This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142071.roa File: AS142071.roa (raw, json) Hash identifier: XIwHq3SrZXTPsXK7YIlczfjvQF25hGjZ73vviv0YewM= Subject key identifier: 99:27:A8:A3:03:86:61:80:95:15:93:CC:2D:E8:49:E3:A9:32:8A:60 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 513D1232083931E720E3EC7CE34BC91AF5B18F07 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142071.roa Signing time: Tue 20 Jan 2026 01:10:22 +0000 ROA not before: Tue 20 Jan 2026 01:05:22 +0000 ROA not after: Tue 19 Jan 2027 01:10:22 +0000 asID: 142071 IP address blocks: 2001:253:205::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 25 Jan 2026 19:21:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:3d:12:32:08:39:31:e7:20:e3:ec:7c:e3:4b:c9:1a:f5:b1:8f:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Jan 20 01:05:22 2026 GMT Not After : Jan 19 01:10:22 2027 GMT Subject: CN=9927A8A303866180951593CC2DE849E3A9328A60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:65:35:2a:d5:20:be:28:99:56:2a:4b:cb:ad: 1c:7a:68:ac:49:77:d5:1b:16:a4:95:99:54:f9:52: fe:ac:80:b2:aa:b7:57:b1:ab:cf:f0:50:73:e8:44: 8a:68:17:0a:5c:fa:cd:6b:49:8e:bb:ca:92:2c:7a: a3:f0:3a:82:38:36:98:44:dd:cd:17:61:9c:2c:0c: 3c:b9:74:6f:68:f2:d7:ca:1c:32:03:d7:b2:4b:14: 7d:35:2f:89:08:d8:5f:68:b7:a3:67:a6:37:80:63: 41:bb:78:ec:9e:d7:f7:eb:a5:de:6a:2f:b1:b6:9c: 3f:54:df:20:5e:4a:d6:65:b7:5d:69:63:90:8c:7f: 4a:ec:a9:37:12:9c:bc:da:03:07:47:1e:3b:5d:ef: c3:cf:fc:f7:46:02:f3:d3:2c:7e:6f:f7:1c:86:78: b1:65:68:3b:6d:b5:28:3f:73:e3:c3:3b:f3:f8:08: 25:c5:18:08:a8:dc:7f:e7:c4:99:36:2d:75:d2:25: 9a:8f:58:85:d5:84:69:11:05:91:8d:4a:91:22:30: 82:58:6f:bf:02:86:d7:2f:f8:38:b5:7a:f9:41:72: 3d:c0:c7:51:91:b0:28:e8:97:6a:cf:a6:42:95:f6: 4c:87:9d:c2:c6:c6:22:5f:eb:77:cb:cd:b2:4c:2b: bb:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:27:A8:A3:03:86:61:80:95:15:93:CC:2D:E8:49:E3:A9:32:8A:60 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142071.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:253:205::/48 Signature Algorithm: sha256WithRSAEncryption 1f:1b:1b:aa:38:b2:42:ba:d6:dc:e8:ee:d8:1d:cf:76:65:1e: 33:b1:9d:da:0e:fa:ed:5b:68:63:36:77:b0:60:97:16:33:b0: 01:02:70:c3:64:d0:bb:af:86:5c:df:b9:ad:56:88:09:20:1b: 60:d2:88:68:9f:8c:f7:ba:23:3a:2a:dd:31:ae:4e:40:2d:8d: f7:17:43:64:04:40:ad:54:02:13:9e:ee:29:d4:06:0c:55:0d: a8:3d:b0:34:73:cd:8c:8a:c9:8b:5e:68:a7:bd:46:e0:13:f2: 7c:be:99:a8:ba:cf:13:2c:ba:5a:b5:0d:6f:25:0f:31:59:dd: 79:1a:8c:b9:72:10:7b:83:b0:03:26:0f:c3:1c:c2:2f:46:9a: 22:07:3b:99:fa:ad:b1:67:6c:c5:f6:ce:c1:e4:40:2f:50:cb: 83:83:bd:b8:3b:44:e5:77:c3:32:fd:72:a3:7d:80:8b:c6:fe: b9:d3:c2:40:1b:b5:de:34:4e:28:64:3b:5e:27:56:92:28:5c: 0e:5f:10:89:87:48:5a:64:af:cf:e1:c5:38:0e:f7:4b:17:75: 57:ef:9d:ac:ce:62:0b:67:27:9f:d2:6e:af:7a:b4:0c:f9:54: 21:c1:7f:0a:f2:3e:51:c5:5f:78:00:f4:6f:00:4c:21:a5:85: 21:3b:03:05 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUUT0SMgg5Mecg4+x840vJGvWxjwcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDEyMDAxMDUyMloX DTI3MDExOTAxMTAyMlowMzExMC8GA1UEAxMoOTkyN0E4QTMwMzg2NjE4MDk1MTU5 M0NDMkRFODQ5RTNBOTMyOEE2MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL1lNSrVIL4omVYqS8utHHporEl31RsWpJWZVPlS/qyAsqq3V7Grz/BQc+hE imgXClz6zWtJjrvKkix6o/A6gjg2mETdzRdhnCwMPLl0b2jy18ocMgPXsksUfTUv iQjYX2i3o2emN4BjQbt47J7X9+ul3movsbacP1TfIF5K1mW3XWljkIx/SuypNxKc vNoDB0ceO13vw8/890YC89Msfm/3HIZ4sWVoO221KD9z48M78/gIJcUYCKjcf+fE mTYtddIlmo9YhdWEaREFkY1KkSIwglhvvwKG1y/4OLV6+UFyPcDHUZGwKOiXas+m QpX2TIedwsbGIl/rd8vNskwru4UCAwEAAaOCAccwggHDMB0GA1UdDgQWBBSZJ6ij A4ZhgJUVk8wt6EnjqTKKYDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjA3MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACAB AlMCBTANBgkqhkiG9w0BAQsFAAOCAQEAHxsbqjiyQrrW3Oju2B3PdmUeM7Gd2g76 7VtoYzZ3sGCXFjOwAQJww2TQu6+GXN+5rVaICSAbYNKIaJ+M97ojOirdMa5OQC2N 9xdDZARArVQCE57uKdQGDFUNqD2wNHPNjIrJi15op71G4BPyfL6ZqLrPEyy6WrUN byUPMVndeRqMuXIQe4OwAyYPwxzCL0aaIgc7mfqtsWdsxfbOweRAL1DLg4O9uDtE 5XfDMv1yo32Ai8b+udPCQBu13jROKGQ7XidWkihcDl8QiYdIWmSvz+HFOA73Sxd1 V++drM5iC2cnn9Jur3q0DPlUIcF/CvI+UcVfeAD0bwBMIaWFITsDBQ== -----END CERTIFICATE-----Generated at Sun Jan 25 13:35:00 2026 by rpki-client