This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142100.roa File: AS142100.roa (raw, json) Hash identifier: bBVohDiSMV8HQbZAGucesJ3/Wng1mt1747fhC/fALq0= Subject key identifier: 45:1E:34:E1:0A:48:7E:D3:19:1D:12:DE:AB:93:26:C6:E6:56:7C:2C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 787851F794AEBA25E401ABE3F9088DFA969BA013 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142100.roa Signing time: Tue 20 Jan 2026 01:10:18 +0000 ROA not before: Tue 20 Jan 2026 01:05:18 +0000 ROA not after: Tue 19 Jan 2027 01:10:18 +0000 asID: 142100 IP address blocks: 2001:253:234::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 25 Jan 2026 19:21:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:78:51:f7:94:ae:ba:25:e4:01:ab:e3:f9:08:8d:fa:96:9b:a0:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Jan 20 01:05:18 2026 GMT Not After : Jan 19 01:10:18 2027 GMT Subject: CN=451E34E10A487ED3191D12DEAB9326C6E6567C2C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:43:d1:96:ab:fa:09:fa:df:c2:d3:9b:87:8f: 54:3a:cd:ac:68:1e:29:54:ec:a6:d3:53:89:37:e5: bb:5e:e8:22:6b:5c:4d:78:fd:a1:8a:19:83:5b:be: 6c:94:f4:70:b6:30:ef:24:9f:cc:b6:4a:9a:03:22: 5d:cb:c2:43:bc:a3:60:ec:e9:42:11:90:c5:f1:82: 4a:20:10:03:da:df:ee:71:16:e2:36:97:37:2a:2c: ec:f5:aa:90:c5:31:41:ef:f3:2a:26:ba:91:c6:36: 42:21:86:1f:0c:e2:3a:24:db:d5:26:e0:a5:f9:7b: 16:78:da:64:6e:88:64:23:6c:cb:3a:e9:92:88:4c: e6:10:c0:ce:13:c0:fc:b9:3e:32:7f:05:63:c0:e5: 77:ab:46:05:a7:f2:c0:98:0f:92:b5:41:f6:6b:88: ad:2b:5b:c1:b1:76:8f:9e:c8:c0:62:36:29:d8:88: e1:11:7f:95:aa:5b:d6:6c:d7:ec:70:b2:1f:af:08: ec:6d:e6:3b:7c:0d:e2:41:21:76:0e:b0:b7:a4:89: 29:3a:a4:5b:ee:04:12:fc:6d:56:e7:4b:d3:3b:dd: a7:3a:8e:e9:5e:ec:3c:4e:70:18:b1:27:e4:ad:cb: 64:42:22:cd:73:9b:d8:cd:66:7e:39:21:dd:14:23: 56:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:1E:34:E1:0A:48:7E:D3:19:1D:12:DE:AB:93:26:C6:E6:56:7C:2C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142100.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:253:234::/48 Signature Algorithm: sha256WithRSAEncryption 48:0e:c5:a9:82:11:d0:cf:d5:4a:34:20:7b:24:0f:81:ee:c5: b0:6e:8b:bf:52:6f:4a:6e:4e:a8:97:2f:cd:ad:7d:82:7c:c4: 6c:c5:bd:d3:df:73:52:0d:f5:f8:db:c8:c2:aa:9e:2e:c9:68: 3e:74:99:6a:12:fb:f3:f1:bc:9a:18:bb:19:43:81:47:78:2f: ef:ce:61:2e:b7:9f:06:66:4c:1e:06:e4:bf:86:87:35:21:e2: f3:82:04:7c:3e:66:d8:4d:af:a5:e5:e5:a6:70:02:21:5e:ec: 1c:18:b0:d2:cd:87:d5:d7:3b:05:4e:97:09:63:91:83:0b:c8: bd:1e:8b:f2:34:21:64:53:c5:05:11:b4:5d:c1:78:d1:bf:e9: d8:f1:37:b3:8a:da:40:67:a8:f3:70:80:34:b7:2f:91:40:05: 88:c0:c0:ab:00:b8:4f:14:9a:34:8b:d1:0e:d9:40:bb:a4:ce: 98:74:79:71:c6:6a:2b:87:fa:98:71:04:67:8e:9d:19:ac:e7: 78:d7:9b:58:b2:87:89:43:bf:6e:59:c0:5a:14:70:fb:80:41: 74:91:a4:05:93:d9:98:12:71:9c:04:e6:dc:7d:38:93:0d:59: ec:c5:19:17:ca:a1:26:29:7c:8a:46:a6:ae:d1:d6:8c:f9:09: a6:2a:e8:80 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUeHhR95SuuiXkAavj+QiN+paboBMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDEyMDAxMDUxOFoX DTI3MDExOTAxMTAxOFowMzExMC8GA1UEAxMoNDUxRTM0RTEwQTQ4N0VEMzE5MUQx MkRFQUI5MzI2QzZFNjU2N0MyQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMBD0Zar+gn638LTm4ePVDrNrGgeKVTsptNTiTflu17oImtcTXj9oYoZg1u+ bJT0cLYw7ySfzLZKmgMiXcvCQ7yjYOzpQhGQxfGCSiAQA9rf7nEW4jaXNyos7PWq kMUxQe/zKia6kcY2QiGGHwziOiTb1Sbgpfl7FnjaZG6IZCNsyzrpkohM5hDAzhPA /Lk+Mn8FY8Dld6tGBafywJgPkrVB9muIrStbwbF2j57IwGI2KdiI4RF/lapb1mzX 7HCyH68I7G3mO3wN4kEhdg6wt6SJKTqkW+4EEvxtVudL0zvdpzqO6V7sPE5wGLEn 5K3LZEIizXOb2M1mfjkh3RQjVvECAwEAAaOCAccwggHDMB0GA1UdDgQWBBRFHjTh Ckh+0xkdEt6rkybG5lZ8LDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjEwMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACAB AlMCNDANBgkqhkiG9w0BAQsFAAOCAQEASA7FqYIR0M/VSjQgeyQPge7FsG6Lv1Jv Sm5OqJcvza19gnzEbMW9099zUg31+NvIwqqeLsloPnSZahL78/G8mhi7GUOBR3gv 785hLrefBmZMHgbkv4aHNSHi84IEfD5m2E2vpeXlpnACIV7sHBiw0s2H1dc7BU6X CWORgwvIvR6L8jQhZFPFBRG0XcF40b/p2PE3s4raQGeo83CANLcvkUAFiMDAqwC4 TxSaNIvRDtlAu6TOmHR5ccZqK4f6mHEEZ46dGazneNebWLKHiUO/blnAWhRw+4BB dJGkBZPZmBJxnATm3H04kw1Z7MUZF8qhJil8ikamrtHWjPkJpirogA== -----END CERTIFICATE-----Generated at Sun Jan 25 12:04:48 2026 by rpki-client