This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142657.roa File: AS142657.roa (raw, json) Hash identifier: 8TkxSszUI/bUh6hqR80sK9HMbRekybeF/ZOw4/oZX7Y= Subject key identifier: 12:98:57:F0:2A:C2:50:8A:4F:65:45:8C:27:2A:59:49:21:76:62:FC Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 77982EFD58D4190FDDAE0A36DBE48C85A6FE82A4 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142657.roa Signing time: Tue 20 Jan 2026 01:10:14 +0000 ROA not before: Tue 20 Jan 2026 01:05:14 +0000 ROA not after: Tue 19 Jan 2027 01:10:14 +0000 asID: 142657 IP address blocks: 240a:a007::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 26 Jan 2026 12:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:98:2e:fd:58:d4:19:0f:dd:ae:0a:36:db:e4:8c:85:a6:fe:82:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Jan 20 01:05:14 2026 GMT Not After : Jan 19 01:10:14 2027 GMT Subject: CN=129857F02AC2508A4F65458C272A5949217662FC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:7e:5f:41:36:69:b0:bb:ba:7e:39:72:51:2d: e6:c3:fc:cc:65:31:5f:58:6d:01:29:93:c5:9a:f4: 6b:27:be:bc:30:67:e2:26:ca:59:87:0e:ba:62:45: 51:68:91:f4:f4:47:c6:7f:5e:31:a7:94:8e:70:40: 19:3c:58:8b:fa:fc:11:52:21:9f:74:37:96:be:a6: e9:5c:73:14:f1:fa:69:46:80:7d:4d:ce:0d:b4:de: b1:9c:8d:7f:02:53:7b:e3:9a:29:9b:e8:70:59:c7: 24:4d:51:4f:35:e2:ae:fa:ae:08:4e:bc:7a:08:89: 83:0c:50:aa:9b:89:43:75:21:b3:d9:2b:1c:58:72: 0d:55:98:25:6d:f6:5c:5a:71:20:2b:ca:a6:a1:32: eb:33:3a:06:7f:9c:5a:a2:8e:28:f6:fc:d1:39:4f: 20:75:bb:72:67:6c:31:ff:4d:96:55:c9:a8:4a:29: f8:29:4a:c5:3f:1f:15:d9:50:a9:d0:24:f3:51:89: 11:c9:de:22:e4:12:de:47:30:b8:06:c4:54:6f:68: f5:16:be:7a:80:50:56:76:93:42:69:8f:da:cc:d9: 20:c1:86:7d:ff:78:82:e6:aa:6e:a1:03:54:8d:52: a2:98:67:4f:93:44:b2:70:5b:98:e6:b7:8f:0b:2b: ce:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:98:57:F0:2A:C2:50:8A:4F:65:45:8C:27:2A:59:49:21:76:62:FC X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142657.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a007::/32 Signature Algorithm: sha256WithRSAEncryption ab:fc:87:26:df:f3:74:9c:6d:01:93:1e:e5:28:26:05:62:47: 21:b8:0f:41:31:f4:90:b5:d3:c0:5a:51:f3:bc:20:41:91:c4: cf:d5:00:d4:9b:a5:d9:96:ac:f2:a9:73:ae:0c:45:71:d9:9a: c2:c2:a4:1c:8d:04:f3:ec:82:0d:8f:1d:2e:df:38:6b:ed:bb: 31:34:9e:08:9e:a5:d7:aa:ca:f8:b7:40:22:13:90:13:95:70: 1b:4b:0c:e2:f0:4c:cd:92:e7:f4:24:ab:3a:36:96:7b:3c:df: cc:b9:ce:b4:7b:19:aa:98:59:a7:8f:cc:92:c4:d2:f4:28:9a: f2:97:07:a6:db:83:ba:08:73:87:24:04:96:92:ec:d4:21:fb: 49:ce:b5:68:ca:56:78:d4:69:0b:c1:b1:8b:24:96:1e:55:28: cb:b9:e2:ac:49:dc:85:14:8b:dc:21:33:07:f5:0c:60:bf:f8: 99:c4:b8:9a:64:05:b8:dc:69:0b:d4:ac:0e:a2:35:18:29:8f: af:3c:4c:26:ea:e4:51:4f:0e:72:35:97:ce:41:44:a0:67:61: 52:04:0f:5e:a4:2c:5e:16:d2:95:a4:f3:8c:ef:04:da:90:3b: 9e:97:4b:07:67:7b:82:6f:3b:bc:92:82:f2:80:49:86:f5:b6: 30:73:e8:d9 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUd5gu/VjUGQ/drgo22+SMhab+gqQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDEyMDAxMDUxNFoX DTI3MDExOTAxMTAxNFowMzExMC8GA1UEAxMoMTI5ODU3RjAyQUMyNTA4QTRGNjU0 NThDMjcyQTU5NDkyMTc2NjJGQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL1+X0E2abC7un45clEt5sP8zGUxX1htASmTxZr0aye+vDBn4ibKWYcOumJF UWiR9PRHxn9eMaeUjnBAGTxYi/r8EVIhn3Q3lr6m6VxzFPH6aUaAfU3ODbTesZyN fwJTe+OaKZvocFnHJE1RTzXirvquCE68egiJgwxQqpuJQ3Uhs9krHFhyDVWYJW32 XFpxICvKpqEy6zM6Bn+cWqKOKPb80TlPIHW7cmdsMf9NllXJqEop+ClKxT8fFdlQ qdAk81GJEcneIuQS3kcwuAbEVG9o9Ra+eoBQVnaTQmmP2szZIMGGff94guaqbqED VI1SophnT5NEsnBbmOa3jwsrzrsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQSmFfw KsJQik9lRYwnKllJIXZi/DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjY1Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oAcwDQYJKoZIhvcNAQELBQADggEBAKv8hybf83ScbQGTHuUoJgViRyG4D0Ex9JC1 08BaUfO8IEGRxM/VANSbpdmWrPKpc64MRXHZmsLCpByNBPPsgg2PHS7fOGvtuzE0 ngiepdeqyvi3QCITkBOVcBtLDOLwTM2S5/Qkqzo2lns838y5zrR7GaqYWaePzJLE 0vQomvKXB6bbg7oIc4ckBJaS7NQh+0nOtWjKVnjUaQvBsYsklh5VKMu54qxJ3IUU i9whMwf1DGC/+JnEuJpkBbjcaQvUrA6iNRgpj688TCbq5FFPDnI1l85BRKBnYVIE D16kLF4W0pWk84zvBNqQO56XSwdne4JvO7ySgvKASYb1tjBz6Nk= -----END CERTIFICATE-----Generated at Sun Jan 25 15:17:10 2026 by rpki-client