$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142691.roa File: AS142691.roa (raw, json) Hash identifier: ujT1CiDCL8ChADGT4RP4KGS0zrvNEuojsppYEmFGeNc= Subject key identifier: 5A:CA:D3:CD:5E:D2:16:27:09:0A:F6:2B:B7:59:8B:55:FE:9C:9F:91 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7DF569241C3E6DED59B7BE14B936C9E53D03E21F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142691.roa Signing time: Wed 04 Mar 2026 06:05:33 +0000 ROA not before: Wed 04 Mar 2026 06:00:33 +0000 ROA not after: Wed 03 Mar 2027 06:05:33 +0000 asID: 142691 IP address blocks: 240a:a029::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:f5:69:24:1c:3e:6d:ed:59:b7:be:14:b9:36:c9:e5:3d:03:e2:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:33 2026 GMT Not After : Mar 3 06:05:33 2027 GMT Subject: CN=5ACAD3CD5ED21627090AF62BB7598B55FE9C9F91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:b1:14:ba:cf:a8:1d:17:98:0c:25:54:31:c4: ba:4e:4f:fa:10:4f:16:a8:b9:5f:ec:fa:35:f7:f8: 55:34:fa:66:8b:80:03:2c:7f:78:d3:ee:e5:e8:9f: e8:4d:95:12:08:c6:08:aa:3a:04:8c:c5:31:c8:d4: 12:bf:3b:bb:6c:e3:59:ef:fc:c3:79:77:da:97:25: e8:1a:6d:67:6c:6a:28:c2:74:c1:a8:84:80:71:68: c5:8a:82:a4:bc:7d:e6:30:23:84:96:75:d5:6e:da: 4e:2a:c2:6d:b8:ff:b1:ec:82:39:00:85:16:af:84: 10:68:b4:6a:58:6a:e8:84:c0:2e:d1:fc:eb:96:83: 74:ba:13:1e:28:b0:18:a4:bc:5f:2a:98:eb:82:0b: 93:ad:3f:51:93:07:dd:07:82:71:88:16:af:62:a9: 3c:fd:f2:3a:45:13:60:df:98:58:6c:67:62:c3:8f: b8:44:ee:78:84:8c:de:33:b2:6c:fe:aa:93:19:e3: 1c:32:c7:b9:ce:59:f4:8f:a8:9e:8c:4c:a5:1a:78: 81:0d:26:00:3d:7d:4a:8e:b5:5f:85:c8:39:a8:af: dc:d7:7e:86:93:f9:25:72:3b:c9:98:ed:7c:a6:b1: d2:a5:18:50:e5:5b:af:28:85:80:dc:66:3c:75:76: 18:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:CA:D3:CD:5E:D2:16:27:09:0A:F6:2B:B7:59:8B:55:FE:9C:9F:91 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142691.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a029::/32 Signature Algorithm: sha256WithRSAEncryption c9:4e:ea:fa:35:f3:63:ea:35:e7:8e:fd:a0:c2:4c:55:6b:39: e9:11:47:38:a9:22:65:d1:fa:bc:f3:a3:1d:4c:de:21:d1:2e: d0:be:7e:24:bd:8f:b7:1f:76:f2:3d:b5:98:e9:86:5d:c6:bd: d6:c1:33:9e:9e:c8:46:c6:26:02:83:fa:e3:64:02:a7:33:c2: f9:26:a2:c2:3b:1e:2f:f8:02:8e:0a:fa:62:c0:92:52:7a:cd: 8a:06:2a:45:f7:03:50:ab:a9:56:40:bb:3a:c0:70:01:e0:03: c4:0c:b6:8f:1f:10:6d:72:f2:bf:f9:85:5c:7a:25:67:63:fc: 2b:10:a0:43:c4:d4:8f:e7:b3:0b:14:ee:29:13:ed:61:ff:9e: 35:74:b3:5a:e9:65:7b:3f:c8:f6:e4:94:08:84:34:76:f7:08: 39:4b:4d:0c:c4:0a:f1:97:8e:70:d6:d9:f4:bd:88:7f:58:cc: 5e:ed:0b:ef:9f:51:ed:c3:fa:1e:62:9a:1a:b8:b8:68:f1:67: 5e:23:7c:22:b4:65:05:dc:08:71:7b:0c:b5:64:ae:a3:65:93: 36:5a:0a:0c:7d:aa:be:31:d5:66:99:da:63:e7:b9:89:15:bc: 61:0c:ff:2a:ec:e8:59:73:7c:c8:0c:9d:22:63:07:a1:06:76: ee:ab:0d:d0 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUffVpJBw+be1Zt74UuTbJ5T0D4h8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAzM1oX DTI3MDMwMzA2MDUzM1owMzExMC8GA1UEAxMoNUFDQUQzQ0Q1RUQyMTYyNzA5MEFG NjJCQjc1OThCNTVGRTlDOUY5MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJCxFLrPqB0XmAwlVDHEuk5P+hBPFqi5X+z6Nff4VTT6ZouAAyx/eNPu5eif 6E2VEgjGCKo6BIzFMcjUEr87u2zjWe/8w3l32pcl6BptZ2xqKMJ0waiEgHFoxYqC pLx95jAjhJZ11W7aTirCbbj/seyCOQCFFq+EEGi0alhq6ITALtH865aDdLoTHiiw GKS8XyqY64ILk60/UZMH3QeCcYgWr2KpPP3yOkUTYN+YWGxnYsOPuETueISM3jOy bP6qkxnjHDLHuc5Z9I+onoxMpRp4gQ0mAD19So61X4XIOaiv3Nd+hpP5JXI7yZjt fKax0qUYUOVbryiFgNxmPHV2GEMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRaytPN XtIWJwkK9iu3WYtV/pyfkTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjY5MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oCkwDQYJKoZIhvcNAQELBQADggEBAMlO6vo182PqNeeO/aDCTFVrOekRRzipImXR +rzzox1M3iHRLtC+fiS9j7cfdvI9tZjphl3GvdbBM56eyEbGJgKD+uNkAqczwvkm osI7Hi/4Ao4K+mLAklJ6zYoGKkX3A1CrqVZAuzrAcAHgA8QMto8fEG1y8r/5hVx6 JWdj/CsQoEPE1I/nswsU7ikT7WH/njV0s1rpZXs/yPbklAiENHb3CDlLTQzECvGX jnDW2fS9iH9YzF7tC++fUe3D+h5imhq4uGjxZ14jfCK0ZQXcCHF7DLVkrqNlkzZa Cgx9qr4x1WaZ2mPnuYkVvGEM/yrs6FlzfMgMnSJjB6EGdu6rDdA= -----END CERTIFICATE-----Generated at Sat Mar 28 14:26:41 2026 by rpki-client