This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144701.roa File: AS144701.roa (raw, json) Hash identifier: efmJwWLf/3kLvoLlvICflsisPkDt5wiLzYfX8Ow5XPI= Subject key identifier: A2:BE:D1:6D:04:9A:FB:C1:4C:06:5E:2D:EB:78:8E:E8:98:A8:50:B2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2EE8AEA0A36B80A37EB612560E7D54284CC3D377 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144701.roa Signing time: Tue 20 Jan 2026 01:10:20 +0000 ROA not before: Tue 20 Jan 2026 01:05:20 +0000 ROA not after: Tue 19 Jan 2027 01:10:20 +0000 asID: 144701 IP address blocks: 240a:a803::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 25 Jan 2026 19:21:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:e8:ae:a0:a3:6b:80:a3:7e:b6:12:56:0e:7d:54:28:4c:c3:d3:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Jan 20 01:05:20 2026 GMT Not After : Jan 19 01:10:20 2027 GMT Subject: CN=A2BED16D049AFBC14C065E2DEB788EE898A850B2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:23:66:78:34:a7:44:ac:b4:1d:d6:3b:02:ab: d4:80:11:74:ac:c1:42:28:7f:92:ee:d9:63:d4:0a: e6:d5:89:d6:1a:e9:0e:f7:1d:fb:ac:b5:76:d1:bf: 4d:29:b5:15:52:d5:b6:bd:65:a1:b3:aa:12:d8:59: 2e:f5:8c:99:dc:7b:36:f4:09:8b:6c:3b:ea:ce:58: 0a:d8:f3:77:59:c9:0e:7e:1a:c7:98:1e:02:0b:eb: 88:e3:1d:4c:c8:7e:ef:fc:78:89:d4:1e:66:5a:b2: 6b:41:80:52:b4:25:64:71:15:16:d6:e0:57:fe:b2: 9b:f8:c1:bc:d3:07:cb:69:c0:99:0e:08:56:86:20: 8f:fa:44:5f:b8:72:86:76:7b:1a:1f:b7:f9:ac:23: c7:37:76:9a:24:7e:e7:c8:90:ee:11:98:95:37:47: bb:e1:98:16:1b:89:a2:c0:1b:09:d9:38:60:a8:42: 99:79:e2:b8:27:ee:de:4f:80:b3:dc:e0:b0:8f:56: 91:20:ca:0a:9a:f8:b0:66:ff:a8:83:8f:58:70:52: 1c:88:a6:ef:9a:25:09:5d:38:bf:3f:06:d8:8b:bb: 43:15:08:48:7c:1e:3d:d0:bf:d5:80:a3:dd:b9:5d: 67:25:3d:f8:ec:e1:2d:5a:49:d8:ce:b2:0a:a6:5e: ea:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:BE:D1:6D:04:9A:FB:C1:4C:06:5E:2D:EB:78:8E:E8:98:A8:50:B2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144701.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a803::/32 Signature Algorithm: sha256WithRSAEncryption 7e:5f:58:ce:dd:8c:a6:42:bb:d0:40:4b:bb:ea:b4:13:40:35: be:54:8c:76:2c:82:bb:4d:80:86:16:44:86:3a:8e:49:6d:cc: f9:a8:87:95:c4:36:a7:29:76:04:c8:66:ec:77:58:73:8a:11: 14:cd:93:ab:49:d0:17:cc:cc:08:d7:6a:cd:e4:15:1c:0f:e2: 9d:e8:e3:9a:5b:6f:c0:12:bd:c2:f6:03:47:50:85:50:01:58: cb:08:9a:ea:c3:b5:25:7b:db:94:f6:73:03:93:dc:fa:f9:83: 5a:e7:9c:fe:5f:67:e8:93:88:d6:2b:ee:14:f6:aa:77:44:d5: 7b:72:84:7e:ca:27:01:ff:31:ae:d6:2a:4f:1a:ba:8a:48:6e: 7c:93:60:ff:e0:5e:52:65:27:f9:57:79:b7:3f:94:e7:00:85: 28:b9:e9:2f:40:21:6d:b3:58:a7:c5:a8:f6:53:8f:13:d6:c3: a4:ac:78:29:2d:62:d5:d5:39:de:bc:c9:9c:dd:e1:c9:c1:ce: d0:53:04:d9:57:34:05:da:d1:56:85:07:7a:df:3e:88:39:05: 14:c4:e8:30:c2:77:7e:d8:08:00:7d:02:54:9b:c2:fd:42:cd: 5b:17:db:6a:32:b2:83:a8:a6:04:cd:6d:90:cc:43:f0:12:72: b8:ab:ba:9d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULuiuoKNrgKN+thJWDn1UKEzD03cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDEyMDAxMDUyMFoX DTI3MDExOTAxMTAyMFowMzExMC8GA1UEAxMoQTJCRUQxNkQwNDlBRkJDMTRDMDY1 RTJERUI3ODhFRTg5OEE4NTBCMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMIjZng0p0SstB3WOwKr1IARdKzBQih/ku7ZY9QK5tWJ1hrpDvcd+6y1dtG/ TSm1FVLVtr1lobOqEthZLvWMmdx7NvQJi2w76s5YCtjzd1nJDn4ax5geAgvriOMd TMh+7/x4idQeZlqya0GAUrQlZHEVFtbgV/6ym/jBvNMHy2nAmQ4IVoYgj/pEX7hy hnZ7Gh+3+awjxzd2miR+58iQ7hGYlTdHu+GYFhuJosAbCdk4YKhCmXniuCfu3k+A s9zgsI9WkSDKCpr4sGb/qIOPWHBSHIim75olCV04vz8G2Iu7QxUISHwePdC/1YCj 3bldZyU9+OzhLVpJ2M6yCqZe6kMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSivtFt BJr7wUwGXi3reI7omKhQsjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDcwMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qAMwDQYJKoZIhvcNAQELBQADggEBAH5fWM7djKZCu9BAS7vqtBNANb5UjHYsgrtN gIYWRIY6jkltzPmoh5XENqcpdgTIZux3WHOKERTNk6tJ0BfMzAjXas3kFRwP4p3o 45pbb8ASvcL2A0dQhVABWMsImurDtSV725T2cwOT3Pr5g1rnnP5fZ+iTiNYr7hT2 qndE1XtyhH7KJwH/Ma7WKk8auopIbnyTYP/gXlJlJ/lXebc/lOcAhSi56S9AIW2z WKfFqPZTjxPWw6SseCktYtXVOd68yZzd4cnBztBTBNlXNAXa0VaFB3rfPog5BRTE 6DDCd37YCAB9AlSbwv1CzVsX22oysoOopgTNbZDMQ/AScrirup0= -----END CERTIFICATE-----Generated at Sun Jan 25 13:35:02 2026 by rpki-client