This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142652.roa File: AS142652.roa (raw, json) Hash identifier: KwMiRJlY0Gy4bPFW6pW1ZKRMO9cegOkbW6UflnkaQ3w= Subject key identifier: 5E:26:40:67:05:07:77:01:5E:6E:4E:11:EA:EF:84:35:A5:19:8D:66 Certificate issuer: /CN=A91E5D610001/serialNumber=0B275E5B466B941AB84A742B4E3832BB1FDFEC9E Certificate serial: 55D20CB3C56F1886B20E3F57544923FE3A2C43D3 Authority key identifier: 0B:27:5E:5B:46:6B:94:1A:B8:4A:74:2B:4E:38:32:BB:1F:DF:EC:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142652.roa Signing time: Tue 02 Dec 2025 08:47:46 +0000 ROA not before: Tue 02 Dec 2025 08:42:46 +0000 ROA not after: Tue 01 Dec 2026 08:47:46 +0000 asID: 142652 IP address blocks: 240a:a002::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.crl rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 03:19:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:d2:0c:b3:c5:6f:18:86:b2:0e:3f:57:54:49:23:fe:3a:2c:43:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=0B275E5B466B941AB84A742B4E3832BB1FDFEC9E Validity Not Before: Dec 2 08:42:46 2025 GMT Not After : Dec 1 08:47:46 2026 GMT Subject: CN=5E264067050777015E6E4E11EAEF8435A5198D66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:54:73:66:b0:10:2b:2b:bb:c8:78:fb:cf:ed: f0:74:4b:69:63:a8:45:f5:f2:1b:a3:60:65:71:23: 98:fc:f5:a3:64:1b:be:62:e8:4d:00:6e:80:ec:70: 7c:9b:3f:2a:80:43:de:7a:17:7e:03:b5:eb:ff:03: e7:9e:ea:d2:fe:e4:6a:9e:da:66:92:0d:ea:39:d1: 37:d8:de:52:fd:54:8b:09:49:0c:93:3a:bc:3c:e3: 64:6a:e2:5e:0a:76:10:f0:45:a6:ca:86:94:2f:8b: ba:cd:5b:54:56:50:07:2a:18:7a:d3:9b:ff:e2:99: 53:c1:7e:89:25:22:e2:fd:92:0c:bf:56:0f:92:66: 41:48:d7:28:1f:1b:95:01:9c:90:24:af:a9:0d:d0: 2a:d7:18:67:e8:03:d3:e9:2c:9e:35:ca:7e:b7:28: 5f:4a:e2:da:cd:70:95:d9:24:22:e0:b7:ad:1e:8d: 41:db:36:41:cb:86:9e:0d:9b:9c:91:03:91:9c:96: fa:08:3e:06:5d:16:2a:65:b4:01:68:e9:b1:f3:84: 37:3c:8c:67:97:ba:e4:2d:d2:a3:7f:2a:7e:88:15: ea:2d:37:0b:08:2b:20:1b:6c:93:8a:19:31:41:3b: 87:06:c7:16:e7:68:ef:5a:13:55:82:f7:5b:e2:6f: 02:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:26:40:67:05:07:77:01:5E:6E:4E:11:EA:EF:84:35:A5:19:8D:66 X509v3 Authority Key Identifier: keyid:0B:27:5E:5B:46:6B:94:1A:B8:4A:74:2B:4E:38:32:BB:1F:DF:EC:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142652.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a002::/32 Signature Algorithm: sha256WithRSAEncryption 73:e2:3e:5f:94:0b:cd:7c:4e:80:b8:de:dd:34:57:0e:6e:58: 10:55:37:f0:97:f7:73:45:72:98:d8:c1:09:8d:50:a3:04:7d: e7:1c:84:6e:d3:76:30:4e:69:16:8a:af:33:32:3f:7b:45:fa: a6:a0:5d:16:17:22:74:e3:6c:be:76:42:e7:26:32:1a:49:3a: c5:be:25:3e:0c:a5:9c:8e:3b:3b:d1:46:5b:19:9f:54:5f:14: ef:b1:06:c7:10:ff:11:72:79:6d:14:7b:71:cc:42:f8:9d:8d: 30:1c:50:a5:f6:dc:be:a8:b7:58:9a:78:45:c6:1c:60:c5:04: 9a:25:ec:1c:88:48:89:f0:82:84:3e:59:d6:bf:56:ff:f9:97: d3:63:5b:56:7d:f9:95:fa:02:e4:ec:4c:2f:36:cb:bb:40:37: ff:4b:de:3c:15:93:fa:12:ed:24:f5:e4:dc:31:fb:b9:8a:44: 96:34:3c:97:9e:df:8c:1b:ef:45:93:e5:17:03:0e:40:99:cb: 65:11:ff:00:c2:b0:1d:9a:13:0f:ae:c7:30:9e:83:eb:c2:fe: 74:03:16:4a:0c:89:99:68:a0:6e:ee:ff:d5:e8:54:54:46:cd: 4e:c7:a8:20:03:f2:0e:44:af:8d:1f:7b:12:f7:e6:da:97:a9: 2a:c9:85:54 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVdIMs8VvGIayDj9XVEkj/josQ9MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwQjI3NUU1QjQ2 NkI5NDFBQjg0QTc0MkI0RTM4MzJCQjFGREZFQzlFMB4XDTI1MTIwMjA4NDI0NloX DTI2MTIwMTA4NDc0NlowMzExMC8GA1UEAxMoNUUyNjQwNjcwNTA3NzcwMTVFNkU0 RTExRUFFRjg0MzVBNTE5OEQ2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK9Uc2awECsru8h4+8/t8HRLaWOoRfXyG6NgZXEjmPz1o2QbvmLoTQBugOxw fJs/KoBD3noXfgO16/8D557q0v7kap7aZpIN6jnRN9jeUv1UiwlJDJM6vDzjZGri Xgp2EPBFpsqGlC+Lus1bVFZQByoYetOb/+KZU8F+iSUi4v2SDL9WD5JmQUjXKB8b lQGckCSvqQ3QKtcYZ+gD0+ksnjXKfrcoX0ri2s1wldkkIuC3rR6NQds2QcuGng2b nJEDkZyW+gg+Bl0WKmW0AWjpsfOENzyMZ5e65C3So38qfogV6i03CwgrIBtsk4oZ MUE7hwbHFudo71oTVYL3W+JvAq0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBReJkBn BQd3AV5uThHq74Q1pRmNZjAfBgNVHSMEGDAWgBQLJ15bRmuUGrhKdCtOODK7H9/s njAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wQjI3NUU1QjQ2NkI5NDFBQjg0QTc0 MkI0RTM4MzJCQjFGREZFQzlFLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9DeWRlVzBacmxCcTRTblFyVGpneXV4X2Y3 SjQuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjY1Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oAIwDQYJKoZIhvcNAQELBQADggEBAHPiPl+UC818ToC43t00Vw5uWBBVN/CX93NF cpjYwQmNUKMEfecchG7TdjBOaRaKrzMyP3tF+qagXRYXInTjbL52QucmMhpJOsW+ JT4MpZyOOzvRRlsZn1RfFO+xBscQ/xFyeW0Ue3HMQvidjTAcUKX23L6ot1iaeEXG HGDFBJol7ByISInwgoQ+Wda/Vv/5l9NjW1Z9+ZX6AuTsTC82y7tAN/9L3jwVk/oS 7ST15Nwx+7mKRJY0PJee34wb70WT5RcDDkCZy2UR/wDCsB2aEw+uxzCeg+vC/nQD FkoMiZlooG7u/9XoVFRGzU7HqCAD8g5Er40fexL35tqXqSrJhVQ= -----END CERTIFICATE-----Generated at Sat Dec 6 18:41:26 2025 by rpki-client