This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142103.roa File: AS142103.roa (raw, json) Hash identifier: AqwSSmOqEIm/KU6KIUfzIO9ZUqsTwohxzqEdMAi1UXs= Subject key identifier: 36:08:C0:3D:99:A0:75:8D:CB:CF:02:A0:3E:69:28:40:67:11:96:43 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6C34D0D7506F95CD93CDFCB9A8D599E9B317A5E5 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142103.roa Signing time: Tue 20 Jan 2026 01:10:24 +0000 ROA not before: Tue 20 Jan 2026 01:05:24 +0000 ROA not after: Tue 19 Jan 2027 01:10:24 +0000 asID: 142103 IP address blocks: 2001:253:237::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 25 Jan 2026 19:21:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:34:d0:d7:50:6f:95:cd:93:cd:fc:b9:a8:d5:99:e9:b3:17:a5:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Jan 20 01:05:24 2026 GMT Not After : Jan 19 01:10:24 2027 GMT Subject: CN=3608C03D99A0758DCBCF02A03E69284067119643 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:dd:c5:74:f2:1c:16:d6:79:7e:67:46:72:bf: 32:86:c6:06:34:64:77:cf:c2:03:e7:25:7a:80:4f: 0c:b7:b8:5d:50:b1:c2:dd:c9:14:58:60:8f:69:47: f4:46:b8:23:50:c0:6c:bb:52:7a:1b:5c:a6:20:dc: 4b:a4:b2:8d:e3:3b:5c:16:43:c9:83:89:31:3a:c3: bb:94:80:b2:d4:d3:c2:86:c7:5c:d7:ca:b7:c5:45: 87:e2:09:47:91:2e:94:dd:30:15:82:67:43:9f:1a: 2e:68:dd:68:f6:c6:38:39:a1:54:50:0c:4a:2b:80: 95:6d:78:31:c9:a7:a8:12:ce:d6:44:8b:67:cb:a4: e5:25:eb:b5:b9:b3:96:4e:8b:37:41:da:61:a0:ae: f9:b9:00:18:49:90:0e:35:69:4c:49:ef:63:bb:2e: a1:bf:42:07:84:9e:89:d1:55:cf:f6:9b:1f:45:05: 0c:19:c2:03:2f:5b:ff:21:d5:21:de:2d:f2:bf:6d: 72:5d:6d:0f:a4:e9:3a:52:7e:20:9b:79:a8:b2:f4: c2:21:45:74:9b:86:27:5d:30:4d:c4:1a:b9:d9:fe: 86:cc:e8:80:77:92:86:01:b9:52:2e:4f:fd:66:06: 07:3f:6c:8c:95:b1:51:bc:1b:28:d5:86:40:c9:38: 60:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:08:C0:3D:99:A0:75:8D:CB:CF:02:A0:3E:69:28:40:67:11:96:43 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142103.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:253:237::/48 Signature Algorithm: sha256WithRSAEncryption 7e:fb:ab:71:06:18:a4:9b:b1:26:ed:9f:41:41:ed:47:22:50: c4:59:12:8f:4d:8f:07:d5:73:13:79:df:06:b8:65:03:b6:8b: 99:9c:9d:1c:3e:f9:d1:14:1f:6b:d9:32:c4:2a:77:f9:b4:05: 2a:b6:62:cb:60:1d:7f:1a:ec:b9:12:aa:af:01:2d:93:44:24: 15:04:44:c4:2a:d4:6e:ec:ae:fe:33:3b:ab:82:80:60:ab:14: 62:c1:a9:99:85:57:9a:b2:2d:cd:00:dc:22:10:2a:38:0c:fd: f9:46:a2:2b:8d:6d:4d:5a:f4:bb:12:25:ea:99:fd:e2:6c:47: aa:f2:dc:33:9f:14:12:21:e4:64:59:b2:74:f0:88:fb:c6:40: e5:99:20:b2:29:a3:6c:de:c4:3f:92:3b:64:99:97:72:00:e4: d7:6d:58:9b:01:40:6b:3c:1c:f8:6c:68:8d:e2:8c:57:0b:aa: 02:ec:36:d1:69:9b:38:ac:87:f3:5f:fe:de:14:2c:2a:2a:0f: 5c:35:2e:be:ae:36:25:6d:77:99:45:03:a6:b8:8c:3e:51:0b: ea:87:58:25:8d:03:0d:68:8b:e8:34:23:0b:da:74:b2:98:26: 7c:34:20:3d:79:7e:d9:4f:04:d5:a1:8d:57:27:2a:47:a9:fe: a4:ec:d4:d3 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUbDTQ11Bvlc2Tzfy5qNWZ6bMXpeUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDEyMDAxMDUyNFoX DTI3MDExOTAxMTAyNFowMzExMC8GA1UEAxMoMzYwOEMwM0Q5OUEwNzU4RENCQ0Yw MkEwM0U2OTI4NDA2NzExOTY0MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALfdxXTyHBbWeX5nRnK/MobGBjRkd8/CA+cleoBPDLe4XVCxwt3JFFhgj2lH 9Ea4I1DAbLtSehtcpiDcS6SyjeM7XBZDyYOJMTrDu5SAstTTwobHXNfKt8VFh+IJ R5EulN0wFYJnQ58aLmjdaPbGODmhVFAMSiuAlW14McmnqBLO1kSLZ8uk5SXrtbmz lk6LN0HaYaCu+bkAGEmQDjVpTEnvY7suob9CB4SeidFVz/abH0UFDBnCAy9b/yHV Id4t8r9tcl1tD6TpOlJ+IJt5qLL0wiFFdJuGJ10wTcQaudn+hszogHeShgG5Ui5P /WYGBz9sjJWxUbwbKNWGQMk4YBsCAwEAAaOCAccwggHDMB0GA1UdDgQWBBQ2CMA9 maB1jcvPAqA+aShAZxGWQzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjEwMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACAB AlMCNzANBgkqhkiG9w0BAQsFAAOCAQEAfvurcQYYpJuxJu2fQUHtRyJQxFkSj02P B9VzE3nfBrhlA7aLmZydHD750RQfa9kyxCp3+bQFKrZiy2AdfxrsuRKqrwEtk0Qk FQRExCrUbuyu/jM7q4KAYKsUYsGpmYVXmrItzQDcIhAqOAz9+UaiK41tTVr0uxIl 6pn94mxHqvLcM58UEiHkZFmydPCI+8ZA5ZkgsimjbN7EP5I7ZJmXcgDk121YmwFA azwc+GxojeKMVwuqAuw20WmbOKyH81/+3hQsKioPXDUuvq42JW13mUUDpriMPlEL 6odYJY0DDWiL6DQjC9p0spgmfDQgPXl+2U8E1aGNVycqR6n+pOzU0w== -----END CERTIFICATE-----Generated at Sun Jan 25 13:35:16 2026 by rpki-client