This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142085.roa File: AS142085.roa (raw, json) Hash identifier: XCnWS2wXAf910VPK/bAn8idLGeWu1E/VROSXpuE6Vv4= Subject key identifier: A3:C2:D2:6A:33:EF:19:FB:85:65:D3:6C:02:65:C2:E4:F9:7B:85:61 Certificate issuer: /CN=A91E5D610001/serialNumber=0B275E5B466B941AB84A742B4E3832BB1FDFEC9E Certificate serial: 0880CB9A3D8583851023E67C183A6DC5118EC7C0 Authority key identifier: 0B:27:5E:5B:46:6B:94:1A:B8:4A:74:2B:4E:38:32:BB:1F:DF:EC:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142085.roa Signing time: Tue 02 Dec 2025 08:47:47 +0000 ROA not before: Tue 02 Dec 2025 08:42:47 +0000 ROA not after: Tue 01 Dec 2026 08:47:47 +0000 asID: 142085 IP address blocks: 2001:253:219::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.crl rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 03:19:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:80:cb:9a:3d:85:83:85:10:23:e6:7c:18:3a:6d:c5:11:8e:c7:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=0B275E5B466B941AB84A742B4E3832BB1FDFEC9E Validity Not Before: Dec 2 08:42:47 2025 GMT Not After : Dec 1 08:47:47 2026 GMT Subject: CN=A3C2D26A33EF19FB8565D36C0265C2E4F97B8561 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:24:4b:62:25:74:c9:76:b5:03:8a:32:85:fe: 2e:67:71:42:55:c0:f4:99:11:7a:a6:c2:ef:17:f4: 8e:7b:6b:85:1b:d2:71:7b:2f:03:59:2f:e3:bc:1f: 49:79:4c:d7:fa:02:4a:13:4f:e3:33:c2:40:ff:02: 62:65:8c:de:3a:3b:f5:9a:5e:a0:b8:c4:7c:cd:c1: d6:5f:92:80:df:8f:ea:ae:3a:cc:0d:9d:6a:84:4d: 7a:84:6b:04:cf:ab:d0:d0:b5:21:e6:94:fe:42:1a: d8:1c:75:a0:ae:1e:d5:00:fa:08:39:fb:64:76:37: 3f:89:b9:58:4e:90:ec:f9:72:d9:01:d9:41:bf:3c: 89:93:28:25:12:31:70:72:fd:c8:87:c2:6f:e4:0b: a7:82:f4:ef:9d:16:5a:73:22:4f:2c:f8:fa:c0:3e: 19:c0:88:27:51:1c:81:a7:11:3b:c1:b5:e8:7d:6a: 94:03:a3:2d:4e:e8:67:ae:f3:b8:3e:31:19:4d:73: c1:03:1f:30:58:41:5e:62:bb:21:8b:ea:15:a5:38: ab:bf:36:61:92:50:ed:52:74:0e:d1:34:82:4d:ee: 3c:c5:63:e1:59:7b:8a:dd:c6:a8:a8:ef:71:19:bf: 4c:1d:18:95:87:6e:6e:3c:e8:e1:68:a5:74:7d:82: 05:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:C2:D2:6A:33:EF:19:FB:85:65:D3:6C:02:65:C2:E4:F9:7B:85:61 X509v3 Authority Key Identifier: keyid:0B:27:5E:5B:46:6B:94:1A:B8:4A:74:2B:4E:38:32:BB:1F:DF:EC:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142085.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:253:219::/48 Signature Algorithm: sha256WithRSAEncryption 01:3e:d4:19:86:4c:70:23:49:de:61:10:94:a8:18:4e:82:52: cb:7b:d0:9d:50:8c:09:8b:23:bd:8f:8f:64:93:19:81:e9:a1: 0a:8f:60:ef:e5:58:d2:5d:eb:58:11:ab:10:8c:1c:ef:c9:de: 92:89:e8:e4:a6:d5:b8:5f:9a:7a:3d:84:52:51:1d:37:7e:56: a9:3f:c6:53:b1:52:29:e0:f7:a0:c1:a8:e6:6e:6e:45:75:24: 6c:99:9a:da:a1:d6:df:4b:fb:a9:f9:f7:b2:60:c4:75:12:6f: 80:59:b4:89:db:79:2f:3e:67:a5:4b:7c:3a:33:ea:61:e5:09: d3:0d:2a:40:fb:44:6b:c9:a4:80:f1:c3:67:94:ad:0f:0b:68: 97:78:fe:4a:96:06:42:55:23:fd:95:73:00:b8:80:33:81:e6: 4e:c6:8d:30:ce:3c:6d:9b:fa:9d:91:78:ed:87:12:0a:fe:64: 4b:c5:17:64:fc:74:76:03:7d:f3:08:c6:93:b9:11:d8:7f:03: 99:4a:d1:8b:68:95:62:3d:d6:71:00:b5:86:c2:a9:19:d4:24: b9:fa:89:52:bd:b1:9b:c1:7c:6d:94:98:ef:34:0b:bd:49:8b: d0:17:02:ca:43:33:a0:dc:bf:12:e0:e6:c2:6b:3a:f9:18:b8: 47:08:05:62 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUCIDLmj2Fg4UQI+Z8GDptxRGOx8AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwQjI3NUU1QjQ2 NkI5NDFBQjg0QTc0MkI0RTM4MzJCQjFGREZFQzlFMB4XDTI1MTIwMjA4NDI0N1oX DTI2MTIwMTA4NDc0N1owMzExMC8GA1UEAxMoQTNDMkQyNkEzM0VGMTlGQjg1NjVE MzZDMDI2NUMyRTRGOTdCODU2MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN4kS2IldMl2tQOKMoX+LmdxQlXA9JkReqbC7xf0jntrhRvScXsvA1kv47wf SXlM1/oCShNP4zPCQP8CYmWM3jo79ZpeoLjEfM3B1l+SgN+P6q46zA2daoRNeoRr BM+r0NC1IeaU/kIa2Bx1oK4e1QD6CDn7ZHY3P4m5WE6Q7Ply2QHZQb88iZMoJRIx cHL9yIfCb+QLp4L0750WWnMiTyz4+sA+GcCIJ1EcgacRO8G16H1qlAOjLU7oZ67z uD4xGU1zwQMfMFhBXmK7IYvqFaU4q782YZJQ7VJ0DtE0gk3uPMVj4Vl7it3GqKjv cRm/TB0YlYdubjzo4WildH2CBVsCAwEAAaOCAccwggHDMB0GA1UdDgQWBBSjwtJq M+8Z+4Vl02wCZcLk+XuFYTAfBgNVHSMEGDAWgBQLJ15bRmuUGrhKdCtOODK7H9/s njAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wQjI3NUU1QjQ2NkI5NDFBQjg0QTc0 MkI0RTM4MzJCQjFGREZFQzlFLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9DeWRlVzBacmxCcTRTblFyVGpneXV4X2Y3 SjQuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjA4NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACAB AlMCGTANBgkqhkiG9w0BAQsFAAOCAQEAAT7UGYZMcCNJ3mEQlKgYToJSy3vQnVCM CYsjvY+PZJMZgemhCo9g7+VY0l3rWBGrEIwc78nekono5KbVuF+aej2EUlEdN35W qT/GU7FSKeD3oMGo5m5uRXUkbJma2qHW30v7qfn3smDEdRJvgFm0idt5Lz5npUt8 OjPqYeUJ0w0qQPtEa8mkgPHDZ5StDwtol3j+SpYGQlUj/ZVzALiAM4HmTsaNMM48 bZv6nZF47YcSCv5kS8UXZPx0dgN98wjGk7kR2H8DmUrRi2iVYj3WcQC1hsKpGdQk ufqJUr2xm8F8bZSY7zQLvUmL0BcCykMzoNy/EuDmwms6+Ri4RwgFYg== -----END CERTIFICATE-----Generated at Sat Dec 6 18:41:27 2025 by rpki-client