This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142086.roa File: AS142086.roa (raw, json) Hash identifier: xdc1OMFXaLS+/kOMflfbwaXQWZ4OojOpmKapBHkqZg4= Subject key identifier: 2F:7F:EE:C8:D3:CE:2C:CE:DB:17:5B:98:0E:D1:C5:20:FD:2A:E3:32 Certificate issuer: /CN=A91E5D610001/serialNumber=0B275E5B466B941AB84A742B4E3832BB1FDFEC9E Certificate serial: 259AC8EACCD66A7C0FC41A1AC4BC9905BCD7840A Authority key identifier: 0B:27:5E:5B:46:6B:94:1A:B8:4A:74:2B:4E:38:32:BB:1F:DF:EC:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142086.roa Signing time: Tue 02 Dec 2025 08:47:52 +0000 ROA not before: Tue 02 Dec 2025 08:42:52 +0000 ROA not after: Tue 01 Dec 2026 08:47:52 +0000 asID: 142086 IP address blocks: 2001:253:220::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.crl rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 03:19:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:9a:c8:ea:cc:d6:6a:7c:0f:c4:1a:1a:c4:bc:99:05:bc:d7:84:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=0B275E5B466B941AB84A742B4E3832BB1FDFEC9E Validity Not Before: Dec 2 08:42:52 2025 GMT Not After : Dec 1 08:47:52 2026 GMT Subject: CN=2F7FEEC8D3CE2CCEDB175B980ED1C520FD2AE332 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:e3:0d:92:e3:ed:4f:a8:c2:01:37:64:6c:a1: 06:53:d9:e7:9a:2d:76:c7:0c:a5:0c:ca:be:0a:11: 6f:69:73:a5:b5:ce:28:d9:05:22:5e:ad:9d:de:d5: 31:c1:00:3c:e6:7e:d1:37:d8:9f:bd:6c:c5:e5:ab: 38:63:2a:bc:58:32:28:c4:bf:31:3e:78:ba:3e:f6: 86:a4:c7:92:45:05:e1:a6:6a:6a:f3:09:bf:ff:71: 4c:bc:8d:8d:45:0d:8a:22:d6:54:18:e7:a4:1f:b5: ca:a1:46:4c:50:d7:75:fb:d7:ca:9a:98:8d:81:20: 98:36:0c:c2:10:43:df:f3:cd:a3:51:d3:bb:1c:e8: 59:f0:34:9c:d0:01:54:d1:8c:8b:f6:ca:ba:23:67: 3e:37:26:d6:97:b8:78:41:aa:8b:65:05:d2:88:86: db:9d:58:f9:38:ee:8f:1e:da:52:49:4a:c6:91:8a: 2f:c7:79:25:07:f0:ba:66:ec:d6:c5:13:9a:19:d5: 52:6b:8e:2a:b3:44:ba:8a:4a:84:28:9a:5f:97:9b: fa:0c:99:1c:af:63:7a:d3:33:45:6a:be:8e:37:83: a0:ce:2d:cf:3c:4a:98:23:b3:40:ce:e7:f6:5c:da: 5b:38:5d:b4:65:e6:54:6f:8c:dd:59:23:5e:00:fd: fe:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:7F:EE:C8:D3:CE:2C:CE:DB:17:5B:98:0E:D1:C5:20:FD:2A:E3:32 X509v3 Authority Key Identifier: keyid:0B:27:5E:5B:46:6B:94:1A:B8:4A:74:2B:4E:38:32:BB:1F:DF:EC:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142086.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:253:220::/48 Signature Algorithm: sha256WithRSAEncryption 3a:6c:85:69:c2:a9:e4:81:8d:74:31:02:54:3c:4e:5c:7c:36: 62:4e:31:d7:30:f1:05:0f:3a:35:07:82:9b:51:73:90:64:09: 93:03:2b:7e:5a:f8:13:0f:92:29:cd:1c:4f:d4:01:02:03:56: 1c:c0:44:13:8c:10:c7:28:39:5a:33:12:f5:a9:9b:9d:17:e6: db:3c:17:dc:36:23:e9:13:5b:f7:bf:a8:db:5b:24:89:d7:91: 34:64:ab:c5:d8:1f:2c:d4:7d:ba:9f:59:48:00:12:74:c2:7a: c8:fc:af:f9:dd:16:03:06:6d:8f:69:5b:85:fa:d1:cf:e1:40: d3:06:1f:05:89:a2:3b:0a:ae:1f:6c:5c:ac:3f:72:82:76:65: 60:f9:f6:91:9b:f7:b1:54:c8:db:a4:05:27:39:f5:b6:8e:f6: 5b:ec:2c:eb:ab:44:d0:8c:af:e7:e7:0f:8a:e6:98:4b:d2:5d: 15:12:4e:f5:93:af:45:0e:d8:21:7f:38:1a:0c:ab:9d:47:34: e7:30:5f:06:94:3c:94:bd:0d:a9:60:5e:80:8a:04:d5:cb:e7: 72:78:1d:b2:1c:14:a6:06:6f:4a:04:3c:19:bf:b2:f6:d1:0e: 23:e2:22:e5:91:0a:00:6b:e0:45:25:36:58:17:88:79:c9:ce: 8d:2b:fa:c6 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUJZrI6szWanwPxBoaxLyZBbzXhAowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwQjI3NUU1QjQ2 NkI5NDFBQjg0QTc0MkI0RTM4MzJCQjFGREZFQzlFMB4XDTI1MTIwMjA4NDI1MloX DTI2MTIwMTA4NDc1MlowMzExMC8GA1UEAxMoMkY3RkVFQzhEM0NFMkNDRURCMTc1 Qjk4MEVEMUM1MjBGRDJBRTMzMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKrjDZLj7U+owgE3ZGyhBlPZ55otdscMpQzKvgoRb2lzpbXOKNkFIl6tnd7V McEAPOZ+0TfYn71sxeWrOGMqvFgyKMS/MT54uj72hqTHkkUF4aZqavMJv/9xTLyN jUUNiiLWVBjnpB+1yqFGTFDXdfvXypqYjYEgmDYMwhBD3/PNo1HTuxzoWfA0nNAB VNGMi/bKuiNnPjcm1pe4eEGqi2UF0oiG251Y+Tjujx7aUklKxpGKL8d5JQfwumbs 1sUTmhnVUmuOKrNEuopKhCiaX5eb+gyZHK9jetMzRWq+jjeDoM4tzzxKmCOzQM7n 9lzaWzhdtGXmVG+M3VkjXgD9/iUCAwEAAaOCAccwggHDMB0GA1UdDgQWBBQvf+7I 084sztsXW5gO0cUg/SrjMjAfBgNVHSMEGDAWgBQLJ15bRmuUGrhKdCtOODK7H9/s njAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wQjI3NUU1QjQ2NkI5NDFBQjg0QTc0 MkI0RTM4MzJCQjFGREZFQzlFLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9DeWRlVzBacmxCcTRTblFyVGpneXV4X2Y3 SjQuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjA4Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACAB AlMCIDANBgkqhkiG9w0BAQsFAAOCAQEAOmyFacKp5IGNdDECVDxOXHw2Yk4x1zDx BQ86NQeCm1FzkGQJkwMrflr4Ew+SKc0cT9QBAgNWHMBEE4wQxyg5WjMS9ambnRfm 2zwX3DYj6RNb97+o21skideRNGSrxdgfLNR9up9ZSAASdMJ6yPyv+d0WAwZtj2lb hfrRz+FA0wYfBYmiOwquH2xcrD9ygnZlYPn2kZv3sVTI26QFJzn1to72W+ws66tE 0Iyv5+cPiuaYS9JdFRJO9ZOvRQ7YIX84GgyrnUc05zBfBpQ8lL0NqWBegIoE1cvn cngdshwUpgZvSgQ8Gb+y9tEOI+Ii5ZEKAGvgRSU2WBeIecnOjSv6xg== -----END CERTIFICATE-----Generated at Sat Dec 6 18:41:25 2025 by rpki-client