$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142698.roa File: AS142698.roa (raw, json) Hash identifier: TgdQq2wkMSNy/aaUmJQfAjqB7V4n9bpox/HiYgaZPPQ= Subject key identifier: 95:6C:37:12:6A:51:08:41:E7:B3:07:B6:77:86:AB:93:B3:09:89:4A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7D0FADD2084DBB382D7A90194BD36D275E67DC4C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142698.roa Signing time: Wed 04 Mar 2026 06:06:23 +0000 ROA not before: Wed 04 Mar 2026 06:01:23 +0000 ROA not after: Wed 03 Mar 2027 06:06:23 +0000 asID: 142698 IP address blocks: 240a:a030::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:0f:ad:d2:08:4d:bb:38:2d:7a:90:19:4b:d3:6d:27:5e:67:dc:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:23 2026 GMT Not After : Mar 3 06:06:23 2027 GMT Subject: CN=956C37126A510841E7B307B67786AB93B309894A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:2d:24:76:2b:7a:5b:6c:7a:8a:31:f3:c0:a1: bf:4d:fc:bd:c2:f8:39:95:26:77:f1:39:e4:dc:6a: 33:81:ae:d1:70:25:8e:35:c0:fa:f3:7d:d9:e6:5d: f1:3a:3a:24:56:c9:e5:1a:87:03:21:0a:36:73:d5: 0a:b5:8c:d1:c7:35:58:e4:f2:ca:80:ed:9a:62:6d: f7:f4:c9:0a:d2:cc:25:2e:41:b5:19:e4:37:1c:21: 1b:5e:83:41:c5:96:64:a3:40:9e:bb:02:e7:61:62: c6:99:c8:7a:f6:53:8e:72:71:53:fa:80:b5:96:f8: c8:d4:a1:9d:b0:da:64:a6:32:4b:a1:13:c3:7c:5c: 2d:5b:53:44:71:e4:89:3a:d4:8f:89:a9:79:a1:78: d8:db:6a:1b:de:55:c7:a9:91:99:0b:c3:b0:4f:ff: f1:93:a6:97:e4:ab:ce:8d:17:5b:4d:2b:77:cf:c2: 32:a9:13:d1:e6:d5:47:55:46:32:29:a6:24:56:a5: 08:a2:b3:84:f5:e8:8e:20:2a:51:12:a4:62:fa:b4: ff:00:f6:e7:db:12:16:41:eb:a4:8a:54:ce:0f:70: 63:04:c5:61:e6:cf:7c:8a:f9:c4:35:75:d0:18:3d: ac:1a:c7:9f:b7:cc:84:ab:01:2d:23:94:c1:fe:7f: 2e:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:6C:37:12:6A:51:08:41:E7:B3:07:B6:77:86:AB:93:B3:09:89:4A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142698.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a030::/32 Signature Algorithm: sha256WithRSAEncryption 2d:20:dc:05:48:48:34:83:e1:f0:e7:a7:ac:a6:a0:47:62:a8: 7f:0d:5d:19:dc:4a:57:f3:62:d7:c8:37:69:ad:4d:96:07:d9: 2d:5c:67:4d:a4:24:05:2b:e7:7a:b1:2d:dc:7b:17:9c:fb:f6: 8e:78:55:fa:52:93:cc:4b:68:0f:ae:7e:ab:e0:a0:bf:eb:25: d0:d7:37:33:dc:f3:61:7f:7d:0d:c4:99:2e:de:10:e7:df:35: 0a:44:cb:fa:d1:04:32:88:b9:f8:5b:fb:3b:61:c3:a1:23:b1: 67:f4:f0:6e:fc:e9:10:14:b4:31:5e:73:d3:6d:0d:2a:35:e2: d2:e1:f5:38:dc:8a:0b:88:36:34:b7:84:0b:fc:4d:60:1e:58: 9f:44:6b:29:cb:c4:eb:c8:96:05:b5:dd:c9:c1:7d:9d:43:d5: 5f:37:f3:08:1d:81:8f:9a:7d:bd:c0:18:9f:03:da:6f:61:b4: ce:4e:47:8b:3c:05:ee:65:31:24:56:df:0a:13:ea:3d:58:34: 26:14:32:67:d2:1b:7f:60:60:c5:95:e8:eb:69:56:5a:92:e5: 62:d1:31:f5:e9:1d:75:fd:51:fe:1b:54:7b:87:30:be:41:6d: a5:46:53:dc:55:4d:2c:72:61:af:00:2d:b5:e4:6d:b8:2c:69: 6e:fd:80:8b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUfQ+t0ghNuzgtepAZS9NtJ15n3EwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEyM1oX DTI3MDMwMzA2MDYyM1owMzExMC8GA1UEAxMoOTU2QzM3MTI2QTUxMDg0MUU3QjMw N0I2Nzc4NkFCOTNCMzA5ODk0QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALEtJHYreltseoox88Chv038vcL4OZUmd/E55NxqM4Gu0XAljjXA+vN92eZd 8To6JFbJ5RqHAyEKNnPVCrWM0cc1WOTyyoDtmmJt9/TJCtLMJS5BtRnkNxwhG16D QcWWZKNAnrsC52FixpnIevZTjnJxU/qAtZb4yNShnbDaZKYyS6ETw3xcLVtTRHHk iTrUj4mpeaF42NtqG95Vx6mRmQvDsE//8ZOml+Srzo0XW00rd8/CMqkT0ebVR1VG MimmJFalCKKzhPXojiAqURKkYvq0/wD259sSFkHrpIpUzg9wYwTFYebPfIr5xDV1 0Bg9rBrHn7fMhKsBLSOUwf5/LusCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSVbDcS alEIQeezB7Z3hquTswmJSjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjY5OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oDAwDQYJKoZIhvcNAQELBQADggEBAC0g3AVISDSD4fDnp6ymoEdiqH8NXRncSlfz YtfIN2mtTZYH2S1cZ02kJAUr53qxLdx7F5z79o54VfpSk8xLaA+ufqvgoL/rJdDX NzPc82F/fQ3EmS7eEOffNQpEy/rRBDKIufhb+zthw6EjsWf08G786RAUtDFec9Nt DSo14tLh9TjciguINjS3hAv8TWAeWJ9EaynLxOvIlgW13cnBfZ1D1V838wgdgY+a fb3AGJ8D2m9htM5OR4s8Be5lMSRW3woT6j1YNCYUMmfSG39gYMWV6OtpVlqS5WLR MfXpHXX9Uf4bVHuHML5BbaVGU9xVTSxyYa8ALbXkbbgsaW79gIs= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:17 2026 by rpki-client