$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142661.roa File: AS142661.roa (raw, json) Hash identifier: lupDsju1zg/RidsFYNnpUu9uL5VGNrjcZXJG+47+K8M= Subject key identifier: 51:EE:E6:72:AA:90:9F:91:2E:45:90:68:8E:8D:86:15:96:9E:E4:6D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3C22303DE69693C5EA381D56961B0254A3E55D0F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142661.roa Signing time: Wed 04 Mar 2026 06:05:56 +0000 ROA not before: Wed 04 Mar 2026 06:00:56 +0000 ROA not after: Wed 03 Mar 2027 06:05:56 +0000 asID: 142661 IP address blocks: 240a:a00b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:22:30:3d:e6:96:93:c5:ea:38:1d:56:96:1b:02:54:a3:e5:5d:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:56 2026 GMT Not After : Mar 3 06:05:56 2027 GMT Subject: CN=51EEE672AA909F912E4590688E8D8615969EE46D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:9e:cd:40:5e:af:da:5c:c2:c0:73:2e:7a:03: 89:14:5e:0b:2c:e2:31:99:7a:20:d6:51:bd:4f:92: 2b:4c:c2:de:2a:8e:15:6a:ce:c5:22:a3:b7:f0:7d: 8e:00:16:7b:56:18:e7:b0:b9:bf:5e:84:85:01:74: a9:ee:31:ae:06:3a:fe:f4:c5:4e:11:51:f3:21:be: 32:21:40:67:df:f2:33:0c:54:41:f5:f8:c5:db:ab: f4:c6:d8:30:2e:21:f3:41:60:ce:40:84:f9:87:8f: 4a:2a:11:e6:c5:7f:ba:57:c9:ad:67:45:43:86:fa: d7:e2:f6:e0:90:2f:40:3a:f5:28:cf:39:b9:1e:b8: 68:2e:22:85:04:34:5d:2a:e2:b0:32:be:2f:19:08: ca:67:3e:dc:b4:87:24:fe:22:f6:0b:e6:6e:16:d1: b0:54:13:18:84:78:9d:fc:0e:92:63:d9:bf:7f:28: 29:1a:c6:97:d6:a4:be:2b:17:f8:62:f3:fd:31:48: e8:00:63:d5:9f:30:8f:c6:39:72:a9:bf:4e:ae:b6: b6:ab:99:c6:ea:63:09:2d:62:1f:5f:52:eb:b3:8b: b3:29:7a:89:a7:6e:12:84:8a:52:d5:1f:db:dd:59: b6:b0:7d:f2:c9:5b:99:17:8e:3a:25:66:16:63:27: b4:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:EE:E6:72:AA:90:9F:91:2E:45:90:68:8E:8D:86:15:96:9E:E4:6D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142661.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a00b::/32 Signature Algorithm: sha256WithRSAEncryption 20:ac:7a:e3:1e:f1:0b:01:cb:44:3d:12:97:59:d0:1a:f8:68: 2d:e1:d9:2d:84:c5:f2:00:79:b0:f7:e6:d8:21:0c:43:46:10: 51:2a:92:78:d2:bc:0a:9e:aa:2e:18:a6:bb:1c:ae:8c:1c:87: 3d:0d:8f:39:8c:08:12:31:ae:1f:7d:8c:f3:2f:27:3b:dd:5d: 77:a6:4b:5b:d0:bc:ac:2b:bb:ca:0c:e1:8c:fa:63:d3:6b:4e: 9c:f5:d6:24:af:e1:fc:60:3e:de:f0:e6:12:ba:64:2a:9f:19: 7e:22:0a:77:4e:32:58:aa:04:56:bf:6b:57:e6:80:40:a0:d4: 6f:6e:e9:67:db:c7:17:cd:62:4c:58:7c:f6:7b:03:e2:db:f3: 77:92:49:43:61:0a:25:cb:7a:db:4e:75:c0:d3:8c:08:17:35: d8:fe:35:3c:df:93:19:56:2b:2d:a0:99:2e:53:2f:20:07:57: ac:63:f6:e1:6e:9c:30:60:94:b0:55:1e:99:19:c2:96:78:c3: 5c:33:f0:8c:23:82:20:db:ef:29:db:9b:bf:ec:91:1c:6f:3e: 28:e8:bf:aa:15:08:0d:9d:01:48:83:0d:7a:93:66:ae:48:47: 8e:39:33:3f:62:27:28:e6:77:bd:32:f4:44:33:9a:e7:03:1c: bb:d7:d8:a4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPCIwPeaWk8XqOB1WlhsCVKPlXQ8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA1NloX DTI3MDMwMzA2MDU1NlowMzExMC8GA1UEAxMoNTFFRUU2NzJBQTkwOUY5MTJFNDU5 MDY4OEU4RDg2MTU5NjlFRTQ2RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALKezUBer9pcwsBzLnoDiRReCyziMZl6INZRvU+SK0zC3iqOFWrOxSKjt/B9 jgAWe1YY57C5v16EhQF0qe4xrgY6/vTFThFR8yG+MiFAZ9/yMwxUQfX4xdur9MbY MC4h80FgzkCE+YePSioR5sV/ulfJrWdFQ4b61+L24JAvQDr1KM85uR64aC4ihQQ0 XSrisDK+LxkIymc+3LSHJP4i9gvmbhbRsFQTGIR4nfwOkmPZv38oKRrGl9akvisX +GLz/TFI6ABj1Z8wj8Y5cqm/Tq62tquZxupjCS1iH19S67OLsyl6iaduEoSKUtUf 291ZtrB98slbmReOOiVmFmMntJMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRR7uZy qpCfkS5FkGiOjYYVlp7kbTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjY2MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oAswDQYJKoZIhvcNAQELBQADggEBACCseuMe8QsBy0Q9EpdZ0Br4aC3h2S2ExfIA ebD35tghDENGEFEqknjSvAqeqi4Yprscrowchz0NjzmMCBIxrh99jPMvJzvdXXem S1vQvKwru8oM4Yz6Y9NrTpz11iSv4fxgPt7w5hK6ZCqfGX4iCndOMliqBFa/a1fm gECg1G9u6WfbxxfNYkxYfPZ7A+Lb83eSSUNhCiXLettOdcDTjAgXNdj+NTzfkxlW Ky2gmS5TLyAHV6xj9uFunDBglLBVHpkZwpZ4w1wz8IwjgiDb7ynbm7/skRxvPijo v6oVCA2dAUiDDXqTZq5IR445Mz9iJyjmd70y9EQzmucDHLvX2KQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:39 2026 by rpki-client