This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142098.roa File: AS142098.roa (raw, json) Hash identifier: RaUVBIKeOFKNKXoUzYd7W165tMeMJ8jgilVGeQpSCeE= Subject key identifier: D6:9B:65:C3:A6:3B:49:0B:7D:FD:FD:9F:AC:49:0B:AA:BE:E9:91:C2 Certificate issuer: /CN=A91E5D610001/serialNumber=0B275E5B466B941AB84A742B4E3832BB1FDFEC9E Certificate serial: 5BF2B7827BFA1B864DC8C8F6D1B021502BF16EC2 Authority key identifier: 0B:27:5E:5B:46:6B:94:1A:B8:4A:74:2B:4E:38:32:BB:1F:DF:EC:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142098.roa Signing time: Tue 02 Dec 2025 08:47:52 +0000 ROA not before: Tue 02 Dec 2025 08:42:52 +0000 ROA not after: Tue 01 Dec 2026 08:47:52 +0000 asID: 142098 IP address blocks: 2001:253:232::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.crl rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 03:19:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:f2:b7:82:7b:fa:1b:86:4d:c8:c8:f6:d1:b0:21:50:2b:f1:6e:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=0B275E5B466B941AB84A742B4E3832BB1FDFEC9E Validity Not Before: Dec 2 08:42:52 2025 GMT Not After : Dec 1 08:47:52 2026 GMT Subject: CN=D69B65C3A63B490B7DFDFD9FAC490BAABEE991C2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:b7:97:95:02:c9:e9:76:a7:9a:52:62:d5:be: a3:90:8a:8a:9e:0e:d2:02:1b:2a:2f:ca:6b:f0:49: 9d:0a:64:88:af:19:37:a2:a4:eb:77:31:5c:32:78: 69:ba:1c:d0:a5:76:3c:de:d1:19:31:b7:b9:ff:c7: 7c:22:1e:2d:59:e2:7c:9b:a0:a7:5e:44:c4:06:b4: 2e:57:7b:7d:16:51:16:37:95:82:c1:98:c7:24:58: f4:52:11:93:d5:ee:14:60:d9:d7:9a:80:2d:81:a9: 82:0f:cc:25:1a:82:2f:f0:72:da:33:4b:f0:3c:4b: ff:1e:99:45:97:73:fe:9d:e1:c8:51:44:3d:23:b6: b6:c2:8d:d3:c8:ed:06:c9:74:ce:b3:88:50:a0:e2: eb:79:f5:50:55:27:0b:29:bd:80:6c:c0:fa:d9:92: 7a:85:a4:77:b7:6b:b5:f7:17:f5:3d:4a:32:f8:d0: 98:ef:c6:22:8e:5f:d3:f6:c2:8c:bc:7e:99:24:fe: 06:4d:ff:ae:ac:35:fb:fc:1e:3a:9e:91:d6:c4:7d: 80:ee:b0:33:74:38:f4:1a:54:81:4f:05:ea:c2:b5: 91:bc:01:f6:8d:e3:1a:7f:5d:83:00:3a:c4:77:d2: 87:7b:22:a8:6c:61:e1:3b:31:4e:c9:87:72:39:49: e7:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:9B:65:C3:A6:3B:49:0B:7D:FD:FD:9F:AC:49:0B:AA:BE:E9:91:C2 X509v3 Authority Key Identifier: keyid:0B:27:5E:5B:46:6B:94:1A:B8:4A:74:2B:4E:38:32:BB:1F:DF:EC:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142098.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:253:232::/48 Signature Algorithm: sha256WithRSAEncryption 8c:d5:02:b6:3e:14:67:75:61:1c:d4:8c:7d:29:84:aa:42:c5: c9:9d:b4:d3:f2:27:8b:4b:94:53:b2:60:3f:b8:cb:5d:ef:de: 9c:02:a8:fc:22:e6:0f:a5:40:94:3e:1c:1c:33:15:65:b4:c6: 69:1a:55:c5:25:61:92:7a:6a:1a:2b:ed:c7:12:4d:4b:0b:3f: 75:ba:7f:7e:f1:44:ba:49:84:fe:4c:99:35:36:ce:23:e0:14: 96:ad:6c:2a:97:52:3d:ac:71:fd:15:8a:b5:08:5c:10:1a:5d: 17:4a:d9:f8:ec:67:3a:99:47:7c:38:99:48:ac:34:2e:05:9e: 5b:af:33:e5:96:70:50:3d:b7:a8:bb:13:ce:2a:75:5f:f5:83: 3e:db:32:e0:5c:9a:51:e8:3f:0d:db:1a:6d:76:94:f6:e3:cf: 26:4e:43:62:5b:45:40:e9:10:28:bc:8c:a2:a5:ce:a7:fa:72: ba:82:99:1e:97:81:c9:bc:03:0a:58:88:67:62:b6:74:1f:db: b9:de:da:68:68:a4:82:69:2c:66:0c:f1:ee:2c:3b:ca:6b:de: 96:db:42:49:17:1f:e2:b5:f8:04:86:cd:9e:21:25:dc:0b:91: 18:26:e9:ae:4c:6d:04:04:ba:d7:84:30:3e:d8:45:29:dc:04: 11:d3:ca:5f -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUW/K3gnv6G4ZNyMj20bAhUCvxbsIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwQjI3NUU1QjQ2 NkI5NDFBQjg0QTc0MkI0RTM4MzJCQjFGREZFQzlFMB4XDTI1MTIwMjA4NDI1MloX DTI2MTIwMTA4NDc1MlowMzExMC8GA1UEAxMoRDY5QjY1QzNBNjNCNDkwQjdERkRG RDlGQUM0OTBCQUFCRUU5OTFDMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKa3l5UCyel2p5pSYtW+o5CKip4O0gIbKi/Ka/BJnQpkiK8ZN6Kk63cxXDJ4 aboc0KV2PN7RGTG3uf/HfCIeLVnifJugp15ExAa0Lld7fRZRFjeVgsGYxyRY9FIR k9XuFGDZ15qALYGpgg/MJRqCL/By2jNL8DxL/x6ZRZdz/p3hyFFEPSO2tsKN08jt Bsl0zrOIUKDi63n1UFUnCym9gGzA+tmSeoWkd7drtfcX9T1KMvjQmO/GIo5f0/bC jLx+mST+Bk3/rqw1+/weOp6R1sR9gO6wM3Q49BpUgU8F6sK1kbwB9o3jGn9dgwA6 xHfSh3siqGxh4TsxTsmHcjlJ528CAwEAAaOCAccwggHDMB0GA1UdDgQWBBTWm2XD pjtJC339/Z+sSQuqvumRwjAfBgNVHSMEGDAWgBQLJ15bRmuUGrhKdCtOODK7H9/s njAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wQjI3NUU1QjQ2NkI5NDFBQjg0QTc0 MkI0RTM4MzJCQjFGREZFQzlFLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9DeWRlVzBacmxCcTRTblFyVGpneXV4X2Y3 SjQuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjA5OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACAB AlMCMjANBgkqhkiG9w0BAQsFAAOCAQEAjNUCtj4UZ3VhHNSMfSmEqkLFyZ200/In i0uUU7JgP7jLXe/enAKo/CLmD6VAlD4cHDMVZbTGaRpVxSVhknpqGivtxxJNSws/ dbp/fvFEukmE/kyZNTbOI+AUlq1sKpdSPaxx/RWKtQhcEBpdF0rZ+OxnOplHfDiZ SKw0LgWeW68z5ZZwUD23qLsTzip1X/WDPtsy4FyaUeg/DdsabXaU9uPPJk5DYltF QOkQKLyMoqXOp/pyuoKZHpeBybwDCliIZ2K2dB/bud7aaGikgmksZgzx7iw7ymve lttCSRcf4rX4BIbNniEl3AuRGCbprkxtBAS614QwPthFKdwEEdPKXw== -----END CERTIFICATE-----Generated at Sat Dec 6 18:41:25 2025 by rpki-client