This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142068.roa File: AS142068.roa (raw, json) Hash identifier: uI6udKxviZBPBh5Gve2GoSBThINGoui5K7jpHfcWDt0= Subject key identifier: 22:1A:6F:84:E8:7B:50:1D:13:E7:A2:E9:A6:0C:C1:4E:F6:FB:94:A1 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 63D2BCB7C5FF11F5103FC47D662A768EA4729A9E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142068.roa Signing time: Tue 20 Jan 2026 01:10:17 +0000 ROA not before: Tue 20 Jan 2026 01:05:17 +0000 ROA not after: Tue 19 Jan 2027 01:10:17 +0000 asID: 142068 IP address blocks: 2001:253:202::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 26 Jan 2026 12:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:d2:bc:b7:c5:ff:11:f5:10:3f:c4:7d:66:2a:76:8e:a4:72:9a:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Jan 20 01:05:17 2026 GMT Not After : Jan 19 01:10:17 2027 GMT Subject: CN=221A6F84E87B501D13E7A2E9A60CC14EF6FB94A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:e8:27:9f:17:2e:4b:7b:8d:e8:ce:77:f9:8c: 41:dc:77:7d:7a:96:e9:31:36:62:ee:27:ef:0e:9f: 31:a6:43:77:8a:ad:cd:fe:aa:2b:bb:b2:7d:19:31: 5d:12:de:8a:0b:70:35:26:31:a9:67:ac:06:5a:12: 27:f8:bd:34:65:5d:6e:c9:16:2a:5c:cf:b3:85:c7: ac:9c:a7:9d:f7:9b:ff:43:52:68:c7:cc:ae:9a:89: a7:b9:ce:cc:69:0f:51:50:0b:ba:95:24:ce:ee:a6: af:2b:d5:a2:5e:67:64:9e:aa:44:67:d1:5d:3a:60: 8a:3a:2e:a4:12:d3:7f:10:89:20:f7:7c:de:03:f2: 45:32:cf:e8:a4:ba:6b:6d:f0:9f:b3:d6:33:1c:c4: 40:92:0b:55:8d:ed:3c:f1:e5:33:11:28:00:b8:8b: e1:18:fb:ad:f8:fb:60:67:6a:b4:ee:80:49:65:71: 5d:84:60:de:e5:93:52:27:c2:57:ce:16:a1:73:95: fd:57:f1:de:10:3f:d3:89:ca:d0:19:ee:fe:8a:2a: 72:31:6d:82:cf:27:47:c0:71:79:e4:1d:e0:73:53: 88:06:44:c2:bc:94:d3:91:f8:61:be:5a:e4:5e:43: b5:66:f2:8b:27:1c:ff:56:b5:8f:b5:1d:6b:0c:d0: 50:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:1A:6F:84:E8:7B:50:1D:13:E7:A2:E9:A6:0C:C1:4E:F6:FB:94:A1 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142068.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:253:202::/48 Signature Algorithm: sha256WithRSAEncryption 44:74:43:64:b9:60:b7:e0:56:44:ab:f6:a7:76:9c:b7:cf:c0: 84:ff:97:7e:c8:9b:61:ab:61:36:b6:36:6e:ac:14:60:04:01: 09:03:41:a2:58:79:39:b6:b5:76:51:75:e0:8e:5b:36:e1:6a: 3d:23:7d:1d:35:42:c9:f6:16:d6:3e:22:20:18:fe:95:6d:45: 65:9b:cd:bd:04:81:ce:76:41:84:c9:0c:c8:7c:4c:2a:f6:05: 00:16:17:12:e3:fa:9b:16:4f:fa:03:f3:5f:77:3d:fe:4f:45: ff:50:5d:f6:ec:5c:57:33:8d:cb:76:20:9e:4a:bf:1c:8f:01: bb:09:09:43:9b:1a:6c:4b:82:b0:82:20:a1:de:68:d1:b1:8e: a0:b6:0d:b9:26:db:6d:c3:4e:bb:7f:80:fd:01:7b:d8:4b:a3: ee:c4:83:33:0e:ef:ef:e5:79:40:eb:10:8b:c8:43:6d:f2:56: 84:e1:7e:35:27:26:91:fb:9d:b5:c8:a2:99:f2:4a:4b:0f:81: d8:dc:05:91:4f:a7:64:58:9c:93:e0:f5:20:ec:f9:d8:d5:12: e0:d8:93:80:53:b5:55:01:85:40:9c:2e:91:7d:91:26:08:d3: 5b:36:42:40:60:5d:3c:8c:e3:ac:45:d5:c6:5c:10:86:c9:3e: 5d:30:ea:99 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUY9K8t8X/EfUQP8R9Zip2jqRymp4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDEyMDAxMDUxN1oX DTI3MDExOTAxMTAxN1owMzExMC8GA1UEAxMoMjIxQTZGODRFODdCNTAxRDEzRTdB MkU5QTYwQ0MxNEVGNkZCOTRBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJroJ58XLkt7jejOd/mMQdx3fXqW6TE2Yu4n7w6fMaZDd4qtzf6qK7uyfRkx XRLeigtwNSYxqWesBloSJ/i9NGVdbskWKlzPs4XHrJynnfeb/0NSaMfMrpqJp7nO zGkPUVALupUkzu6mryvVol5nZJ6qRGfRXTpgijoupBLTfxCJIPd83gPyRTLP6KS6 a23wn7PWMxzEQJILVY3tPPHlMxEoALiL4Rj7rfj7YGdqtO6ASWVxXYRg3uWTUifC V84WoXOV/Vfx3hA/04nK0Bnu/ooqcjFtgs8nR8BxeeQd4HNTiAZEwryU05H4Yb5a 5F5DtWbyiycc/1a1j7UdawzQUG8CAwEAAaOCAccwggHDMB0GA1UdDgQWBBQiGm+E 6HtQHRPnoummDMFO9vuUoTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjA2OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACAB AlMCAjANBgkqhkiG9w0BAQsFAAOCAQEARHRDZLlgt+BWRKv2p3act8/AhP+Xfsib YathNrY2bqwUYAQBCQNBolh5Oba1dlF14I5bNuFqPSN9HTVCyfYW1j4iIBj+lW1F ZZvNvQSBznZBhMkMyHxMKvYFABYXEuP6mxZP+gPzX3c9/k9F/1Bd9uxcVzONy3Yg nkq/HI8BuwkJQ5sabEuCsIIgod5o0bGOoLYNuSbbbcNOu3+A/QF72Euj7sSDMw7v 7+V5QOsQi8hDbfJWhOF+NScmkfudtciimfJKSw+B2NwFkU+nZFick+D1IOz52NUS 4NiTgFO1VQGFQJwukX2RJgjTWzZCQGBdPIzjrEXVxlwQhsk+XTDqmQ== -----END CERTIFICATE-----Generated at Sun Jan 25 15:17:17 2026 by rpki-client