This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142085.roa File: AS142085.roa (raw, json) Hash identifier: /OlMhOL9Z4qtBh1+iRuXa6/yFkEnrseGqr/4eAhK/KE= Subject key identifier: 88:8F:37:15:88:B2:E6:B9:37:3B:92:1A:46:33:CB:F4:FD:77:D8:67 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 20EDF1930AEB4B39BAE4D2373DAA62DB0C11323D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142085.roa Signing time: Tue 20 Jan 2026 01:10:16 +0000 ROA not before: Tue 20 Jan 2026 01:05:16 +0000 ROA not after: Tue 19 Jan 2027 01:10:16 +0000 asID: 142085 IP address blocks: 2001:253:219::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 26 Jan 2026 12:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:ed:f1:93:0a:eb:4b:39:ba:e4:d2:37:3d:aa:62:db:0c:11:32:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Jan 20 01:05:16 2026 GMT Not After : Jan 19 01:10:16 2027 GMT Subject: CN=888F371588B2E6B9373B921A4633CBF4FD77D867 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:72:82:c0:cd:ee:11:c2:47:06:da:d4:ef:ea: 09:68:fa:77:08:3a:d7:f0:38:0e:c8:9c:d4:88:ec: 28:1d:ef:3f:58:e3:67:bc:94:b2:2a:f8:67:2c:e6: d6:f3:d1:49:f9:23:4d:c7:ba:d0:3c:49:a3:47:e8: 59:7f:af:9e:ee:92:82:02:ec:a3:61:34:3c:65:5d: a9:64:c5:e4:3d:b6:dd:d0:75:97:e9:7a:82:ef:87: 43:8e:d9:51:41:76:f0:38:8a:a7:2d:00:fc:b9:87: 10:b6:ce:c2:27:4e:c7:a2:03:e5:0e:24:3c:cd:95: 3b:35:66:51:8e:85:a3:53:aa:7c:c5:a7:cc:dd:c3: 6c:c0:39:ab:a1:d9:97:5a:32:2a:5f:5c:34:ae:44: c3:64:a7:dd:b1:0c:c5:bf:f2:de:d4:fa:ff:a8:c6: f2:18:87:5b:1c:95:cd:ba:66:76:2f:ad:88:16:1b: d0:e2:37:67:ed:eb:62:35:d2:27:3a:80:1b:81:72: c1:d6:3d:e7:3e:c9:6b:bf:56:df:17:c2:a9:6d:4b: 5f:aa:ee:8c:c7:69:32:12:b6:53:01:30:d7:71:15: af:dc:79:53:70:1b:de:1c:7e:c7:23:2f:8f:ea:7f: 9f:8f:6f:64:b0:32:7d:be:49:62:01:13:af:f0:ff: 38:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:8F:37:15:88:B2:E6:B9:37:3B:92:1A:46:33:CB:F4:FD:77:D8:67 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142085.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:253:219::/48 Signature Algorithm: sha256WithRSAEncryption 3e:47:e9:a0:67:87:5e:06:2f:69:b7:48:14:9c:81:ad:57:7d: fc:fb:e1:8b:c0:a4:fb:7a:68:6c:af:7f:f2:23:4d:cc:64:82: 85:9b:b2:96:70:e4:b5:e1:b5:ea:95:ed:27:63:21:f0:ed:3b: 7a:82:1b:d3:35:55:8a:f0:41:04:c0:c8:12:b1:c5:1a:9f:41: d0:01:b1:41:56:37:c4:2c:4c:1d:23:de:ff:ca:ca:8e:e6:df: 21:04:cb:01:2f:f8:c9:54:5f:4c:01:d1:40:c2:b3:b7:49:26: 03:c8:14:ec:1c:6e:11:36:14:bc:8a:0a:ec:b9:6a:60:09:53: 33:e3:d4:7a:74:5d:4c:f4:13:6b:f5:dd:c6:35:d3:e2:32:94: 7f:8a:ca:e0:b2:3f:8e:89:ab:60:9f:72:6b:cc:a7:83:b9:6f: 42:7f:79:8a:d0:c4:b1:7d:3b:ac:92:be:2e:c5:b6:f0:a0:43: 63:6f:92:50:5a:cb:72:2e:24:13:9d:06:93:a6:da:42:a5:ae: da:a3:6b:81:e4:d4:6c:f0:2b:eb:99:c1:fc:48:6f:10:55:2a: bd:6b:da:2e:4c:bf:c1:8a:25:33:44:e3:d4:5c:1f:54:b5:6c: 3c:48:5f:9d:ba:54:be:2b:12:94:05:ee:83:9c:27:c3:74:74: f6:20:5a:db -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUIO3xkwrrSzm65NI3Papi2wwRMj0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDEyMDAxMDUxNloX DTI3MDExOTAxMTAxNlowMzExMC8GA1UEAxMoODg4RjM3MTU4OEIyRTZCOTM3M0I5 MjFBNDYzM0NCRjRGRDc3RDg2NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJlygsDN7hHCRwba1O/qCWj6dwg61/A4Dsic1IjsKB3vP1jjZ7yUsir4Zyzm 1vPRSfkjTce60DxJo0foWX+vnu6SggLso2E0PGVdqWTF5D223dB1l+l6gu+HQ47Z UUF28DiKpy0A/LmHELbOwidOx6ID5Q4kPM2VOzVmUY6Fo1OqfMWnzN3DbMA5q6HZ l1oyKl9cNK5Ew2Sn3bEMxb/y3tT6/6jG8hiHWxyVzbpmdi+tiBYb0OI3Z+3rYjXS JzqAG4FywdY95z7Ja79W3xfCqW1LX6rujMdpMhK2UwEw13EVr9x5U3Ab3hx+xyMv j+p/n49vZLAyfb5JYgETr/D/OCECAwEAAaOCAccwggHDMB0GA1UdDgQWBBSIjzcV iLLmuTc7khpGM8v0/XfYZzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjA4NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACAB AlMCGTANBgkqhkiG9w0BAQsFAAOCAQEAPkfpoGeHXgYvabdIFJyBrVd9/Pvhi8Ck +3pobK9/8iNNzGSChZuylnDkteG16pXtJ2Mh8O07eoIb0zVVivBBBMDIErHFGp9B 0AGxQVY3xCxMHSPe/8rKjubfIQTLAS/4yVRfTAHRQMKzt0kmA8gU7BxuETYUvIoK 7LlqYAlTM+PUenRdTPQTa/XdxjXT4jKUf4rK4LI/jomrYJ9ya8yng7lvQn95itDE sX07rJK+LsW28KBDY2+SUFrLci4kE50Gk6baQqWu2qNrgeTUbPAr65nB/EhvEFUq vWvaLky/wYolM0Tj1FwfVLVsPEhfnbpUvisSlAXug5wnw3R09iBa2w== -----END CERTIFICATE-----Generated at Sun Jan 25 15:17:28 2026 by rpki-client