This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142104.roa File: AS142104.roa (raw, json) Hash identifier: JBPDoodhxf3q7pxY+XnZMjQ8SWT9EtwQ6613DxlpGa8= Subject key identifier: DA:B4:DB:C7:EC:D2:9E:13:49:EF:84:1D:3A:C8:6D:7D:C2:2C:64:CB Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4F8CE16F0B2248A420B312A94E3542721A646C30 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142104.roa Signing time: Tue 20 Jan 2026 01:10:23 +0000 ROA not before: Tue 20 Jan 2026 01:05:23 +0000 ROA not after: Tue 19 Jan 2027 01:10:23 +0000 asID: 142104 IP address blocks: 2001:253:238::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 25 Jan 2026 19:21:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:8c:e1:6f:0b:22:48:a4:20:b3:12:a9:4e:35:42:72:1a:64:6c:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Jan 20 01:05:23 2026 GMT Not After : Jan 19 01:10:23 2027 GMT Subject: CN=DAB4DBC7ECD29E1349EF841D3AC86D7DC22C64CB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:c8:da:32:86:67:ff:2e:43:c2:08:8b:59:f6: 6b:c0:9b:2d:0a:9b:d4:ec:e2:b6:f8:ec:eb:a1:ad: 6d:8b:6a:9a:83:5f:81:4a:d9:02:c8:63:63:1f:f4: 22:31:c6:98:e9:09:7c:03:a2:a7:b2:7a:fa:43:d4: 7d:5e:0d:86:05:f2:1e:bc:09:12:9a:dd:56:c5:67: 3a:5c:c6:b7:ad:63:47:95:05:ac:05:b3:8a:94:70: 3d:ba:36:50:ed:1f:0b:84:a9:d9:3e:a9:f2:01:07: b6:d7:8b:0a:24:d9:d3:ca:ca:7d:c0:ef:90:33:c3: ad:ee:8b:ae:6d:a3:b2:a5:cb:00:76:f6:1b:f0:fb: ff:33:f8:39:95:92:a7:1d:8e:2e:dd:ed:2c:5e:3d: 2c:5f:36:9a:c4:d9:42:78:55:66:95:12:8d:ed:de: 10:b2:bc:27:5e:21:d2:63:1a:4f:87:3f:fe:fa:c7: 74:e9:fb:9c:e4:5d:64:67:e1:d4:bf:da:1d:48:e7: 73:62:6a:69:c1:65:9a:79:f8:54:01:81:e1:94:18: 4b:fb:a7:16:21:f7:bb:b2:02:dd:6d:f2:b9:90:c7: d7:89:36:98:26:2c:a1:0d:e7:b8:d1:6c:46:2b:23: a7:34:d1:fc:0b:6e:f2:80:c8:11:d0:d6:55:99:a5: 30:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:B4:DB:C7:EC:D2:9E:13:49:EF:84:1D:3A:C8:6D:7D:C2:2C:64:CB X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142104.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:253:238::/48 Signature Algorithm: sha256WithRSAEncryption 71:23:99:19:dd:9e:e6:c8:bb:ed:0a:d9:83:15:f7:04:78:43: 4b:17:f6:b9:ac:81:46:3e:eb:b0:66:b2:b8:b7:b8:03:db:a5: 61:62:ba:f6:3a:71:2c:73:10:03:0b:b2:36:2e:5c:e1:fe:d6: 0d:fd:a8:93:a4:4d:19:34:f1:0a:99:c6:4c:96:2c:41:b7:26: f2:80:42:8f:1a:c4:40:93:f4:77:47:60:fc:cc:37:61:b1:fb: 65:87:3c:1a:56:6d:5d:db:c1:2e:98:4c:15:9e:4e:0e:cb:41: ea:93:e6:e4:5e:d7:e5:af:fd:a7:e7:1d:b9:c1:4a:3a:b6:cf: d4:b2:e2:4b:f6:d0:13:db:4e:a3:69:30:8f:f3:c1:db:a5:4b: 00:2d:15:4a:46:6c:4d:17:c8:0a:a6:03:51:0d:38:ca:34:21: 8b:2f:67:5c:36:20:f9:ef:3b:56:01:01:a0:b6:d6:25:85:e9: 5e:1c:c0:f5:96:37:b3:91:0d:b4:17:0d:18:97:f3:b1:db:af: db:ae:5a:5c:c4:e6:1a:f4:98:6e:4e:34:cf:22:c3:8c:69:ea: 87:46:c6:01:54:84:4b:e5:f3:8e:07:af:7c:6a:41:18:0e:b0: 3c:c4:f1:0d:f1:f5:1b:98:2a:5a:b5:83:66:3a:b6:55:7c:6d: c2:c3:7a:9a -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIUT4zhbwsiSKQgsxKpTjVCchpkbDAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDEyMDAxMDUyM1oX DTI3MDExOTAxMTAyM1owMzExMC8GA1UEAxMoREFCNERCQzdFQ0QyOUUxMzQ5RUY4 NDFEM0FDODZEN0RDMjJDNjRDQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOTI2jKGZ/8uQ8IIi1n2a8CbLQqb1Ozitvjs66GtbYtqmoNfgUrZAshjYx/0 IjHGmOkJfAOip7J6+kPUfV4NhgXyHrwJEprdVsVnOlzGt61jR5UFrAWzipRwPbo2 UO0fC4Sp2T6p8gEHtteLCiTZ08rKfcDvkDPDre6Lrm2jsqXLAHb2G/D7/zP4OZWS px2OLt3tLF49LF82msTZQnhVZpUSje3eELK8J14h0mMaT4c//vrHdOn7nORdZGfh 1L/aHUjnc2JqacFlmnn4VAGB4ZQYS/unFiH3u7IC3W3yuZDH14k2mCYsoQ3nuNFs RisjpzTR/Atu8oDIEdDWVZmlMIUCAwEAAaOCAccwggHDMB0GA1UdDgQWBBTatNvH 7NKeE0nvhB06yG19wixkyzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjEwNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACAB AlMCODANBgkqhkiG9w0BAQsFAAOCAQEAcSOZGd2e5si77QrZgxX3BHhDSxf2uayB Rj7rsGayuLe4A9ulYWK69jpxLHMQAwuyNi5c4f7WDf2ok6RNGTTxCpnGTJYsQbcm 8oBCjxrEQJP0d0dg/Mw3YbH7ZYc8GlZtXdvBLphMFZ5ODstB6pPm5F7X5a/9p+cd ucFKOrbP1LLiS/bQE9tOo2kwj/PB26VLAC0VSkZsTRfICqYDUQ04yjQhiy9nXDYg +e87VgEBoLbWJYXpXhzA9ZY3s5ENtBcNGJfzsduv265aXMTmGvSYbk40zyLDjGnq h0bGAVSES+XzjgevfGpBGA6wPMTxDfH1G5gqWrWDZjq2VXxtwsN6mg== -----END CERTIFICATE-----Generated at Sun Jan 25 13:35:14 2026 by rpki-client