This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142067.roa File: AS142067.roa (raw, json) Hash identifier: OvJhVxaczg3RTgQhEhrrYmJHTypdCN2hQmMh33oRHc8= Subject key identifier: BC:EA:D1:EE:E8:D3:B1:4A:06:77:83:01:08:1A:75:60:99:35:F1:A3 Certificate issuer: /CN=A91E5D610001/serialNumber=0B275E5B466B941AB84A742B4E3832BB1FDFEC9E Certificate serial: 11C040AE5DB871B31100CAD7C4FF10477FAEADC9 Authority key identifier: 0B:27:5E:5B:46:6B:94:1A:B8:4A:74:2B:4E:38:32:BB:1F:DF:EC:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142067.roa Signing time: Tue 02 Dec 2025 08:47:52 +0000 ROA not before: Tue 02 Dec 2025 08:42:52 +0000 ROA not after: Tue 01 Dec 2026 08:47:52 +0000 asID: 142067 IP address blocks: 2001:253:201::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.crl rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 03:19:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:c0:40:ae:5d:b8:71:b3:11:00:ca:d7:c4:ff:10:47:7f:ae:ad:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=0B275E5B466B941AB84A742B4E3832BB1FDFEC9E Validity Not Before: Dec 2 08:42:52 2025 GMT Not After : Dec 1 08:47:52 2026 GMT Subject: CN=BCEAD1EEE8D3B14A06778301081A75609935F1A3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:36:3b:e6:f7:d0:81:c1:a9:55:74:a1:5f:be: d4:39:69:e8:86:6f:1b:c4:19:a6:4e:b6:b9:f6:35: 13:a3:19:03:c3:0a:24:6b:cf:1c:19:74:34:fb:fc: 1f:ff:36:54:4e:14:f9:31:53:cf:a0:f5:17:8f:e5: 05:d4:72:a0:df:ee:f1:44:94:45:cb:9a:2e:38:95: 56:03:36:87:86:09:83:9d:93:fd:9d:c9:20:2d:3f: 9c:53:a3:a0:a0:5d:ec:2a:6f:4f:a1:94:b0:d4:a7: 16:b1:16:ef:45:07:96:ca:81:bc:74:e1:bd:61:81: bc:59:68:b7:dd:31:39:31:76:20:b0:f7:28:7f:e0: 1c:11:88:58:a7:c4:7b:a2:be:05:04:7b:e7:bc:39: 13:b9:40:a9:52:25:bf:5f:9e:fd:a9:5a:9d:27:08: 2f:cc:ad:2d:36:51:aa:35:52:26:04:36:fe:24:b6: 6f:eb:0b:65:cf:2a:72:22:73:11:d7:08:a8:5f:45: 0f:31:58:39:e7:f3:a5:77:22:06:f4:e4:65:47:5d: 7a:f2:38:f4:74:86:1c:ae:29:92:9e:3a:dc:88:65: 40:70:3f:07:6e:a7:ca:2b:04:70:48:25:18:4b:35: 59:b0:71:57:2e:9d:f9:a0:77:59:81:dc:93:78:93: 1b:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:EA:D1:EE:E8:D3:B1:4A:06:77:83:01:08:1A:75:60:99:35:F1:A3 X509v3 Authority Key Identifier: keyid:0B:27:5E:5B:46:6B:94:1A:B8:4A:74:2B:4E:38:32:BB:1F:DF:EC:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142067.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:253:201::/48 Signature Algorithm: sha256WithRSAEncryption 2a:49:e9:e8:16:79:cb:f9:80:72:67:3e:a9:ac:14:83:23:a3: ac:39:f7:f9:c1:1f:e6:2e:ce:9b:41:4a:03:d4:62:01:1b:dc: 13:47:d3:29:98:d9:1c:ab:6a:18:e9:db:ef:a3:7b:48:9f:1f: 6f:42:8b:7c:f7:dd:f5:71:f8:1b:b9:55:36:1b:04:cb:61:af: cf:e0:9d:65:ec:75:d1:88:ae:6f:7c:a5:9c:59:d1:2f:5f:2a: d2:1a:6b:a6:f2:cb:9d:17:20:31:5d:44:4a:aa:e0:8f:80:b1: e4:b3:45:a7:70:a5:2c:fd:7a:df:57:a1:c9:42:ee:f3:37:c7: 85:d2:a2:5e:e7:bc:85:b5:58:7b:aa:11:8d:72:a8:ee:26:a6: 0c:20:74:06:77:cb:19:38:ac:99:a8:c9:9f:40:71:69:48:dc: 8d:f7:a7:66:46:1b:8a:18:bc:75:dc:bd:2f:2d:fe:98:59:24: 8c:36:46:35:e0:26:a7:fc:81:00:7f:ff:52:78:e2:3a:5b:fb: 86:28:82:a2:b9:f9:bc:03:33:65:1e:4b:5d:c6:70:a9:1c:23: 4b:b6:81:cc:d9:d9:64:88:20:93:0c:bf:0a:cb:45:45:0c:a7: 59:14:2d:b2:13:dd:ae:c7:10:46:d5:d1:77:26:d7:0d:09:a3: 5a:b0:55:56 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUEcBArl24cbMRAMrXxP8QR3+urckwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwQjI3NUU1QjQ2 NkI5NDFBQjg0QTc0MkI0RTM4MzJCQjFGREZFQzlFMB4XDTI1MTIwMjA4NDI1MloX DTI2MTIwMTA4NDc1MlowMzExMC8GA1UEAxMoQkNFQUQxRUVFOEQzQjE0QTA2Nzc4 MzAxMDgxQTc1NjA5OTM1RjFBMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALo2O+b30IHBqVV0oV++1Dlp6IZvG8QZpk62ufY1E6MZA8MKJGvPHBl0NPv8 H/82VE4U+TFTz6D1F4/lBdRyoN/u8USURcuaLjiVVgM2h4YJg52T/Z3JIC0/nFOj oKBd7CpvT6GUsNSnFrEW70UHlsqBvHThvWGBvFlot90xOTF2ILD3KH/gHBGIWKfE e6K+BQR757w5E7lAqVIlv1+e/alanScIL8ytLTZRqjVSJgQ2/iS2b+sLZc8qciJz EdcIqF9FDzFYOefzpXciBvTkZUddevI49HSGHK4pkp463IhlQHA/B26nyisEcEgl GEs1WbBxVy6d+aB3WYHck3iTG+UCAwEAAaOCAccwggHDMB0GA1UdDgQWBBS86tHu 6NOxSgZ3gwEIGnVgmTXxozAfBgNVHSMEGDAWgBQLJ15bRmuUGrhKdCtOODK7H9/s njAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wQjI3NUU1QjQ2NkI5NDFBQjg0QTc0 MkI0RTM4MzJCQjFGREZFQzlFLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9DeWRlVzBacmxCcTRTblFyVGpneXV4X2Y3 SjQuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjA2Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACAB AlMCATANBgkqhkiG9w0BAQsFAAOCAQEAKknp6BZ5y/mAcmc+qawUgyOjrDn3+cEf 5i7Om0FKA9RiARvcE0fTKZjZHKtqGOnb76N7SJ8fb0KLfPfd9XH4G7lVNhsEy2Gv z+CdZex10Yiub3ylnFnRL18q0hprpvLLnRcgMV1ESqrgj4Cx5LNFp3ClLP1631eh yULu8zfHhdKiXue8hbVYe6oRjXKo7iamDCB0BnfLGTismajJn0BxaUjcjfenZkYb ihi8ddy9Ly3+mFkkjDZGNeAmp/yBAH//UnjiOlv7hiiCorn5vAMzZR5LXcZwqRwj S7aBzNnZZIggkwy/CstFRQynWRQtshPdrscQRtXRdybXDQmjWrBVVg== -----END CERTIFICATE-----Generated at Sat Dec 6 18:41:24 2025 by rpki-client