:af:92:83:8e:4f:88:ba:f0:17:f7:13:5d: e7:da:04:d5:63:ba:23:8f:f4:ae:4b:2e:b5:1e:b9:4c:c1:27: 47:31:b1:02:0d:69:1f:a3:93:51:b4:4f:e5:7d:b8:56:ba:18: 5e:08:b6:9c:5b:dc:6d:c6:b5:ab:c3:55:59:2a:99:2b:2f:e5: d2:be:03:b3:bb:95:12:37:6f:46:51:3d:9c:5b:a0:fb:dd:4d: c3:03:61:9d:54:12:a7:e3:09:80:b0:63:5e:ec:f1:21:6f:3a: ff:59:b5:da:26:b0:de:c0:18:20:e2:03:ea:c8:67:38:01:c3: 1c:2f:cd:18:f0:61:d4:f2:aa:a0:d9:93:6a:05:93:92:9b:6f: 09:82:16:73:aa:87:44:6d:ab:67:f7:1a:6e:3d:3c:cf:53:fc: 50:f6:d5:c1:f5:72:58:4d:45:c6:9a:71:37:4a:c9:90:c7:93: ef:0f:21:15 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUEjClMXlJ67GGNKTiZgffZPmD4q0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDEyMDAxNTUwMFoX DTI3MDExOTAyMDAwMFowMzExMC8GA1UEAxMoMjIxNTU0MjlBNjRDNzdENkYyQjE0 NDdCMDA5Q0EzQzMwNDlCRjI3MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANhOyN6Ou81daMfkwRwpjOYABa5dzcLZiRdoHe1cwWvxJx2U9ERVy+TH/OA2 Ws8lLkcDBX6JrkxlrX9rAOohHreEjY3gBqHPi85Sadvi/U/V7b2a0Mh05eURDvNU ulZYwuuTEy4PpWAS6gTrXWG4Gnm4CqTIuZBO9pqhLNkv3k7QlJSAt6162Sam51vb 5xXpSRt6FQzudx75jCNoPfU+rhQkv2+OHo+PzH51z+2X85dYnpSozQtFtk9ybdvm nEQWVAwckQ2eg2Xpl+QohJLe3LvAW1/H8UXRo+J9is76MCtiFm4ucpp9XxctZ4jj DKjX7i0u6O4+g5BAo34/acC4F8UCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQiFVQp pkx31vKxRHsAnKPDBJvycDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MzU1My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfTkQDANBgkqhkiG9w0BAQsFAAOCAQEAbXEgC+Ie3+TmDiHv NPlmPTtrGxBPVpvyBBqJ8VE0P0HzcEaawXVoOcwX7Z750CTech1UsCxx8o6B0fG6 JOAJi0e03M/MNJDdwTagUNfSr5KDjk+IuvAX9xNd59oE1WO6I4/0rksutR65TMEn RzGxAg1pH6OTUbRP5X24VroYXgi2nFvcbca1q8NVWSqZKy/l0r4Ds7uVEjdvRlE9 nFug+91NwwNhnVQSp+MJgLBjXuzxIW86/1m12iaw3sAYIOID6shnOAHDHC/NGPBh 1PKqoNmTagWTkptvCYIWc6qHRG2rZ/cabj08z1P8UPbVwfVyWE1FxppxN0rJkMeT 7w8hFQ== -----END CERTIFICATE-----Generated at Wed Jan 21 13:19:56 2026 by rpki-client