This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142099.roa
File:                     AS142099.roa (raw, json)
Hash identifier:          0HRmG/jKFftsRoVQaTj3mkEE7pZWQHVZSdzKV3BK984=
Subject key identifier:   3C:C1:1C:5D:D8:2D:3F:A4:90:17:DE:4B:CA:A2:F1:A6:98:97:B3:3E
Certificate issuer:       /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA
Certificate serial:       3D1E2599579DB88250FF79A782CCF369A7D42266
Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer
Subject info access:      rsync://rpki.cernet.net/repo/cernet/0/AS142099.roa
Signing time:             Tue 20 Jan 2026 01:10:19 +0000
ROA not before:           Tue 20 Jan 2026 01:05:19 +0000
ROA not after:            Tue 19 Jan 2027 01:10:19 +0000
asID:                     142099
IP address blocks:        2001:253:233::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl
                          rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 26 Jan 2026 12:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:1e:25:99:57:9d:b8:82:50:ff:79:a7:82:cc:f3:69:a7:d4:22:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA
        Validity
            Not Before: Jan 20 01:05:19 2026 GMT
            Not After : Jan 19 01:10:19 2027 GMT
        Subject: CN=3CC11C5DD82D3FA49017DE4BCAA2F1A69897B33E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:76:44:42:5e:43:ac:50:c6:5d:ea:ab:6e:31:
                    d8:fa:4b:f7:04:f5:dc:95:3a:b9:25:cb:61:f3:e5:
                    7b:37:d1:ac:76:dc:db:8b:3d:ba:1d:d9:8c:30:cb:
                    37:ad:3f:e5:45:1f:e1:41:51:9d:40:c1:73:cb:0a:
                    3d:0c:87:a3:a2:c4:b0:ee:17:e3:02:10:72:ba:42:
                    40:f0:fb:67:46:03:97:81:5b:0f:1a:a0:ea:5b:4b:
                    91:5a:8d:44:74:1d:46:97:49:d3:3e:1a:b1:11:5a:
                    0a:e4:79:55:d8:5b:64:07:fc:a0:b6:d1:44:e1:11:
                    75:65:a7:10:77:f4:2e:4d:2c:c4:b5:6f:c6:9f:6f:
                    f4:1a:2c:bb:d5:b6:74:54:f0:5e:c4:de:72:d6:a0:
                    49:8c:01:40:38:74:26:f6:66:b9:d4:07:fa:47:13:
                    6b:32:ed:62:2f:3d:e0:fd:af:20:fd:10:e4:e1:fc:
                    30:2d:bb:26:03:26:d4:50:30:eb:8a:e9:52:96:50:
                    f0:29:97:38:15:ef:df:ef:d6:5c:c3:67:e5:ee:8d:
                    19:39:c1:a9:de:3a:11:75:ba:ee:9e:98:01:f2:42:
                    81:2b:3f:d1:15:b6:69:a4:c1:dd:d1:55:12:fc:29:
                    d8:1e:7e:a4:05:76:44:99:4a:47:31:cd:ec:16:e8:
                    0c:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:C1:1C:5D:D8:2D:3F:A4:90:17:DE:4B:CA:A2:F1:A6:98:97:B3:3E
            X509v3 Authority Key Identifier:
                keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142099.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:253:233::/48

    Signature Algorithm: sha256WithRSAEncryption
         69:29:0c:3c:a6:1c:e1:9a:45:96:7e:25:c1:6a:bd:3e:40:de:
         02:98:a0:5a:45:08:12:5f:69:36:e9:7e:51:e1:1e:79:22:2e:
         9a:a5:3e:2c:cd:1a:c0:97:88:73:45:04:44:95:c9:f7:31:56:
         76:c3:1c:4c:fe:cb:c7:4b:a9:99:3b:c6:4f:58:77:9d:f9:a7:
         55:3a:5c:15:15:54:52:57:ea:d3:7b:2b:30:3b:27:86:7b:a5:
         7c:74:d7:fa:00:18:38:53:f1:cb:9b:fb:90:51:97:2a:5d:84:
         42:a9:15:53:4f:58:6d:49:36:2d:a4:ac:65:e4:23:eb:db:28:
         04:d4:ce:d3:a2:91:c1:02:87:c2:5f:30:9e:70:0b:a0:7f:20:
         6b:8a:07:67:3c:2b:18:d8:ce:bd:dc:d0:61:a4:dd:83:c3:24:
         95:6c:2e:a5:17:d3:68:a4:9f:15:35:4c:53:5b:68:29:db:35:
         90:5f:ab:79:c8:4d:b5:9b:b2:34:9c:45:d2:e6:44:20:83:c2:
         c6:87:69:a1:12:62:33:71:2c:2e:6a:a0:db:6d:14:e5:ba:82:
         47:c3:64:18:e4:ce:8e:22:66:04:3c:3c:4f:c6:20:c0:18:03:
         b6:7c:cf:37:fe:bd:9b:a9:7a:b2:b9:55:b3:32:19:65:19:f7:
         4c:f3:9a:e5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIUPR4lmVeduIJQ/3mngszzaafUImYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4
NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDEyMDAxMDUxOVoX
DTI3MDExOTAxMTAxOVowMzExMC8GA1UEAxMoM0NDMTFDNUREODJEM0ZBNDkwMTdE
RTRCQ0FBMkYxQTY5ODk3QjMzRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKh2REJeQ6xQxl3qq24x2PpL9wT13JU6uSXLYfPlezfRrHbc24s9uh3ZjDDL
N60/5UUf4UFRnUDBc8sKPQyHo6LEsO4X4wIQcrpCQPD7Z0YDl4FbDxqg6ltLkVqN
RHQdRpdJ0z4asRFaCuR5VdhbZAf8oLbRROERdWWnEHf0Lk0sxLVvxp9v9Bosu9W2
dFTwXsTectagSYwBQDh0JvZmudQH+kcTazLtYi894P2vIP0Q5OH8MC27JgMm1FAw
64rpUpZQ8CmXOBXv3+/WXMNn5e6NGTnBqd46EXW67p6YAfJCgSs/0RW2aaTB3dFV
Evwp2B5+pAV2RJlKRzHN7BboDM0CAwEAAaOCAccwggHDMB0GA1UdDgQWBBQ8wRxd
2C0/pJAX3kvKovGmmJezPjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O
ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp
LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2
MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH
MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE
NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq
cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp
LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjA5OS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACAB
AlMCMzANBgkqhkiG9w0BAQsFAAOCAQEAaSkMPKYc4ZpFln4lwWq9PkDeApigWkUI
El9pNul+UeEeeSIumqU+LM0awJeIc0UERJXJ9zFWdsMcTP7Lx0upmTvGT1h3nfmn
VTpcFRVUUlfq03srMDsnhnulfHTX+gAYOFPxy5v7kFGXKl2EQqkVU09YbUk2LaSs
ZeQj69soBNTO06KRwQKHwl8wnnALoH8ga4oHZzwrGNjOvdzQYaTdg8MklWwupRfT
aKSfFTVMU1toKds1kF+rechNtZuyNJxF0uZEIIPCxodpoRJiM3EsLmqg220U5bqC
R8NkGOTOjiJmBDw8T8YgwBgDtnzPN/69m6l6srlVszIZZRn3TPOa5Q==
-----END CERTIFICATE-----