$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142688.roa File: AS142688.roa (raw, json) Hash identifier: FnuQIcYA/pUE9ANCPkx34p/I34v6XwHmOJXOapMWqfo= Subject key identifier: D0:E5:2E:9E:6B:71:89:6A:02:30:C8:4B:4B:C0:1E:62:E1:42:39:56 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0E9E375CBD165B6D74A84244C745FF02E1C86825 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142688.roa Signing time: Wed 04 Mar 2026 06:06:16 +0000 ROA not before: Wed 04 Mar 2026 06:01:16 +0000 ROA not after: Wed 03 Mar 2027 06:06:16 +0000 asID: 142688 IP address blocks: 240a:a026::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:9e:37:5c:bd:16:5b:6d:74:a8:42:44:c7:45:ff:02:e1:c8:68:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:16 2026 GMT Not After : Mar 3 06:06:16 2027 GMT Subject: CN=D0E52E9E6B71896A0230C84B4BC01E62E1423956 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:78:3f:3f:46:f8:6c:10:ee:c7:69:df:6f:58: ce:37:8c:75:fb:d7:21:e7:de:c3:c7:bd:2e:1c:f0: 84:98:23:69:e0:51:84:d1:8f:72:b6:98:da:b6:f6: 09:6d:a1:3c:c9:6c:3d:05:75:f1:1e:08:c9:53:4a: 74:2c:54:c6:56:e3:9d:d2:26:72:68:bf:db:66:21: 7e:12:bf:23:ad:fb:9f:6a:5a:2b:e2:a0:ff:a2:12: 7f:e1:f2:26:88:4a:75:16:61:4f:29:51:30:4e:fe: ac:94:b6:43:64:9d:88:be:c1:0a:cb:dc:b2:cb:25: d0:8b:e0:c8:e9:91:67:61:ff:6d:92:31:31:4d:37: 96:46:b1:dd:4f:70:43:32:2c:bb:fe:cd:73:f8:86: 93:64:07:e7:eb:5b:ce:a9:9a:e5:5a:36:5e:90:2b: 6a:38:05:7f:06:d8:44:42:fb:51:bb:88:e7:d8:6e: dd:6c:70:33:f9:33:f5:db:38:9e:00:d3:53:99:cf: f4:84:07:a3:dd:1d:e6:8d:22:11:3d:e1:4b:0e:78: e2:94:54:f3:aa:6a:b4:70:5f:e9:40:0d:ef:d9:29: e3:e1:5e:cf:72:03:21:43:16:93:d5:ef:0d:29:f6: 41:db:2e:79:2e:ad:c8:39:02:78:ba:07:af:45:8c: 53:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:E5:2E:9E:6B:71:89:6A:02:30:C8:4B:4B:C0:1E:62:E1:42:39:56 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142688.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a026::/32 Signature Algorithm: sha256WithRSAEncryption 9b:57:95:bd:fa:61:a1:1b:11:57:e5:18:f8:09:64:88:63:78: c1:51:36:4f:4e:7b:3b:9c:26:50:f9:36:a6:6f:50:51:34:b0: bf:74:0b:58:38:6f:70:c1:8f:2c:98:f6:0c:1e:3d:ce:2e:c1: a1:12:16:c4:9d:ee:32:b7:21:26:74:14:32:3c:60:b1:bd:72: 07:5d:e1:22:b5:cd:39:fb:54:18:dd:d6:cd:6e:9b:1f:82:13: 90:3a:b8:ac:c7:b7:01:5f:23:6e:45:cd:95:e9:59:fd:6b:b3: a5:3a:f6:77:99:07:c4:92:5f:b4:43:a1:54:11:76:f1:11:9a: 02:a0:52:83:57:fd:19:8f:4a:59:bb:e2:1e:2d:ac:07:b2:ea: 8b:d3:00:0f:9a:f9:ea:84:d7:94:c6:ae:76:3a:f8:1c:5f:0a: f9:bd:81:db:42:a5:2a:00:05:9a:f3:77:73:f9:e6:e2:8b:fd: 5b:e2:bd:5b:c2:90:d5:e7:d6:2a:4d:81:76:6e:e0:1d:5a:51: 7a:25:82:a5:7c:b8:c1:57:ab:f5:10:0f:a3:c9:80:d1:86:1e: 02:11:25:39:e0:53:fe:1c:38:3c:aa:be:d4:6b:e6:f8:42:31: 81:ec:64:02:5c:4e:16:73:de:8d:f8:ef:c4:3e:3b:d5:34:9f: 69:74:6c:85 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDp43XL0WW210qEJEx0X/AuHIaCUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDExNloX DTI3MDMwMzA2MDYxNlowMzExMC8GA1UEAxMoRDBFNTJFOUU2QjcxODk2QTAyMzBD ODRCNEJDMDFFNjJFMTQyMzk1NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKN4Pz9G+GwQ7sdp329YzjeMdfvXIefew8e9LhzwhJgjaeBRhNGPcraY2rb2 CW2hPMlsPQV18R4IyVNKdCxUxlbjndImcmi/22YhfhK/I637n2paK+Kg/6ISf+Hy JohKdRZhTylRME7+rJS2Q2SdiL7BCsvcsssl0IvgyOmRZ2H/bZIxMU03lkax3U9w QzIsu/7Nc/iGk2QH5+tbzqma5Vo2XpArajgFfwbYREL7UbuI59hu3WxwM/kz9ds4 ngDTU5nP9IQHo90d5o0iET3hSw544pRU86pqtHBf6UAN79kp4+Fez3IDIUMWk9Xv DSn2QdsueS6tyDkCeLoHr0WMUx0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTQ5S6e a3GJagIwyEtLwB5i4UI5VjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjY4OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oCYwDQYJKoZIhvcNAQELBQADggEBAJtXlb36YaEbEVflGPgJZIhjeMFRNk9Oezuc JlD5NqZvUFE0sL90C1g4b3DBjyyY9gwePc4uwaESFsSd7jK3ISZ0FDI8YLG9cgdd 4SK1zTn7VBjd1s1umx+CE5A6uKzHtwFfI25FzZXpWf1rs6U69neZB8SSX7RDoVQR dvERmgKgUoNX/RmPSlm74h4trAey6ovTAA+a+eqE15TGrnY6+BxfCvm9gdtCpSoA BZrzd3P55uKL/VvivVvCkNXn1ipNgXZu4B1aUXolgqV8uMFXq/UQD6PJgNGGHgIR JTngU/4cODyqvtRr5vhCMYHsZAJcThZz3o3478Q+O9U0n2l0bIU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:28 2026 by rpki-client