This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142070.roa File: AS142070.roa (raw, json) Hash identifier: 5a+pCiKpDh8ax9eizUsm20lVe6D4E8Vx1eQDVEphLUU= Subject key identifier: D9:39:54:73:09:C1:FD:EC:35:DE:6F:E8:43:24:CF:75:87:D3:A0:C4 Certificate issuer: /CN=A91E5D610001/serialNumber=0B275E5B466B941AB84A742B4E3832BB1FDFEC9E Certificate serial: 7C7A3370D44D03371F9AC001727DDF12E01028FF Authority key identifier: 0B:27:5E:5B:46:6B:94:1A:B8:4A:74:2B:4E:38:32:BB:1F:DF:EC:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142070.roa Signing time: Tue 02 Dec 2025 08:47:48 +0000 ROA not before: Tue 02 Dec 2025 08:42:48 +0000 ROA not after: Tue 01 Dec 2026 08:47:48 +0000 asID: 142070 IP address blocks: 2001:253:204::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.crl rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 03:19:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:7a:33:70:d4:4d:03:37:1f:9a:c0:01:72:7d:df:12:e0:10:28:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=0B275E5B466B941AB84A742B4E3832BB1FDFEC9E Validity Not Before: Dec 2 08:42:48 2025 GMT Not After : Dec 1 08:47:48 2026 GMT Subject: CN=D939547309C1FDEC35DE6FE84324CF7587D3A0C4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:02:a5:6c:5f:a1:fa:f3:31:73:29:00:85:3a: f0:6b:da:37:be:1e:81:03:02:53:f6:73:33:3f:60: 3c:90:ea:e5:8e:4b:4e:f8:99:7f:08:cc:2b:e9:32: 98:04:a6:5b:b3:f1:31:37:12:70:f9:d9:81:9f:36: d0:c8:08:01:13:38:f8:e7:07:18:e4:ba:4a:ff:a8: de:57:a1:05:97:18:73:f7:fa:52:2e:e3:87:1e:f3: 37:44:7c:6b:27:66:29:dc:d9:0e:f5:be:83:80:b6: 1d:6c:9a:c5:98:07:f4:2f:30:5b:93:5e:e1:c3:85: c7:b6:5e:a1:f8:9b:70:d1:e4:cf:f8:3b:f1:6d:ad: 9c:ac:01:92:40:86:9f:aa:d6:70:2f:70:f8:e8:77: 3a:db:06:3e:da:d9:b7:be:c0:dd:ea:1b:27:b7:0c: 2e:bb:8e:e0:5a:33:8d:1b:e1:a7:b4:ab:5c:bd:5c: 07:16:0a:5e:16:43:39:2d:02:7a:86:9d:93:7f:a4: 54:03:76:a9:2f:7b:9a:19:d8:40:0a:39:c2:e2:9f: 99:b5:c8:ad:d6:6a:28:88:0b:8a:3d:25:54:bd:d0: bc:78:50:2b:66:0b:fa:b4:d6:85:2f:f7:db:17:1f: 7d:7d:66:5c:c3:d3:99:0c:57:b6:15:d4:a6:49:f3: 7c:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:39:54:73:09:C1:FD:EC:35:DE:6F:E8:43:24:CF:75:87:D3:A0:C4 X509v3 Authority Key Identifier: keyid:0B:27:5E:5B:46:6B:94:1A:B8:4A:74:2B:4E:38:32:BB:1F:DF:EC:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142070.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:253:204::/48 Signature Algorithm: sha256WithRSAEncryption 77:3d:1b:fd:0e:03:2d:82:cd:4d:77:6c:79:71:5f:58:20:8b: 5c:5c:c1:58:fc:b9:16:b9:2e:b1:2f:f0:2a:9c:3c:e2:db:04: 7a:1b:08:8e:7d:c3:69:47:4f:72:7b:4d:b5:e8:b0:9e:e4:01: 9f:14:4b:5e:fb:b6:93:cd:91:c7:2f:25:29:99:bb:9d:4d:a7: 68:57:00:e7:4a:65:b5:f2:b6:27:ea:87:af:1b:67:31:5d:12: f6:3a:e1:41:90:a0:59:82:ac:27:51:5c:c6:26:9c:b0:8e:6e: 82:2c:19:bb:7b:f2:0a:15:a5:73:1f:fd:31:38:23:6c:97:98: db:a8:b0:ec:e4:af:6c:f0:2e:4e:58:a5:eb:95:0b:c3:82:c8: bf:6b:19:bc:a5:49:4e:ab:af:3c:09:8b:32:6b:ed:9e:13:b1: 7f:f2:22:9d:07:8e:da:b6:3d:61:ca:d9:e9:7b:c5:ec:60:6a: 7c:95:cf:16:20:62:79:51:6a:4f:07:5c:b6:c6:4e:6e:9d:0b: 79:1d:0e:12:b6:0d:4f:26:80:7c:19:45:fd:cd:80:4b:a1:10: a7:3d:6b:17:50:e7:35:1a:ea:04:56:15:20:a5:46:e2:25:e1: 9a:28:17:66:42:12:2b:51:e6:6e:08:85:23:3d:3a:13:a6:26: b1:97:e5:a0 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUfHozcNRNAzcfmsABcn3fEuAQKP8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwQjI3NUU1QjQ2 NkI5NDFBQjg0QTc0MkI0RTM4MzJCQjFGREZFQzlFMB4XDTI1MTIwMjA4NDI0OFoX DTI2MTIwMTA4NDc0OFowMzExMC8GA1UEAxMoRDkzOTU0NzMwOUMxRkRFQzM1REU2 RkU4NDMyNENGNzU4N0QzQTBDNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMQCpWxfofrzMXMpAIU68GvaN74egQMCU/ZzMz9gPJDq5Y5LTviZfwjMK+ky mASmW7PxMTcScPnZgZ820MgIARM4+OcHGOS6Sv+o3lehBZcYc/f6Ui7jhx7zN0R8 aydmKdzZDvW+g4C2HWyaxZgH9C8wW5Ne4cOFx7ZeofibcNHkz/g78W2tnKwBkkCG n6rWcC9w+Oh3OtsGPtrZt77A3eobJ7cMLruO4FozjRvhp7SrXL1cBxYKXhZDOS0C eoadk3+kVAN2qS97mhnYQAo5wuKfmbXIrdZqKIgLij0lVL3QvHhQK2YL+rTWhS/3 2xcffX1mXMPTmQxXthXUpknzfEUCAwEAAaOCAccwggHDMB0GA1UdDgQWBBTZOVRz CcH97DXeb+hDJM91h9OgxDAfBgNVHSMEGDAWgBQLJ15bRmuUGrhKdCtOODK7H9/s njAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wQjI3NUU1QjQ2NkI5NDFBQjg0QTc0 MkI0RTM4MzJCQjFGREZFQzlFLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9DeWRlVzBacmxCcTRTblFyVGpneXV4X2Y3 SjQuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjA3MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACAB AlMCBDANBgkqhkiG9w0BAQsFAAOCAQEAdz0b/Q4DLYLNTXdseXFfWCCLXFzBWPy5 FrkusS/wKpw84tsEehsIjn3DaUdPcntNteiwnuQBnxRLXvu2k82Rxy8lKZm7nU2n aFcA50pltfK2J+qHrxtnMV0S9jrhQZCgWYKsJ1FcxiacsI5ugiwZu3vyChWlcx/9 MTgjbJeY26iw7OSvbPAuTlil65ULw4LIv2sZvKVJTquvPAmLMmvtnhOxf/IinQeO 2rY9YcrZ6XvF7GBqfJXPFiBieVFqTwdctsZObp0LeR0OErYNTyaAfBlF/c2AS6EQ pz1rF1DnNRrqBFYVIKVG4iXhmigXZkISK1HmbgiFIz06E6YmsZfloA== -----END CERTIFICATE-----Generated at Sat Dec 6 18:41:24 2025 by rpki-client