This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142652.roa File: AS142652.roa (raw, json) Hash identifier: LQIem+W7WQqsYnfA9y4c48E29Zoc6y0i3ZzGbeUpVXo= Subject key identifier: D1:C3:F9:B9:E0:33:8D:EF:27:8E:4A:8C:20:86:DF:5B:F6:CB:04:6B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4BBA129EE4654801B5F42B04508689CB5B13648A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142652.roa Signing time: Tue 20 Jan 2026 01:10:15 +0000 ROA not before: Tue 20 Jan 2026 01:05:15 +0000 ROA not after: Tue 19 Jan 2027 01:10:15 +0000 asID: 142652 IP address blocks: 240a:a002::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 26 Jan 2026 12:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:ba:12:9e:e4:65:48:01:b5:f4:2b:04:50:86:89:cb:5b:13:64:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Jan 20 01:05:15 2026 GMT Not After : Jan 19 01:10:15 2027 GMT Subject: CN=D1C3F9B9E0338DEF278E4A8C2086DF5BF6CB046B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:f2:76:82:67:b1:5d:88:5c:68:4f:58:1a:4a: b8:58:74:b5:6b:4d:6e:31:9c:ae:7a:d6:a6:bd:d8: af:1e:e1:96:55:23:0a:18:44:e9:b8:9f:0e:94:7a: d0:49:06:fb:81:78:3a:2a:67:f7:61:9a:0b:a1:04: f8:87:f3:bc:f9:4a:a3:62:01:85:e9:18:fb:05:46: 55:7d:0f:49:1c:03:05:54:ff:a0:af:34:d4:79:b4: f5:e6:be:34:48:98:30:3c:65:ec:f9:61:78:21:08: 88:94:90:f2:5c:ec:0f:a7:90:a2:5b:40:ff:22:d7: ba:2b:2a:e9:ff:fd:02:32:00:c5:13:53:e7:1d:7c: 7d:7e:16:a2:9d:fd:fc:05:5d:9d:da:5c:be:15:af: 02:a4:c2:f2:c1:f2:f8:d1:e9:57:e7:3e:98:d2:4b: dc:0b:f4:3c:9d:2d:0a:02:ac:d5:99:38:cc:e0:a1: 98:22:e5:9d:98:db:b2:09:84:eb:e7:27:3c:15:c9: fd:f3:c8:41:d9:83:56:80:e8:5d:a3:f5:fe:79:e0: fc:93:57:b4:1c:7e:80:5c:a6:05:65:1b:23:51:63: 0b:88:7d:75:64:12:75:bf:6f:79:47:82:bd:17:8c: b5:fd:8d:82:d1:a5:82:2d:66:98:38:89:98:e6:7a: 09:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:C3:F9:B9:E0:33:8D:EF:27:8E:4A:8C:20:86:DF:5B:F6:CB:04:6B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142652.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a002::/32 Signature Algorithm: sha256WithRSAEncryption 9b:e4:97:2b:1a:ae:19:8a:cf:1b:2f:a4:92:ac:e4:7b:fb:cf: d1:bb:eb:25:65:46:53:fa:1b:8c:5d:79:97:e7:8c:50:f1:57: ee:f7:5f:a5:d6:80:94:e9:9c:6a:f9:df:e2:86:20:de:5f:f7: 9b:d8:af:56:26:34:72:38:30:8b:a9:a9:c8:fc:37:86:a6:01: e1:e6:1c:eb:dc:80:0d:13:55:7c:5b:3a:77:36:2b:7b:a1:bc: 51:55:08:17:3c:ba:80:b4:dd:c6:11:90:7c:91:70:b9:4c:bf: 95:bb:1d:9b:de:16:32:ce:ad:28:fe:7e:1a:23:4a:52:d2:8c: e1:8c:9d:1c:8f:73:ce:28:9d:4a:2e:e8:2d:7f:29:dd:f3:d7: 64:9e:ca:23:6f:15:6e:37:26:ea:48:6d:2a:12:ea:10:4f:95: 0a:0d:08:0a:7e:a9:21:6a:49:0c:4c:80:02:af:09:10:ed:ea: be:2f:a5:b3:ac:60:dc:cc:dc:c8:56:70:22:20:29:85:71:cb: 44:f9:99:f6:97:2d:a3:69:3c:42:be:f7:e0:8f:ce:1b:41:1d: 09:9b:09:2a:99:c5:c2:36:a2:a0:48:bd:bf:20:66:a3:dd:eb: 4f:e2:7a:53:9c:39:c5:80:4d:fa:12:3c:05:26:88:c6:25:b4: b8:cf:3f:60 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUS7oSnuRlSAG19CsEUIaJy1sTZIowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDEyMDAxMDUxNVoX DTI3MDExOTAxMTAxNVowMzExMC8GA1UEAxMoRDFDM0Y5QjlFMDMzOERFRjI3OEU0 QThDMjA4NkRGNUJGNkNCMDQ2QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALXydoJnsV2IXGhPWBpKuFh0tWtNbjGcrnrWpr3Yrx7hllUjChhE6bifDpR6 0EkG+4F4Oipn92GaC6EE+IfzvPlKo2IBhekY+wVGVX0PSRwDBVT/oK801Hm09ea+ NEiYMDxl7PlheCEIiJSQ8lzsD6eQoltA/yLXuisq6f/9AjIAxRNT5x18fX4Wop39 /AVdndpcvhWvAqTC8sHy+NHpV+c+mNJL3Av0PJ0tCgKs1Zk4zOChmCLlnZjbsgmE 6+cnPBXJ/fPIQdmDVoDoXaP1/nng/JNXtBx+gFymBWUbI1FjC4h9dWQSdb9veUeC vReMtf2NgtGlgi1mmDiJmOZ6CTcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTRw/m5 4DON7yeOSowght9b9ssEazAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjY1Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oAIwDQYJKoZIhvcNAQELBQADggEBAJvklysarhmKzxsvpJKs5Hv7z9G76yVlRlP6 G4xdeZfnjFDxV+73X6XWgJTpnGr53+KGIN5f95vYr1YmNHI4MIupqcj8N4amAeHm HOvcgA0TVXxbOnc2K3uhvFFVCBc8uoC03cYRkHyRcLlMv5W7HZveFjLOrSj+fhoj SlLSjOGMnRyPc84onUou6C1/Kd3z12SeyiNvFW43JupIbSoS6hBPlQoNCAp+qSFq SQxMgAKvCRDt6r4vpbOsYNzM3MhWcCIgKYVxy0T5mfaXLaNpPEK+9+CPzhtBHQmb CSqZxcI2oqBIvb8gZqPd60/ielOcOcWATfoSPAUmiMYltLjPP2A= -----END CERTIFICATE-----Generated at Sun Jan 25 15:17:18 2026 by rpki-client