This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142086.roa File: AS142086.roa (raw, json) Hash identifier: pabSN29hDUCZqT+sDZoTdGD5lyBkerQ5thU2WMEK6g4= Subject key identifier: BD:68:63:CD:AF:4F:FE:33:D5:25:16:C1:94:23:48:28:C0:27:57:FF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 660D85B9CDE0CC2C1F51B47240EEFAC7C19FD0AB Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142086.roa Signing time: Tue 20 Jan 2026 01:10:24 +0000 ROA not before: Tue 20 Jan 2026 01:05:24 +0000 ROA not after: Tue 19 Jan 2027 01:10:24 +0000 asID: 142086 IP address blocks: 2001:253:220::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 25 Jan 2026 19:21:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:0d:85:b9:cd:e0:cc:2c:1f:51:b4:72:40:ee:fa:c7:c1:9f:d0:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Jan 20 01:05:24 2026 GMT Not After : Jan 19 01:10:24 2027 GMT Subject: CN=BD6863CDAF4FFE33D52516C194234828C02757FF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:5c:a4:6b:c1:40:a2:89:d3:9d:40:fd:d0:9a: c5:2d:42:64:c4:43:77:ca:de:41:3d:98:1f:84:b1: 7d:7b:34:27:53:69:11:3e:53:28:f1:9c:17:d6:e9: f7:38:70:6f:4a:56:a3:ef:44:8d:23:78:67:e5:1e: 6c:b1:2c:85:6f:08:cf:ba:98:f1:70:32:d1:05:11: f5:db:71:ed:72:65:72:96:5e:73:2a:9e:14:75:31: 27:a4:e4:e0:a0:7f:f1:9d:51:eb:4c:71:ba:f1:75: f5:63:43:96:d8:31:13:2a:e7:8f:2e:d1:89:18:73: e5:f2:af:39:4d:1e:7e:e3:86:fc:55:62:1b:80:ac: e3:45:19:f8:67:a8:ea:2c:85:c8:25:1e:29:db:3f: 70:8d:a2:6d:e7:7f:24:88:6f:42:64:9a:8a:a1:2d: 0f:92:b4:f5:e8:12:08:46:ec:01:ec:67:d6:e9:49: 70:ab:f5:15:74:a4:bb:97:de:53:b3:2d:31:c1:92: a2:97:67:68:d0:25:76:14:00:bc:93:95:27:96:90: 95:0f:53:27:a5:38:0a:d7:b9:3f:e4:e1:32:31:37: bd:55:5a:6a:04:ad:22:0c:ba:e0:28:b5:5e:61:1b: 4f:c4:9c:62:fe:02:ff:24:ef:72:2e:1a:94:15:a0: a6:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:68:63:CD:AF:4F:FE:33:D5:25:16:C1:94:23:48:28:C0:27:57:FF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142086.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:253:220::/48 Signature Algorithm: sha256WithRSAEncryption ad:18:f2:33:21:77:43:97:7b:19:5f:33:72:ca:8d:6e:f2:1f: 26:30:04:31:9f:90:8f:73:98:99:fd:2c:1a:bc:49:8a:53:11: 5c:42:88:52:62:53:a3:c1:b4:5e:fa:d6:55:cf:fa:16:36:55: da:cc:4b:69:d7:06:6c:a5:0e:5b:63:f3:76:1d:51:6d:2a:e5: c5:4c:de:ac:fc:b7:0d:a3:15:bc:a6:ac:8f:d7:34:3e:db:6c: 00:15:66:c0:7f:c8:a8:a8:d0:1a:0d:9b:dd:98:5e:f1:3d:88: ef:91:13:3b:93:e2:ce:9a:3c:bb:f2:fe:b8:4d:80:7c:68:c1: b4:72:03:31:b9:5f:67:e5:e0:84:cb:6f:f5:2f:cc:cd:4c:89: ed:4d:8d:eb:9f:59:e4:1e:3d:a3:cd:86:39:2c:2c:16:5b:84: e3:63:c7:84:e7:18:9e:9f:6d:0e:bd:2a:86:72:99:41:a2:93: c0:b0:26:c2:0e:a3:e6:97:c6:d9:d6:10:30:ac:38:21:12:78: 40:14:b3:f5:d1:9b:38:48:7f:3e:f5:99:94:b3:75:55:1d:92: ba:fd:1c:74:91:e1:8e:b3:4f:d5:45:6a:c0:ee:46:94:80:56: 4f:31:1a:38:1d:db:a4:95:16:28:df:8f:9a:f1:26:51:6e:ab: a7:e2:ef:9b -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUZg2Fuc3gzCwfUbRyQO76x8Gf0KswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDEyMDAxMDUyNFoX DTI3MDExOTAxMTAyNFowMzExMC8GA1UEAxMoQkQ2ODYzQ0RBRjRGRkUzM0Q1MjUx NkMxOTQyMzQ4MjhDMDI3NTdGRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALNcpGvBQKKJ051A/dCaxS1CZMRDd8reQT2YH4SxfXs0J1NpET5TKPGcF9bp 9zhwb0pWo+9EjSN4Z+UebLEshW8Iz7qY8XAy0QUR9dtx7XJlcpZecyqeFHUxJ6Tk 4KB/8Z1R60xxuvF19WNDltgxEyrnjy7RiRhz5fKvOU0efuOG/FViG4Cs40UZ+Geo 6iyFyCUeKds/cI2ibed/JIhvQmSaiqEtD5K09egSCEbsAexn1ulJcKv1FXSku5fe U7MtMcGSopdnaNAldhQAvJOVJ5aQlQ9TJ6U4Cte5P+ThMjE3vVVaagStIgy64Ci1 XmEbT8ScYv4C/yTvci4alBWgprMCAwEAAaOCAccwggHDMB0GA1UdDgQWBBS9aGPN r0/+M9UlFsGUI0gowCdX/zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjA4Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACAB AlMCIDANBgkqhkiG9w0BAQsFAAOCAQEArRjyMyF3Q5d7GV8zcsqNbvIfJjAEMZ+Q j3OYmf0sGrxJilMRXEKIUmJTo8G0XvrWVc/6FjZV2sxLadcGbKUOW2Pzdh1RbSrl xUzerPy3DaMVvKasj9c0PttsABVmwH/IqKjQGg2b3Zhe8T2I75ETO5Pizpo8u/L+ uE2AfGjBtHIDMblfZ+XghMtv9S/MzUyJ7U2N659Z5B49o82GOSwsFluE42PHhOcY np9tDr0qhnKZQaKTwLAmwg6j5pfG2dYQMKw4IRJ4QBSz9dGbOEh/PvWZlLN1VR2S uv0cdJHhjrNP1UVqwO5GlIBWTzEaOB3bpJUWKN+PmvEmUW6rp+Lvmw== -----END CERTIFICATE-----Generated at Sun Jan 25 13:34:58 2026 by rpki-client