This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142071.roa File: AS142071.roa (raw, json) Hash identifier: /PBiK1EKSFaEx9PiPEi7cG9iFdkrG4wWwiIYaTaPe/Q= Subject key identifier: 46:4B:31:56:44:22:1D:A5:41:48:F6:66:A4:55:D6:A6:47:6B:06:91 Certificate issuer: /CN=A91E5D610001/serialNumber=0B275E5B466B941AB84A742B4E3832BB1FDFEC9E Certificate serial: 7FC487156B0A5D23F9F0115E83D94AB806FF81AD Authority key identifier: 0B:27:5E:5B:46:6B:94:1A:B8:4A:74:2B:4E:38:32:BB:1F:DF:EC:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142071.roa Signing time: Tue 02 Dec 2025 08:47:53 +0000 ROA not before: Tue 02 Dec 2025 08:42:53 +0000 ROA not after: Tue 01 Dec 2026 08:47:53 +0000 asID: 142071 IP address blocks: 2001:253:205::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.crl rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 03:19:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:c4:87:15:6b:0a:5d:23:f9:f0:11:5e:83:d9:4a:b8:06:ff:81:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=0B275E5B466B941AB84A742B4E3832BB1FDFEC9E Validity Not Before: Dec 2 08:42:53 2025 GMT Not After : Dec 1 08:47:53 2026 GMT Subject: CN=464B315644221DA54148F666A455D6A6476B0691 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:d2:74:af:8e:2c:5c:06:9c:e0:9d:ab:00:14: 82:b0:45:d6:80:e4:73:e1:32:aa:33:89:84:60:29: 37:69:89:98:e3:91:c3:52:63:bd:a8:54:3e:c8:e6: de:48:86:a4:4a:48:ad:b7:f7:da:44:4c:fc:82:fa: 41:5b:bc:76:d8:dc:88:cb:45:e3:f9:e0:2b:76:06: 53:96:1b:b4:75:a7:b8:ba:17:ea:ff:c3:94:b0:4c: bc:98:09:61:57:f9:39:09:e4:5d:c3:93:31:ad:ed: ef:7a:37:db:45:fd:67:61:48:3f:38:d1:f9:ab:17: af:5f:1a:8f:30:1c:3d:72:f9:2c:11:39:ce:fb:ce: 9a:43:f3:bd:47:89:e2:97:9c:a3:f4:11:83:77:04: d6:1b:3a:79:23:36:af:e6:81:0d:53:10:66:74:f3: e0:fc:37:24:f5:0c:32:9e:3e:fd:07:7d:ae:fc:09: 0e:30:81:f8:7a:a4:fb:77:4b:a8:22:a8:66:b1:1f: b1:cb:49:d5:1a:59:f5:b5:2b:30:34:37:be:f3:f8: 66:1e:7a:41:0f:11:27:5f:a2:42:e2:a2:37:2b:d8: fb:e1:cc:48:38:bc:3b:bf:37:24:37:3c:84:75:9a: af:45:28:ac:55:d1:7d:66:85:67:54:ee:b6:c5:e5: 0d:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:4B:31:56:44:22:1D:A5:41:48:F6:66:A4:55:D6:A6:47:6B:06:91 X509v3 Authority Key Identifier: keyid:0B:27:5E:5B:46:6B:94:1A:B8:4A:74:2B:4E:38:32:BB:1F:DF:EC:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142071.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:253:205::/48 Signature Algorithm: sha256WithRSAEncryption 6e:ea:61:5c:12:73:42:ba:bc:40:21:6f:20:7e:56:11:f2:0a: a5:ea:41:03:39:81:e1:1b:33:42:85:ed:eb:f2:6d:d4:e7:9f: 07:d7:3f:61:54:e2:2a:37:4f:59:b0:dc:1f:0a:27:f4:51:0c: 8d:9c:98:c5:f4:4b:8a:fa:59:ad:63:58:cd:9e:1c:74:2f:b9: c5:5f:36:4c:3e:a9:b2:30:13:26:08:ef:a5:46:88:52:21:ba: 6f:f9:2b:72:8d:6d:ff:0f:80:eb:ec:44:d1:79:dc:78:41:4a: 0b:93:01:76:b9:a7:1d:cb:b2:dd:cc:ab:f0:ef:97:89:10:90: f1:a2:81:e1:52:f8:7f:84:b0:07:32:60:53:8b:19:be:9c:ed: 57:83:67:33:43:5e:26:6d:60:b2:1d:7a:be:7d:6e:5a:54:c3: e0:10:d1:eb:3e:05:ab:a3:54:51:04:58:2c:f7:e5:f6:fd:e1: e4:d0:3d:36:d4:03:e9:0f:b8:ee:1a:48:7d:ce:69:d2:d1:fe: 19:9c:92:cb:fd:47:bd:68:b9:05:d9:ca:18:2f:84:48:36:aa: 5b:79:61:07:7c:44:72:f5:7b:b7:7d:3d:dc:68:73:4b:d8:f4: 5d:5f:3f:59:4e:1d:53:20:f3:23:20:67:ab:d0:cb:cf:17:fb: d6:41:34:d2 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUf8SHFWsKXSP58BFeg9lKuAb/ga0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwQjI3NUU1QjQ2 NkI5NDFBQjg0QTc0MkI0RTM4MzJCQjFGREZFQzlFMB4XDTI1MTIwMjA4NDI1M1oX DTI2MTIwMTA4NDc1M1owMzExMC8GA1UEAxMoNDY0QjMxNTY0NDIyMURBNTQxNDhG NjY2QTQ1NUQ2QTY0NzZCMDY5MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL3SdK+OLFwGnOCdqwAUgrBF1oDkc+EyqjOJhGApN2mJmOORw1JjvahUPsjm 3kiGpEpIrbf32kRM/IL6QVu8dtjciMtF4/ngK3YGU5YbtHWnuLoX6v/DlLBMvJgJ YVf5OQnkXcOTMa3t73o320X9Z2FIPzjR+asXr18ajzAcPXL5LBE5zvvOmkPzvUeJ 4peco/QRg3cE1hs6eSM2r+aBDVMQZnTz4Pw3JPUMMp4+/Qd9rvwJDjCB+Hqk+3dL qCKoZrEfsctJ1RpZ9bUrMDQ3vvP4Zh56QQ8RJ1+iQuKiNyvY++HMSDi8O783JDc8 hHWar0UorFXRfWaFZ1TutsXlDRkCAwEAAaOCAccwggHDMB0GA1UdDgQWBBRGSzFW RCIdpUFI9makVdamR2sGkTAfBgNVHSMEGDAWgBQLJ15bRmuUGrhKdCtOODK7H9/s njAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wQjI3NUU1QjQ2NkI5NDFBQjg0QTc0 MkI0RTM4MzJCQjFGREZFQzlFLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9DeWRlVzBacmxCcTRTblFyVGpneXV4X2Y3 SjQuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjA3MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACAB AlMCBTANBgkqhkiG9w0BAQsFAAOCAQEAbuphXBJzQrq8QCFvIH5WEfIKpepBAzmB 4RszQoXt6/Jt1OefB9c/YVTiKjdPWbDcHwon9FEMjZyYxfRLivpZrWNYzZ4cdC+5 xV82TD6psjATJgjvpUaIUiG6b/krco1t/w+A6+xE0XnceEFKC5MBdrmnHcuy3cyr 8O+XiRCQ8aKB4VL4f4SwBzJgU4sZvpztV4NnM0NeJm1gsh16vn1uWlTD4BDR6z4F q6NUUQRYLPfl9v3h5NA9NtQD6Q+47hpIfc5p0tH+GZySy/1HvWi5BdnKGC+ESDaq W3lhB3xEcvV7t3093GhzS9j0XV8/WU4dUyDzIyBnq9DLzxf71kE00g== -----END CERTIFICATE-----Generated at Sat Dec 6 18:41:23 2025 by rpki-client