This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142096.roa File: AS142096.roa (raw, json) Hash identifier: /daCmgLd+A0zb+CtT//9XJpgYaGOuEaW/hKLIJBCIUQ= Subject key identifier: 01:5D:C4:C3:C3:F4:A9:12:C8:CE:0B:BE:83:C6:E0:21:F9:8C:DF:3C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 49C7A0B7D6970B6D6638DED0F9E13CBCC3E4D54A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142096.roa Signing time: Tue 20 Jan 2026 01:10:17 +0000 ROA not before: Tue 20 Jan 2026 01:05:17 +0000 ROA not after: Tue 19 Jan 2027 01:10:17 +0000 asID: 142096 IP address blocks: 2001:253:230::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 26 Jan 2026 12:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:c7:a0:b7:d6:97:0b:6d:66:38:de:d0:f9:e1:3c:bc:c3:e4:d5:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Jan 20 01:05:17 2026 GMT Not After : Jan 19 01:10:17 2027 GMT Subject: CN=015DC4C3C3F4A912C8CE0BBE83C6E021F98CDF3C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:a8:53:8d:97:66:0e:07:0b:00:fe:c8:92:8a: c3:b9:08:ed:f4:9f:45:23:80:3c:97:5e:8b:e3:22: 71:d8:00:cd:5f:ba:70:f7:4a:8c:7c:4d:20:60:5f: 47:24:48:c7:8e:52:33:69:b9:28:0b:a6:8a:96:c4: c2:6c:4b:d3:64:ec:13:83:91:8e:65:d5:3e:bb:d2: f2:41:86:b0:84:79:3a:64:24:90:28:44:33:64:e2: e5:25:27:11:3b:3f:8f:a9:6d:e4:07:cf:65:60:5a: fc:92:fc:c0:28:1f:af:9d:ed:f2:f5:69:f8:5f:94: 7a:51:36:d7:8e:0f:26:25:c7:21:48:1c:c4:22:29: 63:d0:6e:83:6f:99:64:85:6b:99:30:c6:04:80:71: 5b:66:56:ea:2d:79:96:0e:d5:6b:3f:95:e2:de:c0: 7c:39:2f:c0:4a:ac:97:52:27:ec:8c:f7:72:d0:9e: e2:25:db:f8:fe:c1:74:39:58:dc:ef:58:77:44:15: ef:7b:29:f5:03:fa:c4:95:e4:a0:af:ec:e3:b4:3f: 1a:6a:fd:21:08:46:c0:f0:33:52:e6:aa:94:ea:a7: 64:8e:17:32:7f:c3:87:21:57:39:40:ad:3d:fe:3e: d7:db:cc:84:09:36:1d:1b:4a:b0:84:1e:69:50:b2: 42:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:5D:C4:C3:C3:F4:A9:12:C8:CE:0B:BE:83:C6:E0:21:F9:8C:DF:3C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142096.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:253:230::/48 Signature Algorithm: sha256WithRSAEncryption 90:bd:cb:27:9b:a4:12:10:19:17:a3:14:17:8d:17:44:78:40: 11:5a:f3:e5:7d:7b:ea:c3:ba:67:97:a0:4a:87:45:8a:19:73: 7b:44:69:67:32:3c:bb:71:76:83:49:59:e8:b3:9c:01:18:9f: aa:cd:40:38:4b:2e:8b:d0:1d:3e:af:f3:bf:cd:fb:98:d5:c9: dd:08:9b:90:5c:7e:3c:99:24:de:4d:de:a1:18:cb:9c:54:ea: 8c:89:e3:cc:a9:0b:5d:8e:86:f0:63:5e:b6:3e:10:ab:20:f5: 59:27:8c:6b:40:36:8f:55:13:5f:ea:c4:a2:28:82:70:af:9b: 0d:5c:fb:38:b1:06:d2:9a:d8:e1:39:35:75:29:bd:8f:3d:53: 00:d3:48:17:07:dc:dd:a8:dd:7c:18:72:0f:9f:19:9c:bc:67: 0a:b1:66:f4:3b:83:b0:99:2a:4d:4c:c3:3a:f2:5b:1e:28:b6: 6d:e3:ea:c2:ad:2e:a9:f9:e2:74:39:53:92:8c:82:ab:68:85: a3:31:1a:a4:f7:42:30:a0:92:21:37:57:96:7e:a4:91:07:96: 36:6f:f8:e1:c0:01:88:2d:54:50:cb:de:6e:a2:d6:89:a8:96: f3:71:5b:39:41:20:67:09:30:6b:f2:01:92:2a:a6:bb:4b:e4: 85:1b:ca:d2 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUScegt9aXC21mON7Q+eE8vMPk1UowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDEyMDAxMDUxN1oX DTI3MDExOTAxMTAxN1owMzExMC8GA1UEAxMoMDE1REM0QzNDM0Y0QTkxMkM4Q0Uw QkJFODNDNkUwMjFGOThDREYzQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKSoU42XZg4HCwD+yJKKw7kI7fSfRSOAPJdei+MicdgAzV+6cPdKjHxNIGBf RyRIx45SM2m5KAumipbEwmxL02TsE4ORjmXVPrvS8kGGsIR5OmQkkChEM2Ti5SUn ETs/j6lt5AfPZWBa/JL8wCgfr53t8vVp+F+UelE2144PJiXHIUgcxCIpY9Bug2+Z ZIVrmTDGBIBxW2ZW6i15lg7Vaz+V4t7AfDkvwEqsl1In7Iz3ctCe4iXb+P7BdDlY 3O9Yd0QV73sp9QP6xJXkoK/s47Q/Gmr9IQhGwPAzUuaqlOqnZI4XMn/DhyFXOUCt Pf4+19vMhAk2HRtKsIQeaVCyQo8CAwEAAaOCAccwggHDMB0GA1UdDgQWBBQBXcTD w/SpEsjOC76DxuAh+YzfPDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjA5Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACAB AlMCMDANBgkqhkiG9w0BAQsFAAOCAQEAkL3LJ5ukEhAZF6MUF40XRHhAEVrz5X17 6sO6Z5egSodFihlze0RpZzI8u3F2g0lZ6LOcARifqs1AOEsui9AdPq/zv837mNXJ 3QibkFx+PJkk3k3eoRjLnFTqjInjzKkLXY6G8GNetj4QqyD1WSeMa0A2j1UTX+rE oiiCcK+bDVz7OLEG0prY4Tk1dSm9jz1TANNIFwfc3ajdfBhyD58ZnLxnCrFm9DuD sJkqTUzDOvJbHii2bePqwq0uqfnidDlTkoyCq2iFozEapPdCMKCSITdXln6kkQeW Nm/44cABiC1UUMvebqLWiaiW83FbOUEgZwkwa/IBkiqmu0vkhRvK0g== -----END CERTIFICATE-----Generated at Sun Jan 25 15:17:18 2026 by rpki-client