This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142070.roa File: AS142070.roa (raw, json) Hash identifier: /oXzZC+W98fn94pWVHY6QJzAd8vpnQESTAc8QEmRdmQ= Subject key identifier: A1:6A:18:63:72:35:01:18:4A:6B:70:0E:89:9C:D5:81:B0:DF:EB:3C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1CFF9E39AA06C14020FDD4E5D458566AD21A2DAB Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142070.roa Signing time: Tue 20 Jan 2026 01:10:14 +0000 ROA not before: Tue 20 Jan 2026 01:05:14 +0000 ROA not after: Tue 19 Jan 2027 01:10:14 +0000 asID: 142070 IP address blocks: 2001:253:204::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 26 Jan 2026 12:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:ff:9e:39:aa:06:c1:40:20:fd:d4:e5:d4:58:56:6a:d2:1a:2d:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Jan 20 01:05:14 2026 GMT Not After : Jan 19 01:10:14 2027 GMT Subject: CN=A16A1863723501184A6B700E899CD581B0DFEB3C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:2b:ed:df:ec:2d:90:97:33:df:c6:4f:c3:d0: ae:48:6f:4e:6f:8e:3f:f2:fe:32:a1:26:7a:59:82: b0:a2:cd:c7:08:5c:b8:41:e5:c8:a1:89:e1:12:11: f0:48:51:e6:39:7c:9b:58:18:4a:f9:49:95:26:0c: 5e:e8:6a:0c:41:ea:5d:8f:ef:2e:25:e0:fb:b1:00: 0e:a5:20:c8:b7:05:8a:34:5f:28:fa:94:47:a5:e8: ea:ed:d3:66:8f:b9:85:2c:3f:56:be:84:4d:01:40: 91:ff:8b:e2:f1:f6:d7:95:90:26:b4:31:fd:f3:20: 54:08:36:f9:a3:23:62:7d:9b:52:05:7d:b0:a6:10: 08:41:54:94:5b:3a:dd:44:60:d6:01:1c:f3:c8:f3: 0e:62:a9:aa:af:46:25:83:bd:00:5c:93:e8:b7:98: 37:cd:6f:e0:7f:5b:f5:0e:e7:b0:7d:9a:aa:4d:cc: 84:f8:98:8a:32:94:32:85:70:28:5c:b6:73:d8:e4: c4:4a:30:32:5c:e8:f3:5c:a4:eb:91:b8:74:72:dc: 1c:64:b9:83:64:a6:d6:10:48:56:99:38:f6:1a:91: 5b:34:93:11:ad:63:ff:d7:a8:d8:0d:ce:78:08:d8: 11:20:be:69:f2:ac:8b:22:e1:30:f1:47:d3:25:b8: 45:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:6A:18:63:72:35:01:18:4A:6B:70:0E:89:9C:D5:81:B0:DF:EB:3C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142070.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:253:204::/48 Signature Algorithm: sha256WithRSAEncryption 12:66:06:0e:4b:09:fe:4e:1e:0a:97:63:d6:bd:0e:58:a8:36: 2b:c2:f4:96:55:7d:be:cf:41:c2:ed:1b:8c:22:61:ce:a1:37: c9:02:76:ca:26:9a:6f:fc:2f:75:06:64:b4:83:4a:41:06:ff: 63:ec:09:22:d2:8f:5c:17:f0:0c:08:35:be:e8:f8:9d:af:6b: 67:d0:13:ee:b0:81:56:dd:38:f7:b4:ff:ce:24:f8:7a:bc:a8: f5:0d:f6:d9:ef:53:76:ea:88:40:72:58:3d:bd:3e:35:e7:da: 5c:32:26:ab:89:41:21:00:a5:bf:66:51:1b:0e:ae:7f:d2:2b: 46:c3:9f:3f:9b:97:bd:7c:2d:da:ad:c9:2b:25:df:56:fc:43: 4a:f5:ad:15:85:4d:d6:b0:bd:d3:c4:0e:70:7c:27:ea:6b:6a: 8c:b2:70:d0:b8:80:b4:4b:e0:03:02:e3:3b:c1:f3:36:5a:1f: 8a:1f:ff:e3:db:59:83:1f:f3:17:c3:05:dd:43:35:ff:15:74: 22:ac:17:77:bf:4a:1a:a7:a1:2f:a1:f3:09:1e:13:0c:a1:3f: 76:f6:68:27:44:b8:c9:52:77:22:f4:8e:3e:b9:75:f1:2c:71: 3e:f6:fc:fd:23:54:6f:e6:93:75:1f:bd:aa:f9:dd:43:49:65: 06:f3:33:d9 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUHP+eOaoGwUAg/dTl1FhWatIaLaswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDEyMDAxMDUxNFoX DTI3MDExOTAxMTAxNFowMzExMC8GA1UEAxMoQTE2QTE4NjM3MjM1MDExODRBNkI3 MDBFODk5Q0Q1ODFCMERGRUIzQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKkr7d/sLZCXM9/GT8PQrkhvTm+OP/L+MqEmelmCsKLNxwhcuEHlyKGJ4RIR 8EhR5jl8m1gYSvlJlSYMXuhqDEHqXY/vLiXg+7EADqUgyLcFijRfKPqUR6Xo6u3T Zo+5hSw/Vr6ETQFAkf+L4vH215WQJrQx/fMgVAg2+aMjYn2bUgV9sKYQCEFUlFs6 3URg1gEc88jzDmKpqq9GJYO9AFyT6LeYN81v4H9b9Q7nsH2aqk3MhPiYijKUMoVw KFy2c9jkxEowMlzo81yk65G4dHLcHGS5g2Sm1hBIVpk49hqRWzSTEa1j/9eo2A3O eAjYESC+afKsiyLhMPFH0yW4RUcCAwEAAaOCAccwggHDMB0GA1UdDgQWBBShahhj cjUBGEprcA6JnNWBsN/rPDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjA3MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACAB AlMCBDANBgkqhkiG9w0BAQsFAAOCAQEAEmYGDksJ/k4eCpdj1r0OWKg2K8L0llV9 vs9Bwu0bjCJhzqE3yQJ2yiaab/wvdQZktINKQQb/Y+wJItKPXBfwDAg1vuj4na9r Z9AT7rCBVt0497T/ziT4eryo9Q322e9TduqIQHJYPb0+NefaXDImq4lBIQClv2ZR Gw6uf9IrRsOfP5uXvXwt2q3JKyXfVvxDSvWtFYVN1rC908QOcHwn6mtqjLJw0LiA tEvgAwLjO8HzNlofih//49tZgx/zF8MF3UM1/xV0IqwXd79KGqehL6HzCR4TDKE/ dvZoJ0S4yVJ3IvSOPrl18SxxPvb8/SNUb+aTdR+9qvndQ0llBvMz2Q== -----END CERTIFICATE-----Generated at Sun Jan 25 15:17:15 2026 by rpki-client