This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153965.roa File: AS153965.roa (raw, json) Hash identifier: 6SDvoBPPzmBw9TxAERlO+zMgyZJMlLn065khXxSRyX0= Subject key identifier: BB:1C:0D:57:5B:60:BA:E8:54:99:DC:BA:24:A4:0B:39:BE:EC:06:63 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 465E3BCAE23BD5C1B3A70FF156BA9E167179D8B4 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153965.roa Signing time: Mon 15 Dec 2025 01:04:09 +0000 ROA not before: Mon 15 Dec 2025 00:59:09 +0000 ROA not after: Mon 14 Dec 2026 01:04:09 +0000 asID: 153965 IP address blocks: 165.99.204.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 20 Dec 2025 09:41:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:5e:3b:ca:e2:3b:d5:c1:b3:a7:0f:f1:56:ba:9e:16:71:79:d8:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Dec 15 00:59:09 2025 GMT Not After : Dec 14 01:04:09 2026 GMT Subject: CN=BB1C0D575B60BAE85499DCBA24A40B39BEEC0663 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:f8:ae:c5:f0:ed:cd:b6:ee:23:04:cc:a5:b4: 26:de:2b:4f:b7:19:04:58:30:2f:db:cf:36:33:c2: fa:82:a2:6b:bf:2f:0a:ab:90:bf:fd:58:20:cb:58: 7b:7b:1b:f5:61:52:2a:fd:32:70:81:90:33:1a:90: 21:ba:8c:9a:5e:ad:5f:1e:a0:b4:87:0a:97:c6:16: 18:a4:e2:64:b8:14:70:0c:82:21:d7:1f:98:56:06: 89:c7:0d:b2:30:bc:a1:0b:d2:3a:a3:dc:85:7d:57: f0:a2:c8:ac:1e:73:d8:0b:ed:37:ea:df:db:be:5d: ef:9e:6c:e7:89:5d:12:7f:f1:29:cd:61:0b:c3:ff: f0:58:3b:9d:d7:7d:87:1e:8e:66:4d:37:d5:1b:71: 18:a1:69:d6:c5:fa:6c:fd:62:2b:2c:b1:96:77:3d: 11:39:10:97:49:f5:6a:22:7a:d4:da:16:e4:d6:71: 92:2a:b8:fe:b5:1f:29:e9:79:e9:ce:e1:3a:08:2f: 20:e1:70:3a:30:b1:5d:52:72:08:87:f3:5b:79:4f: aa:94:cf:f9:ad:16:65:75:c5:85:6e:0c:74:88:1d: f9:20:b2:98:00:8c:f2:d7:7c:13:2c:8f:d2:80:bc: 4f:88:28:67:32:17:da:25:3c:10:e2:eb:ac:88:43: bb:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:1C:0D:57:5B:60:BA:E8:54:99:DC:BA:24:A4:0B:39:BE:EC:06:63 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153965.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.204.0/24 Signature Algorithm: sha256WithRSAEncryption 2c:06:e1:29:f9:bc:c8:e3:fb:d5:ad:df:66:24:a5:dd:4d:73: bf:22:52:97:c7:b2:10:d5:44:ba:e9:63:06:78:c9:98:8f:73: 4d:62:0f:ec:aa:fb:ed:93:ae:af:f0:eb:8b:fb:dd:f7:79:0e: fb:8e:a9:d3:a9:4e:e5:7e:50:cf:ef:e2:22:d3:4f:53:f5:52: 21:9e:b4:67:12:d7:7b:5b:79:0c:31:37:07:24:f5:31:d6:70: af:3d:f2:12:2f:85:13:35:d3:87:49:a4:29:f7:bd:78:32:a9: 33:7d:b5:dc:03:16:d1:18:6c:4a:e2:f3:ac:86:09:10:98:5e: df:05:de:d9:75:b7:57:ad:3f:63:e8:45:e8:85:bd:89:95:d2: a6:16:b1:d5:9f:a8:31:b0:5c:91:db:0f:98:d3:e9:b8:b8:fc: 7b:84:e2:aa:33:bd:e3:a8:28:33:9e:b1:75:42:e9:21:bb:e1: 15:0f:2b:8d:0f:57:ff:2d:4f:be:20:65:f7:29:45:90:af:98: 41:73:ba:0d:f9:a9:d1:d0:30:3b:a6:68:8a:cd:0e:66:ec:e9: 5b:da:6f:78:fd:75:10:b5:8f:99:43:bb:f5:f0:e6:5b:48:8e: 7e:a0:d4:2a:4f:66:78:a8:0d:7e:2a:5f:75:f1:7b:73:8a:83: 4d:43:97:f9 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIURl47yuI71cGzpw/xVrqeFnF52LQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MTIxNTAwNTkwOVoX DTI2MTIxNDAxMDQwOVowMzExMC8GA1UEAxMoQkIxQzBENTc1QjYwQkFFODU0OTlE Q0JBMjRBNDBCMzlCRUVDMDY2MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOD4rsXw7c227iMEzKW0Jt4rT7cZBFgwL9vPNjPC+oKia78vCquQv/1YIMtY e3sb9WFSKv0ycIGQMxqQIbqMml6tXx6gtIcKl8YWGKTiZLgUcAyCIdcfmFYGiccN sjC8oQvSOqPchX1X8KLIrB5z2AvtN+rf275d755s54ldEn/xKc1hC8P/8Fg7ndd9 hx6OZk031RtxGKFp1sX6bP1iKyyxlnc9ETkQl0n1aiJ61NoW5NZxkiq4/rUfKel5 6c7hOggvIOFwOjCxXVJyCIfzW3lPqpTP+a0WZXXFhW4MdIgd+SCymACM8td8EyyP 0oC8T4goZzIX2iU8EOLrrIhDuwkCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBS7HA1X W2C66FSZ3LokpAs5vuwGYzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1Mzk2NS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKVjzDANBgkqhkiG9w0BAQsFAAOCAQEALAbhKfm8yOP71a3fZiSl 3U1zvyJSl8eyENVEuuljBnjJmI9zTWIP7Kr77ZOur/Dri/vd93kO+46p06lO5X5Q z+/iItNPU/VSIZ60ZxLXe1t5DDE3ByT1MdZwrz3yEi+FEzXTh0mkKfe9eDKpM321 3AMW0RhsSuLzrIYJEJhe3wXe2XW3V60/Y+hF6IW9iZXSphax1Z+oMbBckdsPmNPp uLj8e4TiqjO946goM56xdULpIbvhFQ8rjQ9X/y1PviBl9ylFkK+YQXO6Dfmp0dAw O6Zois0OZuzpW9pveP11ELWPmUO79fDmW0iOfqDUKk9meKgNfipfdfF7c4qDTUOX +Q== -----END CERTIFICATE-----Generated at Wed Dec 17 20:07:28 2025 by rpki-client