$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142696.roa File: AS142696.roa (raw, json) Hash identifier: BTStOXOf5oA5VqLR49hD2UE5Kjhl7HEE6TQHfmU13bo= Subject key identifier: 7C:F1:AD:4A:88:BE:7B:BC:3C:84:5F:DA:AA:5E:10:5A:CF:38:CA:C4 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 28042574EC5031F20DBCEF1CDE44F0F35A244E0D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142696.roa Signing time: Wed 04 Mar 2026 06:07:19 +0000 ROA not before: Wed 04 Mar 2026 06:02:19 +0000 ROA not after: Wed 03 Mar 2027 06:07:19 +0000 asID: 142696 IP address blocks: 240a:a02e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:04:25:74:ec:50:31:f2:0d:bc:ef:1c:de:44:f0:f3:5a:24:4e:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:19 2026 GMT Not After : Mar 3 06:07:19 2027 GMT Subject: CN=7CF1AD4A88BE7BBC3C845FDAAA5E105ACF38CAC4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:aa:f6:a5:92:37:0c:dd:ab:aa:73:02:1a:5d: 9c:09:35:06:74:58:40:22:6b:25:04:bf:c4:17:7a: 28:0f:0f:03:8b:82:4f:a0:55:78:45:29:55:0f:80: 54:cb:41:79:08:b3:1c:5a:aa:cb:80:b5:34:b1:97: b3:0a:c1:bd:4a:1b:4c:ab:b4:12:87:ed:26:00:f6: 04:be:9b:dd:8a:f8:f8:c4:37:77:a1:fe:6a:ea:17: b0:32:7e:11:35:8f:e9:70:41:e6:f5:a3:18:b4:4d: c3:b3:9a:83:95:a3:58:cc:e4:4e:12:a6:30:a7:5a: f7:aa:06:7a:90:3d:37:d1:43:3d:c7:5d:19:32:cd: d8:5d:33:77:f4:c4:34:2f:d9:92:54:8a:cc:67:9d: 3b:d9:db:a1:be:3c:b8:e7:e2:d1:7a:ec:11:4e:56: c9:46:b6:51:52:95:05:79:8b:5a:fa:8a:34:79:dc: 41:8e:a4:76:14:95:36:8b:0b:85:68:6a:a9:d1:72: 48:98:2a:1d:03:fe:1c:87:9e:eb:3b:37:ee:9c:dc: 7a:e4:f5:aa:74:74:26:24:a4:b9:14:eb:39:ed:7b: b9:b2:e7:d5:cf:c9:94:44:b4:a9:20:ff:d2:1a:46: 58:a2:d6:9e:69:cf:97:ab:aa:f5:47:ff:4e:95:35: 54:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:F1:AD:4A:88:BE:7B:BC:3C:84:5F:DA:AA:5E:10:5A:CF:38:CA:C4 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142696.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a02e::/32 Signature Algorithm: sha256WithRSAEncryption 80:53:ab:25:ba:9f:fa:a7:a7:37:40:4c:33:94:70:2b:93:fd: 42:b0:8f:c9:a6:ba:44:d3:7a:d0:b9:61:32:61:e1:2d:86:b0: 3e:84:00:58:b7:98:b7:87:e5:c9:0e:a0:d9:35:b8:2e:e7:b7: a5:2d:b7:46:ed:ab:bf:7f:57:bf:7f:be:b3:1a:70:cc:5d:71: 92:04:aa:3a:ca:84:17:86:64:36:70:f6:4b:6f:cd:5a:0f:8f: 2b:ea:8f:da:19:0e:d9:98:41:ac:1e:11:88:9d:27:cd:22:eb: 81:18:1b:c5:94:23:c9:2d:87:df:13:76:27:39:78:ac:28:27: 44:31:31:bc:57:44:69:d9:b8:87:f1:9f:06:0d:a0:02:a5:88: f6:cd:e4:d3:92:80:2e:bf:c7:4c:41:47:25:b4:59:d1:b2:48: 08:69:af:a2:13:53:7b:3d:0c:88:89:eb:ed:2e:a0:3d:4b:f3: 0b:be:26:14:f4:8a:05:58:a6:fd:5f:e4:b8:03:0c:81:0e:b3: fb:e5:90:72:43:0a:70:20:c3:be:06:f4:00:e3:6e:1d:f1:ed: 4b:ea:98:b2:f4:a4:6e:30:6d:ad:d5:01:e3:30:b6:fb:59:85: 9b:28:5d:0c:e0:56:76:e4:ba:4c:2b:89:d9:5a:02:38:35:05: 79:46:f4:64 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKAQldOxQMfINvO8c3kTw81okTg0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIxOVoX DTI3MDMwMzA2MDcxOVowMzExMC8GA1UEAxMoN0NGMUFENEE4OEJFN0JCQzNDODQ1 RkRBQUE1RTEwNUFDRjM4Q0FDNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMmq9qWSNwzdq6pzAhpdnAk1BnRYQCJrJQS/xBd6KA8PA4uCT6BVeEUpVQ+A VMtBeQizHFqqy4C1NLGXswrBvUobTKu0EoftJgD2BL6b3Yr4+MQ3d6H+auoXsDJ+ ETWP6XBB5vWjGLRNw7Oag5WjWMzkThKmMKda96oGepA9N9FDPcddGTLN2F0zd/TE NC/ZklSKzGedO9nbob48uOfi0XrsEU5WyUa2UVKVBXmLWvqKNHncQY6kdhSVNosL hWhqqdFySJgqHQP+HIee6zs37pzceuT1qnR0JiSkuRTrOe17ubLn1c/JlES0qSD/ 0hpGWKLWnmnPl6uq9Uf/TpU1VH8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR88a1K iL57vDyEX9qqXhBazzjKxDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjY5Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oC4wDQYJKoZIhvcNAQELBQADggEBAIBTqyW6n/qnpzdATDOUcCuT/UKwj8mmukTT etC5YTJh4S2GsD6EAFi3mLeH5ckOoNk1uC7nt6Utt0btq79/V79/vrMacMxdcZIE qjrKhBeGZDZw9ktvzVoPjyvqj9oZDtmYQaweEYidJ80i64EYG8WUI8kth98Tdic5 eKwoJ0QxMbxXRGnZuIfxnwYNoAKliPbN5NOSgC6/x0xBRyW0WdGySAhpr6ITU3s9 DIiJ6+0uoD1L8wu+JhT0igVYpv1f5LgDDIEOs/vlkHJDCnAgw74G9ADjbh3x7Uvq mLL0pG4wba3VAeMwtvtZhZsoXQzgVnbkukwridlaAjg1BXlG9GQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:50:04 2026 by rpki-client