$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142683.roa File: AS142683.roa (raw, json) Hash identifier: pjOOmlhI26EnHSILSZ8GxNlk0lxCdEtD3JPv2aroBns= Subject key identifier: 39:B7:DA:4B:63:BB:E2:17:C3:E6:2C:D7:3F:AD:2F:04:B0:90:4B:DB Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3C3EF4E1BA0E0EDD23C54BDEDDC8889104DB7B4E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142683.roa Signing time: Wed 04 Mar 2026 06:06:18 +0000 ROA not before: Wed 04 Mar 2026 06:01:18 +0000 ROA not after: Wed 03 Mar 2027 06:06:18 +0000 asID: 142683 IP address blocks: 240a:a021::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:3e:f4:e1:ba:0e:0e:dd:23:c5:4b:de:dd:c8:88:91:04:db:7b:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:18 2026 GMT Not After : Mar 3 06:06:18 2027 GMT Subject: CN=39B7DA4B63BBE217C3E62CD73FAD2F04B0904BDB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:1a:9f:c4:ee:9f:71:3c:6f:54:3b:71:8b:5f: 0a:9e:a9:a6:1f:2e:3c:0b:db:81:ba:e7:b5:55:6d: e3:d6:84:e3:28:87:2e:71:96:a8:28:36:fd:24:2f: e9:51:5d:36:09:ab:18:2a:44:6a:45:aa:cf:e4:8c: 49:89:e7:b3:cb:e1:ec:ca:7d:08:0e:22:89:8c:e5: b5:12:fb:ab:22:b5:8e:15:de:b3:5c:96:b6:ed:30: 46:2b:47:9a:2a:a1:f8:f7:45:7e:63:e6:91:1a:65: 0c:71:90:6b:64:3d:30:91:3a:ff:39:5f:4e:70:64: e1:13:66:94:82:ba:8c:7c:3a:e7:f4:e4:75:1a:6d: a8:b7:6b:9a:f7:ad:0b:74:3f:74:ab:ee:89:cb:fc: 66:17:20:12:f5:68:42:6e:2f:16:b1:12:d6:fa:31: 83:aa:75:96:27:07:74:46:df:f4:ff:8d:46:a7:69: a2:d5:27:54:57:0b:30:8d:d3:d9:9d:4a:53:42:c9: d1:b1:0e:bd:41:d2:44:e8:8b:9c:88:4f:6d:c3:74: df:cc:ee:e0:92:79:fd:6c:8b:3c:f9:a3:30:22:68: f7:74:76:87:12:8a:cd:c4:5c:cb:f3:9c:c0:19:e7: fc:5d:aa:ab:21:f4:ad:6b:ca:fd:9f:b5:e9:54:96: 83:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:B7:DA:4B:63:BB:E2:17:C3:E6:2C:D7:3F:AD:2F:04:B0:90:4B:DB X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142683.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a021::/32 Signature Algorithm: sha256WithRSAEncryption 39:48:4e:1d:1c:e5:34:6b:33:76:68:cc:26:48:88:f4:2b:d8: f8:af:72:40:a7:1a:b0:f4:f8:af:34:b7:4d:5b:40:23:69:4d: 35:f5:7a:9f:61:a5:56:1e:5a:e5:fc:36:62:5f:b2:38:b0:43: 12:3c:21:06:a0:ef:a2:1e:5f:a7:32:ea:56:1d:c7:47:b3:69: b6:95:f1:7c:b0:a2:15:df:bf:0e:bb:8d:88:53:4f:91:22:26: dd:f3:47:23:e9:77:c7:8a:51:b9:0d:9b:8b:59:18:c2:95:3a: b1:00:66:9a:11:55:a0:ca:aa:fc:bb:d6:5a:11:a8:80:76:58: 92:5f:19:84:dd:ca:32:60:d5:84:10:fe:89:32:ea:a9:62:cf: d1:a6:e5:f6:74:7e:43:06:a1:bf:dc:ac:c1:49:fc:1e:15:da: f9:24:99:33:bd:ac:36:cf:97:dc:c2:17:25:64:9c:6e:53:82: 9f:2b:66:1d:99:92:f4:fe:a0:e0:28:b7:3b:66:aa:23:95:1d: ad:8c:2e:ac:f2:db:cf:eb:92:ee:67:39:db:81:23:6b:bb:d1: 7c:3a:d1:38:4e:1e:03:8a:3d:30:3f:f4:c0:34:b7:9f:33:0d: 9d:3e:b5:27:ec:08:ae:d5:aa:b3:a4:ca:61:1d:55:c1:63:f5: 73:4a:a1:ac -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPD704boODt0jxUve3ciIkQTbe04wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDExOFoX DTI3MDMwMzA2MDYxOFowMzExMC8GA1UEAxMoMzlCN0RBNEI2M0JCRTIxN0MzRTYy Q0Q3M0ZBRDJGMDRCMDkwNEJEQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMsan8Tun3E8b1Q7cYtfCp6pph8uPAvbgbrntVVt49aE4yiHLnGWqCg2/SQv 6VFdNgmrGCpEakWqz+SMSYnns8vh7Mp9CA4iiYzltRL7qyK1jhXes1yWtu0wRitH miqh+PdFfmPmkRplDHGQa2Q9MJE6/zlfTnBk4RNmlIK6jHw65/TkdRptqLdrmvet C3Q/dKvuicv8ZhcgEvVoQm4vFrES1voxg6p1licHdEbf9P+NRqdpotUnVFcLMI3T 2Z1KU0LJ0bEOvUHSROiLnIhPbcN038zu4JJ5/WyLPPmjMCJo93R2hxKKzcRcy/Oc wBnn/F2qqyH0rWvK/Z+16VSWg2UCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ5t9pL Y7viF8PmLNc/rS8EsJBL2zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjY4My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oCEwDQYJKoZIhvcNAQELBQADggEBADlITh0c5TRrM3ZozCZIiPQr2PivckCnGrD0 +K80t01bQCNpTTX1ep9hpVYeWuX8NmJfsjiwQxI8IQag76IeX6cy6lYdx0ezabaV 8XywohXfvw67jYhTT5EiJt3zRyPpd8eKUbkNm4tZGMKVOrEAZpoRVaDKqvy71loR qIB2WJJfGYTdyjJg1YQQ/oky6qliz9Gm5fZ0fkMGob/crMFJ/B4V2vkkmTO9rDbP l9zCFyVknG5Tgp8rZh2ZkvT+oOAotztmqiOVHa2MLqzy28/rku5nOduBI2u70Xw6 0ThOHgOKPTA/9MA0t58zDZ0+tSfsCK7VqrOkymEdVcFj9XNKoaw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:06 2026 by rpki-client