$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142682.roa File: AS142682.roa (raw, json) Hash identifier: LWqyHf361yGx75YwJwCGS3Tag22wAMbtMlUWqgZhSR8= Subject key identifier: E5:B2:DF:76:5C:DA:1D:BE:69:77:7A:C9:EF:F6:E0:E2:51:60:2D:5C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 430F64FC61C7EADEAE32DA9A36CA81D96A65D645 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142682.roa Signing time: Wed 04 Mar 2026 06:05:48 +0000 ROA not before: Wed 04 Mar 2026 06:00:48 +0000 ROA not after: Wed 03 Mar 2027 06:05:48 +0000 asID: 142682 IP address blocks: 240a:a020::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:0f:64:fc:61:c7:ea:de:ae:32:da:9a:36:ca:81:d9:6a:65:d6:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:48 2026 GMT Not After : Mar 3 06:05:48 2027 GMT Subject: CN=E5B2DF765CDA1DBE69777AC9EFF6E0E251602D5C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:a8:0f:7f:ff:91:37:46:ed:a4:e5:71:2c:90: 62:33:13:9e:eb:4a:32:61:d0:b4:fa:5c:08:7b:bc: 83:97:7f:ec:2e:1c:1f:31:1f:91:21:e4:0e:a0:56: f3:57:9d:cb:8f:7a:41:62:ad:4f:d9:e4:bb:7a:8b: df:df:a6:f8:ba:fe:cd:fd:49:df:35:0d:4f:79:ae: 95:b2:33:2d:10:db:91:ed:00:8e:26:b0:01:f8:19: 4e:7d:1d:c6:ae:4d:f8:b2:6e:5e:5d:38:d3:eb:44: 4a:72:c3:65:25:73:ab:aa:64:5e:8b:e8:a6:06:f1: 09:ad:6e:bb:3e:8e:32:c7:49:3c:f7:fb:bf:e0:c7: 8e:5c:31:72:b2:eb:11:47:35:d7:9b:0e:78:36:eb: 4b:40:87:5f:f1:40:e8:52:4d:c1:62:23:b4:ca:38: 3a:de:5c:13:9d:62:95:12:1b:08:a2:68:fb:6f:bd: b8:25:5d:2a:ff:7a:28:3d:1a:44:dd:45:28:0f:66: f2:21:55:80:3a:39:f8:2e:a7:e6:23:52:34:f5:f9: ad:56:74:7f:76:7a:47:fd:94:d6:80:e5:5a:4c:68: f1:86:06:a3:b3:6b:20:26:86:65:65:5e:3c:8e:f7: bf:7b:8a:b8:c6:97:28:8e:f7:c1:97:53:93:0e:ab: 98:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:B2:DF:76:5C:DA:1D:BE:69:77:7A:C9:EF:F6:E0:E2:51:60:2D:5C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142682.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a020::/32 Signature Algorithm: sha256WithRSAEncryption 77:96:01:81:de:ff:04:32:70:ea:ad:83:2f:84:37:23:3d:f7: d8:01:01:2a:c9:4e:84:1f:d7:aa:bb:fe:a5:21:f0:eb:72:ee: 20:55:fa:8f:84:0b:40:39:e4:91:ac:2f:38:c0:9a:49:63:83: a6:39:a7:6b:ec:34:59:23:92:f5:1e:22:da:dc:29:39:b7:90: 73:76:0d:f9:e3:17:d8:b9:4c:dc:0f:3f:83:a6:da:e4:16:5c: 81:00:91:9f:16:46:d2:d7:ca:7d:40:df:50:2e:48:fe:1b:94: 1b:c7:44:c6:10:c9:2d:a6:7e:bf:ba:fd:63:b8:d4:81:fc:cb: ce:70:d0:c8:33:26:09:58:63:92:e4:e8:75:7b:54:05:e3:44: 3a:6f:58:a1:e5:2d:8b:38:7e:84:24:d0:2e:b4:64:2a:68:43: 22:2e:4d:ef:08:ee:16:72:99:a7:d2:22:ee:e7:3d:56:db:4a: 5c:3e:fa:0e:8a:f4:4b:e8:d0:32:94:6f:70:17:34:3d:39:8e: ff:12:31:8d:b3:13:f8:e5:db:49:ab:e0:f2:f6:27:f9:aa:fc: 64:d2:91:45:ad:cf:25:45:6d:14:91:ac:80:36:77:e7:dd:5c: e6:59:4d:ab:e8:5b:93:91:b9:68:1d:e8:a2:a8:99:16:ae:d1: d9:38:2d:32 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQw9k/GHH6t6uMtqaNsqB2Wpl1kUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA0OFoX DTI3MDMwMzA2MDU0OFowMzExMC8GA1UEAxMoRTVCMkRGNzY1Q0RBMURCRTY5Nzc3 QUM5RUZGNkUwRTI1MTYwMkQ1QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALyoD3//kTdG7aTlcSyQYjMTnutKMmHQtPpcCHu8g5d/7C4cHzEfkSHkDqBW 81edy496QWKtT9nku3qL39+m+Lr+zf1J3zUNT3mulbIzLRDbke0AjiawAfgZTn0d xq5N+LJuXl040+tESnLDZSVzq6pkXovopgbxCa1uuz6OMsdJPPf7v+DHjlwxcrLr EUc115sOeDbrS0CHX/FA6FJNwWIjtMo4Ot5cE51ilRIbCKJo+2+9uCVdKv96KD0a RN1FKA9m8iFVgDo5+C6n5iNSNPX5rVZ0f3Z6R/2U1oDlWkxo8YYGo7NrICaGZWVe PI73v3uKuMaXKI73wZdTkw6rmAMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTlst92 XNodvml3esnv9uDiUWAtXDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjY4Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oCAwDQYJKoZIhvcNAQELBQADggEBAHeWAYHe/wQycOqtgy+ENyM999gBASrJToQf 16q7/qUh8Oty7iBV+o+EC0A55JGsLzjAmkljg6Y5p2vsNFkjkvUeItrcKTm3kHN2 DfnjF9i5TNwPP4Om2uQWXIEAkZ8WRtLXyn1A31AuSP4blBvHRMYQyS2mfr+6/WO4 1IH8y85w0MgzJglYY5Lk6HV7VAXjRDpvWKHlLYs4foQk0C60ZCpoQyIuTe8I7hZy mafSIu7nPVbbSlw++g6K9Evo0DKUb3AXND05jv8SMY2zE/jl20mr4PL2J/mq/GTS kUWtzyVFbRSRrIA2d+fdXOZZTavoW5ORuWgd6KKomRau0dk4LTI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:57 2026 by rpki-client