This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142653.roa File: AS142653.roa (raw, json) Hash identifier: CGHcowPCqC8lt2n5ZWEUTOx1DfaWlyfmHuibdz0pkyc= Subject key identifier: 97:18:9C:30:C6:A3:F1:AE:82:AD:8C:95:76:E5:79:C1:CF:C3:1C:8D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0FC38EE4A5E0442D39C7DAA5B9B314C732FD6F76 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142653.roa Signing time: Tue 20 Jan 2026 01:10:25 +0000 ROA not before: Tue 20 Jan 2026 01:05:25 +0000 ROA not after: Tue 19 Jan 2027 01:10:25 +0000 asID: 142653 IP address blocks: 240a:a003::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 26 Jan 2026 12:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:c3:8e:e4:a5:e0:44:2d:39:c7:da:a5:b9:b3:14:c7:32:fd:6f:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Jan 20 01:05:25 2026 GMT Not After : Jan 19 01:10:25 2027 GMT Subject: CN=97189C30C6A3F1AE82AD8C9576E579C1CFC31C8D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:98:75:8f:46:e7:3e:cf:32:d7:c4:fd:6f:63: e7:47:13:87:fa:5c:ca:5a:10:ca:9a:6f:16:97:42: 07:ec:de:10:ef:f2:ba:24:fd:91:36:51:83:5c:3f: eb:2e:25:34:58:c4:6f:dc:e2:b2:e4:0e:b3:9f:cf: 93:6b:0d:7c:b3:14:8e:cb:86:39:00:cb:ea:93:60: c2:b9:f3:b8:57:22:c7:cd:9d:54:ff:d0:c8:9c:55: 3a:b4:ad:95:52:db:e4:3a:27:61:c9:c0:e1:07:8a: b8:8b:cd:78:43:de:9f:ee:a2:fc:8d:46:1d:24:1d: ce:83:f2:16:33:06:7d:00:7a:36:68:d5:93:1d:ab: e4:17:34:cd:44:46:c5:4f:71:fd:dc:e9:44:cb:18: 41:a5:f2:ef:5d:13:22:69:f2:ef:94:bc:73:51:30: f8:48:21:30:ba:7b:41:87:ca:cc:fd:af:29:72:68: 33:b9:20:6d:0a:f6:c0:44:7f:44:00:c8:84:16:f7: e1:34:c1:16:31:f6:d2:a1:e1:e5:1f:d7:4b:04:ef: d9:5d:43:f9:dd:1f:8c:db:b9:b3:ba:82:1e:83:7e: 7d:a9:c4:53:fa:1a:cb:12:59:8d:70:69:39:13:18: b2:8f:c6:53:53:8b:c1:2c:d4:7a:20:1c:3f:ce:8a: e8:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:18:9C:30:C6:A3:F1:AE:82:AD:8C:95:76:E5:79:C1:CF:C3:1C:8D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142653.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a003::/32 Signature Algorithm: sha256WithRSAEncryption 23:b5:de:56:4e:2b:28:d4:bd:b7:65:1d:01:6c:40:5e:9b:84: 56:f2:03:34:7c:1a:fd:dd:aa:f7:e3:59:37:c3:a2:b7:77:46: 01:a9:e6:cd:75:ed:d4:95:b4:26:25:22:11:f5:e8:ea:72:7d: fb:f8:c6:fd:0a:12:64:bf:18:ff:0a:35:ac:89:92:79:26:20: 25:33:b6:e7:fd:79:ca:5e:cc:51:b7:d9:ee:20:01:6c:10:57: e6:2a:a2:f9:09:94:03:4a:38:0e:00:2a:80:32:12:23:fc:e6: 83:3a:a0:b4:49:f4:4f:66:d4:48:0c:e7:fa:e7:eb:9f:c0:bd: b4:83:a6:89:b6:92:50:b5:7c:aa:4e:c5:b0:d9:57:ae:36:43: 7c:f2:47:3a:02:8a:5e:87:00:f6:75:50:7f:05:6d:0c:1e:74: e5:1c:50:19:e0:32:58:84:ea:7f:f1:ea:da:13:93:91:c5:0d: 81:73:e8:d1:fb:1a:48:ea:16:6d:36:3f:b8:a8:ba:12:61:40: 60:36:f0:07:3a:e5:82:57:e8:5a:fc:16:ec:b7:1f:19:24:c6: a1:65:85:86:6c:e3:18:51:86:6b:ea:12:3a:ac:31:98:af:32: df:f2:5a:c5:b3:6e:0b:59:19:7b:6f:6e:40:d6:a8:8e:76:1e: 8d:7f:d6:c5 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUD8OO5KXgRC05x9qlubMUxzL9b3YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDEyMDAxMDUyNVoX DTI3MDExOTAxMTAyNVowMzExMC8GA1UEAxMoOTcxODlDMzBDNkEzRjFBRTgyQUQ4 Qzk1NzZFNTc5QzFDRkMzMUM4RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOeYdY9G5z7PMtfE/W9j50cTh/pcyloQyppvFpdCB+zeEO/yuiT9kTZRg1w/ 6y4lNFjEb9zisuQOs5/Pk2sNfLMUjsuGOQDL6pNgwrnzuFcix82dVP/QyJxVOrSt lVLb5DonYcnA4QeKuIvNeEPen+6i/I1GHSQdzoPyFjMGfQB6NmjVkx2r5Bc0zURG xU9x/dzpRMsYQaXy710TImny75S8c1Ew+EghMLp7QYfKzP2vKXJoM7kgbQr2wER/ RADIhBb34TTBFjH20qHh5R/XSwTv2V1D+d0fjNu5s7qCHoN+fanEU/oayxJZjXBp ORMYso/GU1OLwSzUeiAcP86K6LkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSXGJww xqPxroKtjJV25XnBz8McjTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjY1My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oAMwDQYJKoZIhvcNAQELBQADggEBACO13lZOKyjUvbdlHQFsQF6bhFbyAzR8Gv3d qvfjWTfDord3RgGp5s117dSVtCYlIhH16Opyffv4xv0KEmS/GP8KNayJknkmICUz tuf9ecpezFG32e4gAWwQV+YqovkJlANKOA4AKoAyEiP85oM6oLRJ9E9m1EgM5/rn 65/AvbSDpom2klC1fKpOxbDZV642Q3zyRzoCil6HAPZ1UH8FbQwedOUcUBngMliE 6n/x6toTk5HFDYFz6NH7GkjqFm02P7iouhJhQGA28Ac65YJX6Fr8Fuy3HxkkxqFl hYZs4xhRhmvqEjqsMZivMt/yWsWzbgtZGXtvbkDWqI52Ho1/1sU= -----END CERTIFICATE-----Generated at Sun Jan 25 15:17:22 2026 by rpki-client