This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS23910.roa File: AS23910.roa (raw, json) Hash identifier: dc///mVoIcqohBgC2zSxwV+zelIQzuo/ZtQ7QT3uRNo= Subject key identifier: B7:A1:9F:45:9E:72:4D:67:8F:B4:6B:0B:19:84:36:78:AD:2B:AA:73 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0CC030EBDED1D6266CF824455FC6EE8641B908CC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS23910.roa Signing time: Tue 20 Jan 2026 01:10:17 +0000 ROA not before: Tue 20 Jan 2026 01:05:17 +0000 ROA not after: Tue 19 Jan 2027 01:10:17 +0000 asID: 23910 IP address blocks: 2001:253::/32 maxlen: 32 240a:a000::/32 maxlen: 32 240a:a001::/32 maxlen: 32 240a:a002::/32 maxlen: 32 240a:a003::/32 maxlen: 32 240a:a004::/32 maxlen: 32 240a:a005::/32 maxlen: 32 240a:a006::/32 maxlen: 32 240a:a007::/32 maxlen: 32 240a:a008::/32 maxlen: 32 240a:a009::/32 maxlen: 32 240a:a800::/32 maxlen: 32 240a:a801::/32 maxlen: 32 240a:a802::/32 maxlen: 32 240a:a803::/32 maxlen: 32 240a:a804::/32 maxlen: 32 240a:a805::/32 maxlen: 32 240a:a806::/32 maxlen: 32 240a:a807::/32 maxlen: 32 240a:a808::/32 maxlen: 32 240a:a809::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 25 Jan 2026 19:21:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:c0:30:eb:de:d1:d6:26:6c:f8:24:45:5f:c6:ee:86:41:b9:08:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Jan 20 01:05:17 2026 GMT Not After : Jan 19 01:10:17 2027 GMT Subject: CN=B7A19F459E724D678FB46B0B19843678AD2BAA73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:3e:f4:f1:8a:3a:1c:1a:1d:5f:f4:ab:fa:14: 51:79:70:7e:1b:75:9b:4a:d0:a9:34:8b:81:76:4c: 8e:a4:47:3f:a7:b7:c7:a4:80:11:75:08:48:9c:f5: c8:d6:ac:95:af:86:00:7e:fe:ac:5b:ea:59:5d:ed: e3:cd:72:4a:1a:bd:6e:20:7e:13:57:4d:cb:23:3d: 35:fe:3c:17:2e:3f:be:07:b6:eb:91:64:fe:16:1b: 59:04:8a:53:f1:18:30:42:e5:d6:a8:a5:8d:03:92: 97:01:2c:39:23:0f:ad:5a:ac:0c:09:13:e6:c2:e5: 71:99:db:10:d5:5f:35:4e:d9:fb:d7:8c:a2:d3:e4: 52:26:a3:65:17:a9:fc:ce:a8:74:e1:09:0a:bd:fd: 13:65:a4:27:61:68:86:81:1c:11:11:30:f9:6f:9e: a6:cc:05:cf:2d:ee:6a:ea:e2:73:1f:32:fc:d1:da: 61:20:18:14:a6:ea:3e:b8:be:49:6f:9f:1d:33:f1: e0:6d:46:22:7b:bc:cb:7a:22:17:48:b2:87:e6:f0: 95:4e:a3:80:04:a0:a2:cc:58:04:0e:c4:f3:4a:6c: 04:36:89:2c:37:30:70:f5:81:37:7a:a5:fc:59:a9: 4a:14:c3:72:58:36:78:4d:31:f9:6d:d0:cb:64:e9: b3:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:A1:9F:45:9E:72:4D:67:8F:B4:6B:0B:19:84:36:78:AD:2B:AA:73 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS23910.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:253::/32 240a:a000::-240a:a009:ffff:ffff:ffff:ffff:ffff:ffff 240a:a800::-240a:a809:ffff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 93:05:d3:8a:2e:ed:bb:02:7d:84:3d:7f:26:d2:f6:bc:09:59: 32:90:87:3c:94:eb:22:a1:1c:2b:42:66:d8:56:4b:3d:af:15: ee:42:16:50:4a:5d:28:60:f7:80:02:7c:e2:d7:eb:f9:3a:1c: e2:88:ea:2a:c1:d2:c4:00:b3:14:e4:05:0e:b1:d3:6f:1b:96: 38:8d:6f:13:7c:b8:31:3b:b1:25:aa:37:6f:5e:ad:bc:dc:f0: a0:7c:5e:d4:3d:13:3e:41:77:39:c8:68:58:da:11:2c:06:c6: 1a:39:30:80:a3:09:5a:de:ff:b9:bd:55:6e:71:f1:92:d7:80: 7a:71:ef:ac:6d:54:34:ea:3c:e3:fa:8c:bd:d4:60:4b:3f:ce: ac:e3:fe:b0:83:ea:b5:a5:6a:15:93:d0:60:45:b2:44:e7:db: 04:bc:8c:c6:80:8d:60:6d:64:9d:b3:4c:36:15:a7:02:3b:2b: 04:c4:d7:39:6c:c9:1b:43:0a:d6:d6:58:53:75:b4:89:28:b7: 9b:99:ac:a7:f9:44:15:2a:d9:91:34:d7:8d:57:35:57:2b:e5: a9:43:9f:be:f5:d0:d3:94:bf:8c:42:61:9e:4b:fb:9c:12:fd: 8c:07:04:c7:8e:2a:2b:ea:bf:b7:c8:de:95:e6:70:d9:e1:8b: ee:dd:c7:40 -----BEGIN CERTIFICATE----- MIIE7zCCA9egAwIBAgIUDMAw697R1iZs+CRFX8buhkG5CMwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDEyMDAxMDUxN1oX DTI3MDExOTAxMTAxN1owMzExMC8GA1UEAxMoQjdBMTlGNDU5RTcyNEQ2NzhGQjQ2 QjBCMTk4NDM2NzhBRDJCQUE3MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMg+9PGKOhwaHV/0q/oUUXlwfht1m0rQqTSLgXZMjqRHP6e3x6SAEXUISJz1 yNasla+GAH7+rFvqWV3t481yShq9biB+E1dNyyM9Nf48Fy4/vge265Fk/hYbWQSK U/EYMELl1qiljQOSlwEsOSMPrVqsDAkT5sLlcZnbENVfNU7Z+9eMotPkUiajZRep /M6odOEJCr39E2WkJ2FohoEcEREw+W+epswFzy3uauricx8y/NHaYSAYFKbqPri+ SW+fHTPx4G1GInu8y3oiF0iyh+bwlU6jgASgosxYBA7E80psBDaJLDcwcPWBN3ql /FmpShTDclg2eE0x+W3Qy2Tps/8CAwEAAaOCAeIwggHeMB0GA1UdDgQWBBS3oZ9F nnJNZ4+0awsZhDZ4rSuqczAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME0GCCsGAQUFBwELBEEwPzA9BggrBgEFBQcwC4YxcnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzIzOTEwLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAAjAlAwUAIAEC UzANAwQFJAqgAwUBJAqgCDANAwQDJAqoAwUBJAqoCDANBgkqhkiG9w0BAQsFAAOC AQEAkwXTii7tuwJ9hD1/JtL2vAlZMpCHPJTrIqEcK0Jm2FZLPa8V7kIWUEpdKGD3 gAJ84tfr+Toc4ojqKsHSxACzFOQFDrHTbxuWOI1vE3y4MTuxJao3b16tvNzwoHxe 1D0TPkF3OchoWNoRLAbGGjkwgKMJWt7/ub1VbnHxkteAenHvrG1UNOo84/qMvdRg Sz/OrOP+sIPqtaVqFZPQYEWyROfbBLyMxoCNYG1knbNMNhWnAjsrBMTXOWzJG0MK 1tZYU3W0iSi3m5msp/lEFSrZkTTXjVc1VyvlqUOfvvXQ05S/jEJhnkv7nBL9jAcE x44qK+q/t8jeleZw2eGL7t3HQA== -----END CERTIFICATE-----Generated at Sun Jan 25 13:35:15 2026 by rpki-client