This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142654.roa File: AS142654.roa (raw, json) Hash identifier: TRl/dCcXMD+Rdob0qGN+LsWaEWr2WqeDjsWAbwrYQW8= Subject key identifier: 5C:35:21:DD:0D:AE:ED:37:1E:2C:68:12:A4:D8:EE:56:F1:EB:40:EF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 064FF63D027FA73A400CEEBCD9EBE1A2D42C7CF1 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142654.roa Signing time: Tue 20 Jan 2026 01:10:20 +0000 ROA not before: Tue 20 Jan 2026 01:05:20 +0000 ROA not after: Tue 19 Jan 2027 01:10:20 +0000 asID: 142654 IP address blocks: 240a:a004::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 26 Jan 2026 12:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:4f:f6:3d:02:7f:a7:3a:40:0c:ee:bc:d9:eb:e1:a2:d4:2c:7c:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Jan 20 01:05:20 2026 GMT Not After : Jan 19 01:10:20 2027 GMT Subject: CN=5C3521DD0DAEED371E2C6812A4D8EE56F1EB40EF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:af:12:ed:cb:cd:3c:7f:62:ab:ff:69:c4:51: d9:04:39:62:2b:67:8e:6c:3f:f0:9a:d7:26:e7:20: 08:2a:0b:aa:7c:1e:c5:ab:e8:27:36:9f:2f:9e:c3: cc:37:59:53:22:3f:99:72:77:01:a1:5d:13:95:17: 3b:d4:cb:7c:5e:cb:20:75:95:13:9e:77:1d:c7:b7: 65:1e:dd:85:92:9b:89:93:ac:93:bd:a9:31:a3:9a: c3:a1:79:0c:9f:f7:72:e5:7d:01:65:16:dc:15:52: 63:9d:7a:88:e2:d0:34:ae:de:b2:5a:1a:24:66:57: 86:80:65:c1:10:13:38:dd:b2:d0:11:56:52:ac:11: 80:8a:e7:c4:e6:89:01:a1:3d:7a:bb:df:7c:c3:bb: fa:64:cd:51:03:97:22:db:24:7c:2d:18:fa:df:1a: 90:4d:30:ec:00:d5:91:71:52:a8:a0:eb:f8:a9:15: 35:2a:13:d8:b1:a5:04:f4:d2:16:78:47:f9:71:5c: ba:2f:42:34:c7:a1:e3:66:d9:62:77:f0:e0:06:4d: 26:b8:69:ba:8a:5c:ab:d8:72:10:7b:7f:b3:bf:75: 61:25:ee:7d:ed:df:23:70:50:a7:85:ad:c6:ba:f3: 63:ef:27:aa:01:15:83:1e:6a:45:8e:f3:f0:d1:02: 9d:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:35:21:DD:0D:AE:ED:37:1E:2C:68:12:A4:D8:EE:56:F1:EB:40:EF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142654.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a004::/32 Signature Algorithm: sha256WithRSAEncryption ca:59:3f:a0:2c:52:70:17:c4:63:a1:27:f5:44:6b:b4:2d:98: 87:82:af:8a:3b:cb:fe:69:50:c2:1f:f7:18:4b:69:ad:64:12: 1d:a0:42:4f:75:90:e9:fa:45:c4:33:8c:ee:55:25:f6:bc:d3: 86:ea:36:24:8a:a7:9d:47:66:82:95:53:f4:54:54:9d:96:e6: 7e:01:d0:ac:de:5d:82:be:65:e9:84:c1:57:13:47:87:e0:18: 45:bc:68:09:4c:b8:02:7a:a3:57:5b:6f:35:b3:96:0b:16:11: 42:a1:ce:3e:90:0d:3e:b2:e3:fd:c9:06:7a:09:19:a0:27:51: 71:f1:39:b3:80:36:a9:34:4d:fa:cd:9e:15:a2:81:23:da:c6: 1f:3e:b2:d1:c4:79:a7:41:ae:85:ad:04:6a:e8:20:c7:e1:d3: 3a:89:6a:17:55:30:c4:90:17:6c:b2:b8:8e:6a:7d:54:73:af: 8b:b8:db:b9:2b:65:44:6f:e4:c9:ff:5f:45:43:52:30:73:54: 03:55:56:f3:40:dc:77:67:b9:8b:79:11:d0:28:64:c4:1b:58: c8:b3:87:7f:d5:e5:b5:76:9d:d2:51:a2:99:43:0e:75:7b:13: 41:63:c1:4c:3d:0c:f9:18:39:f6:ad:bb:8e:86:6d:d0:8f:ad: 57:f6:ff:f0 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBk/2PQJ/pzpADO682evhotQsfPEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDEyMDAxMDUyMFoX DTI3MDExOTAxMTAyMFowMzExMC8GA1UEAxMoNUMzNTIxREQwREFFRUQzNzFFMkM2 ODEyQTREOEVFNTZGMUVCNDBFRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALSvEu3LzTx/Yqv/acRR2QQ5Yitnjmw/8JrXJucgCCoLqnwexavoJzafL57D zDdZUyI/mXJ3AaFdE5UXO9TLfF7LIHWVE553Hce3ZR7dhZKbiZOsk72pMaOaw6F5 DJ/3cuV9AWUW3BVSY516iOLQNK7esloaJGZXhoBlwRATON2y0BFWUqwRgIrnxOaJ AaE9ervffMO7+mTNUQOXItskfC0Y+t8akE0w7ADVkXFSqKDr+KkVNSoT2LGlBPTS FnhH+XFcui9CNMeh42bZYnfw4AZNJrhpuopcq9hyEHt/s791YSXufe3fI3BQp4Wt xrrzY+8nqgEVgx5qRY7z8NECnTECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRcNSHd Da7tNx4saBKk2O5W8etA7zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjY1NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oAQwDQYJKoZIhvcNAQELBQADggEBAMpZP6AsUnAXxGOhJ/VEa7QtmIeCr4o7y/5p UMIf9xhLaa1kEh2gQk91kOn6RcQzjO5VJfa804bqNiSKp51HZoKVU/RUVJ2W5n4B 0KzeXYK+ZemEwVcTR4fgGEW8aAlMuAJ6o1dbbzWzlgsWEUKhzj6QDT6y4/3JBnoJ GaAnUXHxObOANqk0TfrNnhWigSPaxh8+stHEeadBroWtBGroIMfh0zqJahdVMMSQ F2yyuI5qfVRzr4u427krZURv5Mn/X0VDUjBzVANVVvNA3HdnuYt5EdAoZMQbWMiz h3/V5bV2ndJRoplDDnV7E0FjwUw9DPkYOfatu46GbdCPrVf2//A= -----END CERTIFICATE-----Generated at Sun Jan 25 16:43:11 2026 by rpki-client