This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS144701.roa File: AS144701.roa (raw, json) Hash identifier: SfVb/8gBuifIwngOqdUdiu6Zx3nLmdxYkNJz1QnUckU= Subject key identifier: DC:8F:33:BC:65:B2:2F:D6:64:1C:FC:AE:6B:F0:C6:1B:66:7E:C8:50 Certificate issuer: /CN=A91E5D610001/serialNumber=0B275E5B466B941AB84A742B4E3832BB1FDFEC9E Certificate serial: 6C2944BDD550CA7BD897AD5066AFE87C597192EC Authority key identifier: 0B:27:5E:5B:46:6B:94:1A:B8:4A:74:2B:4E:38:32:BB:1F:DF:EC:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS144701.roa Signing time: Tue 02 Dec 2025 08:47:49 +0000 ROA not before: Tue 02 Dec 2025 08:42:49 +0000 ROA not after: Tue 01 Dec 2026 08:47:49 +0000 asID: 144701 IP address blocks: 240a:a803::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.crl rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 03:19:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:29:44:bd:d5:50:ca:7b:d8:97:ad:50:66:af:e8:7c:59:71:92:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=0B275E5B466B941AB84A742B4E3832BB1FDFEC9E Validity Not Before: Dec 2 08:42:49 2025 GMT Not After : Dec 1 08:47:49 2026 GMT Subject: CN=DC8F33BC65B22FD6641CFCAE6BF0C61B667EC850 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:42:d2:6f:19:3c:fe:f8:49:a7:6f:20:7d:f4: 47:2c:7b:89:0a:34:d5:e7:6d:0d:a3:17:ff:a6:ae: fa:bd:73:84:55:f2:e9:23:f5:ae:fb:bf:17:6b:7b: 41:0b:1a:06:aa:2e:56:4d:5a:5e:7f:40:0b:8e:d4: 74:b3:e0:14:02:92:27:08:c9:55:e5:39:3a:62:c7: b7:8b:e5:40:9b:ca:93:f9:50:05:5c:e0:d8:d1:aa: 2c:91:57:81:b7:9c:ef:51:c7:6e:7e:77:c4:1d:0d: 66:72:3c:38:27:35:88:2d:90:4c:76:61:80:47:74: e3:b2:d8:1b:ee:26:10:8c:96:4b:98:71:ee:47:af: bf:2d:1d:ef:85:78:41:84:fd:8a:0a:25:2d:f2:77: c1:17:75:e0:8c:4b:fb:e1:9a:e1:23:5b:fc:a7:45: 75:8c:c7:e0:f3:31:6d:7a:24:67:4f:ec:f8:17:7d: 16:89:6f:d8:ec:2f:32:2f:9a:2a:d2:68:25:dd:8d: 79:44:65:d0:e0:78:43:cf:56:dc:bc:3f:45:9c:78: 3a:d6:82:c5:17:3e:2e:64:51:c2:1f:f0:c9:89:53: 86:38:14:c8:cd:9a:bf:6d:19:a2:68:b3:4e:52:a4: db:53:27:7b:f5:20:7c:9a:b2:a1:f2:ad:03:ff:21: 06:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:8F:33:BC:65:B2:2F:D6:64:1C:FC:AE:6B:F0:C6:1B:66:7E:C8:50 X509v3 Authority Key Identifier: keyid:0B:27:5E:5B:46:6B:94:1A:B8:4A:74:2B:4E:38:32:BB:1F:DF:EC:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS144701.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a803::/32 Signature Algorithm: sha256WithRSAEncryption 0b:1f:da:a4:de:01:fe:a9:be:aa:4c:ca:53:b7:2d:00:d6:bf: 1d:ee:54:ff:18:07:65:a2:67:71:14:87:18:d2:be:5f:01:c4: 03:d0:d0:62:72:93:5c:b4:8c:93:21:35:9c:12:fc:07:b7:4b: 0e:e8:dc:ae:f6:72:b0:e1:84:1c:19:fd:9b:22:61:7c:06:67: 3f:3f:0e:da:04:d0:b1:c1:dd:4e:9f:d0:6c:98:12:67:ad:0c: 78:66:70:20:a0:01:cf:c0:19:ce:92:53:07:e6:44:e9:e0:39: 6d:72:dc:53:4e:a1:d3:75:ba:1c:ee:1b:cd:dd:51:29:55:aa: 64:c3:e8:50:c7:e0:15:5c:10:17:b9:b0:16:c2:2f:0f:c1:ee: 75:59:aa:d7:f8:9a:5d:87:fc:fd:1c:cc:0e:3b:80:00:67:90: ea:5e:9b:6b:ce:b1:cf:33:69:05:b8:dc:9f:4b:41:7f:9e:82: c9:d0:c3:0e:ec:7e:72:22:c8:63:bd:a2:18:f3:3e:ad:23:2a: e6:63:15:f2:3f:09:26:24:8d:a1:a8:ec:df:34:02:58:c8:5d: 02:4d:8a:13:be:bb:36:1f:c3:9a:ef:6f:24:eb:51:79:37:e2: cb:b5:34:b4:47:0e:c1:7d:97:bf:d3:e2:67:53:44:0e:23:8c: 46:34:89:60 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUbClEvdVQynvYl61QZq/ofFlxkuwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwQjI3NUU1QjQ2 NkI5NDFBQjg0QTc0MkI0RTM4MzJCQjFGREZFQzlFMB4XDTI1MTIwMjA4NDI0OVoX DTI2MTIwMTA4NDc0OVowMzExMC8GA1UEAxMoREM4RjMzQkM2NUIyMkZENjY0MUNG Q0FFNkJGMEM2MUI2NjdFQzg1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJFC0m8ZPP74SadvIH30Ryx7iQo01edtDaMX/6au+r1zhFXy6SP1rvu/F2t7 QQsaBqouVk1aXn9AC47UdLPgFAKSJwjJVeU5OmLHt4vlQJvKk/lQBVzg2NGqLJFX gbec71HHbn53xB0NZnI8OCc1iC2QTHZhgEd047LYG+4mEIyWS5hx7kevvy0d74V4 QYT9igolLfJ3wRd14IxL++Ga4SNb/KdFdYzH4PMxbXokZ0/s+Bd9Folv2OwvMi+a KtJoJd2NeURl0OB4Q89W3Lw/RZx4OtaCxRc+LmRRwh/wyYlThjgUyM2av20Zomiz TlKk21Mne/UgfJqyofKtA/8hBr0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTcjzO8 ZbIv1mQc/K5r8MYbZn7IUDAfBgNVHSMEGDAWgBQLJ15bRmuUGrhKdCtOODK7H9/s njAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wQjI3NUU1QjQ2NkI5NDFBQjg0QTc0 MkI0RTM4MzJCQjFGREZFQzlFLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9DeWRlVzBacmxCcTRTblFyVGpneXV4X2Y3 SjQuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NDcwMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK qAMwDQYJKoZIhvcNAQELBQADggEBAAsf2qTeAf6pvqpMylO3LQDWvx3uVP8YB2Wi Z3EUhxjSvl8BxAPQ0GJyk1y0jJMhNZwS/Ae3Sw7o3K72crDhhBwZ/ZsiYXwGZz8/ DtoE0LHB3U6f0GyYEmetDHhmcCCgAc/AGc6SUwfmROngOW1y3FNOodN1uhzuG83d USlVqmTD6FDH4BVcEBe5sBbCLw/B7nVZqtf4ml2H/P0czA47gABnkOpem2vOsc8z aQW43J9LQX+egsnQww7sfnIiyGO9ohjzPq0jKuZjFfI/CSYkjaGo7N80AljIXQJN ihO+uzYfw5rvbyTrUXk34su1NLRHDsF9l7/T4mdTRA4jjEY0iWA= -----END CERTIFICATE-----Generated at Sat Dec 6 18:41:28 2025 by rpki-client