This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142098.roa File: AS142098.roa (raw, json) Hash identifier: mHpJNE2qv8pWa5yEqjoHYirenuWuxus5PfjVVzk+cRM= Subject key identifier: 17:08:29:16:BD:E0:80:5B:F2:25:B9:35:CB:8A:C8:74:3C:20:C5:1B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0899109AF8C0D4D55E39CDBF2A75EB567D2163C4 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142098.roa Signing time: Tue 20 Jan 2026 01:10:19 +0000 ROA not before: Tue 20 Jan 2026 01:05:19 +0000 ROA not after: Tue 19 Jan 2027 01:10:19 +0000 asID: 142098 IP address blocks: 2001:253:232::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 26 Jan 2026 12:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:99:10:9a:f8:c0:d4:d5:5e:39:cd:bf:2a:75:eb:56:7d:21:63:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Jan 20 01:05:19 2026 GMT Not After : Jan 19 01:10:19 2027 GMT Subject: CN=17082916BDE0805BF225B935CB8AC8743C20C51B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:5b:13:f2:72:73:a5:d8:37:e3:45:63:e5:27: ae:a9:57:0c:3f:56:c0:35:e8:fe:de:71:62:32:ed: 36:00:5f:96:69:46:c8:84:c2:54:2b:07:d8:ba:5b: 16:97:ce:91:42:7c:db:7e:35:dd:a2:c4:50:25:de: 10:37:4e:bc:80:9d:91:fd:e3:4c:85:4f:90:3b:2f: 93:4e:49:28:2b:fd:b6:cf:3d:80:44:93:e9:7a:4e: c6:b5:d7:35:5f:52:a4:d6:bb:5f:3b:41:e1:d9:67: bf:9a:5f:9d:5c:c1:e3:fe:b9:98:54:00:de:6e:5b: f0:45:cb:97:3f:b0:4f:80:e8:4d:3e:2e:9f:06:e3: 45:22:49:3c:d4:5d:4a:63:c2:7c:d0:71:53:62:7c: 8e:84:31:bf:91:c4:f7:2f:17:d5:44:42:ed:ba:ac: 55:f7:15:cb:10:8e:89:09:9c:c4:d9:95:c5:70:0b: 39:ba:8c:eb:ca:cf:6f:5a:f3:41:0f:1b:05:3c:6f: 16:f3:62:f8:27:99:7f:c4:0d:43:dd:55:55:d5:ac: 12:75:63:8b:80:3d:4b:1f:4c:73:34:f5:8f:d9:79: a9:01:38:3c:76:97:4e:bc:62:01:c0:29:96:e4:c6: 44:1e:e2:9a:6f:cd:f0:2d:21:63:e5:7b:00:95:c1: e9:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:08:29:16:BD:E0:80:5B:F2:25:B9:35:CB:8A:C8:74:3C:20:C5:1B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142098.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:253:232::/48 Signature Algorithm: sha256WithRSAEncryption da:6d:81:89:16:69:ca:b6:82:35:98:45:48:f2:16:5d:77:0e: 45:bc:ab:c7:83:15:a4:ac:31:4a:25:d1:62:40:80:e1:ef:3f: 55:67:e9:fe:d3:5e:db:a7:53:e4:81:00:11:06:f4:e9:ee:53: c5:aa:c5:51:5f:57:2e:5b:fe:e9:03:57:a4:b1:9a:02:e6:34: 44:60:c5:7b:d3:ea:cf:b7:15:2b:7c:9c:15:8f:e0:3c:2e:44: ee:63:c9:f3:b8:19:64:37:30:f7:ce:2b:b9:53:b7:87:00:35: fe:98:3c:21:df:72:fb:92:e0:65:dc:e0:49:39:d7:09:7c:26: 19:b5:71:b1:95:ca:69:7d:64:82:16:14:df:70:f8:91:ff:3e: 16:13:bf:39:a7:0e:a1:fc:7c:86:11:ef:77:53:6f:a5:8b:dd: a4:6a:57:96:b8:f7:d9:24:93:a6:c9:43:9c:37:32:f5:91:4c: 96:59:e9:24:e2:62:d5:dc:a5:b2:39:81:c4:dc:19:08:2d:90: 02:05:3a:f3:59:7b:50:e1:33:50:7b:db:44:7e:53:3d:40:e2: 2e:4d:33:40:e4:bc:6e:71:93:7f:04:a7:30:ff:8a:85:7d:b5: df:8b:62:b9:ab:27:7b:47:39:bf:8f:25:80:cc:6f:fc:19:b6: 80:d4:01:16 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUCJkQmvjA1NVeOc2/KnXrVn0hY8QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDEyMDAxMDUxOVoX DTI3MDExOTAxMTAxOVowMzExMC8GA1UEAxMoMTcwODI5MTZCREUwODA1QkYyMjVC OTM1Q0I4QUM4NzQzQzIwQzUxQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMZbE/Jyc6XYN+NFY+UnrqlXDD9WwDXo/t5xYjLtNgBflmlGyITCVCsH2Lpb FpfOkUJ823413aLEUCXeEDdOvICdkf3jTIVPkDsvk05JKCv9ts89gEST6XpOxrXX NV9SpNa7XztB4dlnv5pfnVzB4/65mFQA3m5b8EXLlz+wT4DoTT4unwbjRSJJPNRd SmPCfNBxU2J8joQxv5HE9y8X1URC7bqsVfcVyxCOiQmcxNmVxXALObqM68rPb1rz QQ8bBTxvFvNi+CeZf8QNQ91VVdWsEnVji4A9Sx9MczT1j9l5qQE4PHaXTrxiAcAp luTGRB7imm/N8C0hY+V7AJXB6c8CAwEAAaOCAccwggHDMB0GA1UdDgQWBBQXCCkW veCAW/IluTXLish0PCDFGzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjA5OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACAB AlMCMjANBgkqhkiG9w0BAQsFAAOCAQEA2m2BiRZpyraCNZhFSPIWXXcORbyrx4MV pKwxSiXRYkCA4e8/VWfp/tNe26dT5IEAEQb06e5TxarFUV9XLlv+6QNXpLGaAuY0 RGDFe9Pqz7cVK3ycFY/gPC5E7mPJ87gZZDcw984ruVO3hwA1/pg8Id9y+5LgZdzg STnXCXwmGbVxsZXKaX1kghYU33D4kf8+FhO/OacOofx8hhHvd1NvpYvdpGpXlrj3 2SSTpslDnDcy9ZFMllnpJOJi1dylsjmBxNwZCC2QAgU681l7UOEzUHvbRH5TPUDi Lk0zQOS8bnGTfwSnMP+KhX2134tiuasne0c5v48lgMxv/Bm2gNQBFg== -----END CERTIFICATE-----Generated at Sun Jan 25 15:17:19 2026 by rpki-client