This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS23910.roa File: AS23910.roa (raw, json) Hash identifier: hzM8ZziYPZVPcfmiNkcGIgggbg7Udk1ugb23rFI7FOE= Subject key identifier: F0:AA:82:04:EE:1D:36:CD:91:B5:26:E2:1D:85:99:6C:AC:73:93:A0 Certificate issuer: /CN=A91E5D610001/serialNumber=0B275E5B466B941AB84A742B4E3832BB1FDFEC9E Certificate serial: 6DBCDEF139CD639A506A11316BFB3B33C38317FC Authority key identifier: 0B:27:5E:5B:46:6B:94:1A:B8:4A:74:2B:4E:38:32:BB:1F:DF:EC:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS23910.roa Signing time: Tue 02 Dec 2025 08:47:47 +0000 ROA not before: Tue 02 Dec 2025 08:42:47 +0000 ROA not after: Tue 01 Dec 2026 08:47:47 +0000 asID: 23910 IP address blocks: 2001:253::/32 maxlen: 32 240a:a000::/32 maxlen: 32 240a:a001::/32 maxlen: 32 240a:a002::/32 maxlen: 32 240a:a003::/32 maxlen: 32 240a:a004::/32 maxlen: 32 240a:a005::/32 maxlen: 32 240a:a006::/32 maxlen: 32 240a:a007::/32 maxlen: 32 240a:a008::/32 maxlen: 32 240a:a009::/32 maxlen: 32 240a:a800::/32 maxlen: 32 240a:a801::/32 maxlen: 32 240a:a802::/32 maxlen: 32 240a:a803::/32 maxlen: 32 240a:a804::/32 maxlen: 32 240a:a805::/32 maxlen: 32 240a:a806::/32 maxlen: 32 240a:a807::/32 maxlen: 32 240a:a808::/32 maxlen: 32 240a:a809::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.crl rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 07 Dec 2025 03:19:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:bc:de:f1:39:cd:63:9a:50:6a:11:31:6b:fb:3b:33:c3:83:17:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=0B275E5B466B941AB84A742B4E3832BB1FDFEC9E Validity Not Before: Dec 2 08:42:47 2025 GMT Not After : Dec 1 08:47:47 2026 GMT Subject: CN=F0AA8204EE1D36CD91B526E21D85996CAC7393A0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:e5:ba:cd:c9:c4:fc:a3:40:a3:c7:eb:60:82: 78:5e:7c:51:64:b3:ee:e2:09:f0:93:7f:2b:74:b9: 6b:c4:23:40:4f:10:7d:3f:55:c2:e0:0c:22:92:99: 32:ad:72:21:95:30:4a:fd:22:01:25:d9:85:df:89: 5b:eb:f1:f3:7c:b7:2c:f9:73:a5:be:89:ec:7e:24: ff:7b:ab:8d:a0:33:28:4f:6a:15:5a:94:79:91:09: 1f:22:50:4b:45:40:26:fc:82:a2:e4:fd:ab:9f:9d: 0e:4c:11:2e:35:3a:13:97:d6:70:72:c4:0c:07:04: d4:fb:ed:3a:7b:ba:57:1f:66:39:7e:d2:4a:cf:88: e9:5e:ca:b6:dd:fe:49:ce:8f:d3:5f:5a:d3:e3:39: 43:5a:66:40:2f:97:51:68:fa:56:4d:e4:d7:8c:c5: 94:8e:13:a4:ba:ec:7e:8b:11:5d:dd:83:7d:d3:09: 64:5b:5a:c4:05:f7:11:6f:85:78:b4:60:8a:8e:79: 17:8a:82:f5:3f:52:82:52:5f:b3:17:02:db:30:6c: c5:7c:19:a0:82:9e:c8:c9:51:49:5d:9b:72:ea:91: 46:ff:5a:ec:85:31:15:a4:89:0c:7d:e3:11:76:08: fe:3a:34:3e:f4:7b:35:64:a9:db:57:e7:ab:d5:4a: cd:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:AA:82:04:EE:1D:36:CD:91:B5:26:E2:1D:85:99:6C:AC:73:93:A0 X509v3 Authority Key Identifier: keyid:0B:27:5E:5B:46:6B:94:1A:B8:4A:74:2B:4E:38:32:BB:1F:DF:EC:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/0B275E5B466B941AB84A742B4E3832BB1FDFEC9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CydeW0ZrlBq4SnQrTjgyux_f7J4.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS23910.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:253::/32 240a:a000::-240a:a009:ffff:ffff:ffff:ffff:ffff:ffff 240a:a800::-240a:a809:ffff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 99:ba:ca:b8:ef:ae:75:8f:47:99:78:8f:b1:20:5c:be:68:33: 88:8c:97:f8:55:12:11:63:9d:9d:1e:50:6b:d0:11:31:42:c5: 6f:41:f3:e4:8b:04:e2:a7:b9:d4:0c:20:e8:69:a1:32:91:2b: c3:41:72:a1:47:22:0a:90:1f:ae:e3:29:c5:30:3b:f2:64:2b: 9c:31:ad:eb:8c:4e:14:1a:b0:7a:0b:9f:7c:6b:61:f2:a4:39: 88:0e:83:3f:54:a4:72:42:39:fa:87:86:d8:8e:e6:0e:74:9d: 54:31:85:5a:bf:83:f0:5a:f2:e6:47:2b:cc:99:1a:55:48:14: 40:45:f8:89:2f:6d:24:9b:65:40:24:9a:fb:51:1d:c4:96:bb: e6:cf:b4:6a:16:5c:c8:24:c9:05:66:c2:3f:b9:4c:9d:d1:74: 43:d2:c0:cf:5f:dd:38:49:a5:ca:3a:41:a9:5d:b1:b2:f4:83: 50:c2:48:47:d0:43:33:47:a1:b8:cc:c4:07:8b:0e:35:3e:a4: b0:e8:0d:4d:71:61:c8:ab:f2:61:70:77:02:9a:04:87:9d:79: 19:11:0f:d1:e8:3d:2e:02:a9:8b:12:bc:33:a9:a3:b4:fd:5c: 5d:2b:dc:3d:f3:a2:62:45:fc:c5:68:02:6c:dd:23:b7:eb:5a: 74:f7:e9:05 -----BEGIN CERTIFICATE----- MIIE7zCCA9egAwIBAgIUbbze8TnNY5pQahExa/s7M8ODF/wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwQjI3NUU1QjQ2 NkI5NDFBQjg0QTc0MkI0RTM4MzJCQjFGREZFQzlFMB4XDTI1MTIwMjA4NDI0N1oX DTI2MTIwMTA4NDc0N1owMzExMC8GA1UEAxMoRjBBQTgyMDRFRTFEMzZDRDkxQjUy NkUyMUQ4NTk5NkNBQzczOTNBMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMLlus3JxPyjQKPH62CCeF58UWSz7uIJ8JN/K3S5a8QjQE8QfT9VwuAMIpKZ Mq1yIZUwSv0iASXZhd+JW+vx83y3LPlzpb6J7H4k/3urjaAzKE9qFVqUeZEJHyJQ S0VAJvyCouT9q5+dDkwRLjU6E5fWcHLEDAcE1PvtOnu6Vx9mOX7SSs+I6V7Ktt3+ Sc6P019a0+M5Q1pmQC+XUWj6Vk3k14zFlI4TpLrsfosRXd2DfdMJZFtaxAX3EW+F eLRgio55F4qC9T9SglJfsxcC2zBsxXwZoIKeyMlRSV2bcuqRRv9a7IUxFaSJDH3j EXYI/jo0PvR7NWSp21fnq9VKzeMCAwEAAaOCAeIwggHeMB0GA1UdDgQWBBTwqoIE 7h02zZG1JuIdhZlsrHOToDAfBgNVHSMEGDAWgBQLJ15bRmuUGrhKdCtOODK7H9/s njAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wQjI3NUU1QjQ2NkI5NDFBQjg0QTc0 MkI0RTM4MzJCQjFGREZFQzlFLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9DeWRlVzBacmxCcTRTblFyVGpneXV4X2Y3 SjQuY2VyME0GCCsGAQUFBwELBEEwPzA9BggrBgEFBQcwC4YxcnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzIzOTEwLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAAjAlAwUAIAEC UzANAwQFJAqgAwUBJAqgCDANAwQDJAqoAwUBJAqoCDANBgkqhkiG9w0BAQsFAAOC AQEAmbrKuO+udY9HmXiPsSBcvmgziIyX+FUSEWOdnR5Qa9ARMULFb0Hz5IsE4qe5 1Awg6GmhMpErw0FyoUciCpAfruMpxTA78mQrnDGt64xOFBqweguffGth8qQ5iA6D P1SkckI5+oeG2I7mDnSdVDGFWr+D8Fry5kcrzJkaVUgUQEX4iS9tJJtlQCSa+1Ed xJa75s+0ahZcyCTJBWbCP7lMndF0Q9LAz1/dOEmlyjpBqV2xsvSDUMJIR9BDM0eh uMzEB4sONT6ksOgNTXFhyKvyYXB3ApoEh515GREP0eg9LgKpixK8M6mjtP1cXSvc PfOiYkX8xWgCbN0jt+tadPfpBQ== -----END CERTIFICATE-----Generated at Sat Dec 6 18:41:28 2025 by rpki-client