This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142072.roa File: AS142072.roa (raw, json) Hash identifier: 2fnz4jLd3xWLqgAxy3q0xzW5JSzRpqyfGBe54h+9MTU= Subject key identifier: ED:F1:53:D9:30:D3:C3:BE:42:33:A8:6E:62:93:17:E2:59:5E:10:3A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 353D4BDC5142E3AAEEEDDF324DCD98FDF900FF1A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142072.roa Signing time: Tue 20 Jan 2026 01:10:22 +0000 ROA not before: Tue 20 Jan 2026 01:05:22 +0000 ROA not after: Tue 19 Jan 2027 01:10:22 +0000 asID: 142072 IP address blocks: 2001:253:206::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 25 Jan 2026 19:21:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:3d:4b:dc:51:42:e3:aa:ee:ed:df:32:4d:cd:98:fd:f9:00:ff:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Jan 20 01:05:22 2026 GMT Not After : Jan 19 01:10:22 2027 GMT Subject: CN=EDF153D930D3C3BE4233A86E629317E2595E103A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:2e:96:94:01:85:c5:d8:00:dd:c3:da:6a:20: 59:ab:4d:dd:b1:ed:47:e7:e6:02:f9:b2:a0:a2:8e: 9a:2b:ed:64:9f:a1:dd:a7:ad:5b:88:03:d5:0f:b2: 60:ce:69:8c:ad:fc:01:be:ef:ce:b0:1d:f2:1b:c0: d7:9a:99:fc:57:42:a2:8d:83:c4:54:1a:ef:3e:6f: 4a:13:41:6e:dd:bc:2f:26:54:8e:2c:47:b6:eb:96: 48:8a:c1:45:0d:d1:15:2f:84:e0:06:b6:d5:ca:8a: 0f:0b:62:08:42:8c:04:78:0e:b6:da:5f:37:cb:9e: f3:92:7d:dd:06:fa:53:97:84:80:7e:a7:1e:c0:c7: 76:31:a8:fb:1e:01:dc:be:6d:7a:e5:82:4c:f1:b8: 61:4a:48:0b:1d:88:fa:62:a7:19:ea:83:f5:b7:f2: a6:cf:f4:8f:99:9f:e0:ed:f7:f8:85:ff:9c:3e:ab: 90:78:85:a1:b2:a9:79:1c:02:7a:29:1f:fc:f3:e2: 82:82:30:fc:7c:0b:af:bb:44:93:3d:47:17:c4:94: ad:ab:c2:d1:72:f1:39:d6:fb:93:d5:37:d7:5f:11: 39:46:7d:62:26:39:4a:b6:cb:ce:7f:2c:29:85:4d: 98:c2:55:f0:3d:79:43:1e:6d:c2:22:98:9a:e4:d7: 34:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:F1:53:D9:30:D3:C3:BE:42:33:A8:6E:62:93:17:E2:59:5E:10:3A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142072.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:253:206::/48 Signature Algorithm: sha256WithRSAEncryption cf:de:f0:15:2c:d6:cb:da:5f:d2:9c:0d:46:c3:73:ba:51:87: 87:2e:1f:4d:46:af:8e:c8:df:31:71:0b:ff:50:bb:e5:4c:87: 61:a4:77:f9:b5:13:e1:2a:a9:2c:46:8b:fe:23:6c:fb:0e:c8: af:9e:46:3a:2f:83:b7:cb:16:57:c7:df:7e:84:e6:ce:3c:4f: b9:66:12:4e:b4:f2:85:52:f1:43:86:63:f6:54:c6:78:cb:79: 02:d2:42:d4:12:9b:43:e1:5d:6b:1b:97:b8:0c:d3:40:21:b7: 5f:ed:c0:b9:0e:a8:89:02:5d:db:7c:9b:60:d1:3c:30:09:a1: a4:00:53:d1:d5:50:24:53:d1:5f:86:2b:cb:cb:b5:e9:00:08: 35:93:84:c2:42:de:06:d6:bc:08:1d:17:72:3d:88:f4:4f:e8: 90:6b:cd:10:81:b8:29:b9:a1:a0:a6:0d:36:c8:79:d2:a8:67: d7:77:23:2f:a2:56:70:4d:98:53:56:ef:fc:77:a3:ed:14:3c: 38:f5:18:f3:8c:1a:1f:9b:aa:7c:eb:d8:cc:8d:5a:b4:61:87: e8:15:f8:16:f1:7e:3b:25:76:67:6c:c0:30:58:76:17:2b:64: 5e:7c:59:bb:48:6a:8d:1a:08:d9:ef:12:9e:e5:26:ee:22:2e: 36:f3:a5:de -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUNT1L3FFC46ru7d8yTc2Y/fkA/xowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDEyMDAxMDUyMloX DTI3MDExOTAxMTAyMlowMzExMC8GA1UEAxMoRURGMTUzRDkzMEQzQzNCRTQyMzNB ODZFNjI5MzE3RTI1OTVFMTAzQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKoulpQBhcXYAN3D2mogWatN3bHtR+fmAvmyoKKOmivtZJ+h3aetW4gD1Q+y YM5pjK38Ab7vzrAd8hvA15qZ/FdCoo2DxFQa7z5vShNBbt28LyZUjixHtuuWSIrB RQ3RFS+E4Aa21cqKDwtiCEKMBHgOttpfN8ue85J93Qb6U5eEgH6nHsDHdjGo+x4B 3L5teuWCTPG4YUpICx2I+mKnGeqD9bfyps/0j5mf4O33+IX/nD6rkHiFobKpeRwC eikf/PPigoIw/HwLr7tEkz1HF8SUravC0XLxOdb7k9U3118ROUZ9YiY5SrbLzn8s KYVNmMJV8D15Qx5twiKYmuTXNI8CAwEAAaOCAccwggHDMB0GA1UdDgQWBBTt8VPZ MNPDvkIzqG5ikxfiWV4QOjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjA3Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACAB AlMCBjANBgkqhkiG9w0BAQsFAAOCAQEAz97wFSzWy9pf0pwNRsNzulGHhy4fTUav jsjfMXEL/1C75UyHYaR3+bUT4SqpLEaL/iNs+w7Ir55GOi+Dt8sWV8fffoTmzjxP uWYSTrTyhVLxQ4Zj9lTGeMt5AtJC1BKbQ+FdaxuXuAzTQCG3X+3AuQ6oiQJd23yb YNE8MAmhpABT0dVQJFPRX4Yry8u16QAINZOEwkLeBta8CB0Xcj2I9E/okGvNEIG4 KbmhoKYNNsh50qhn13cjL6JWcE2YU1bv/Hej7RQ8OPUY84waH5uqfOvYzI1atGGH 6BX4FvF+OyV2Z2zAMFh2FytkXnxZu0hqjRoI2e8SnuUm7iIuNvOl3g== -----END CERTIFICATE-----Generated at Sun Jan 25 13:34:58 2026 by rpki-client