$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142703.roa File: AS142703.roa (raw, json) Hash identifier: DXDzSfck+af/u8RE8WHrv9TqayNmCgFIyzD2kFRPwCY= Subject key identifier: C8:78:31:F0:6D:ED:A1:62:E0:B3:07:0C:E2:50:52:18:F9:72:D4:20 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 15CA03B6D4CEC1E12AF4DA9E67DA53AF3E565646 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142703.roa Signing time: Wed 04 Mar 2026 06:07:52 +0000 ROA not before: Wed 04 Mar 2026 06:02:52 +0000 ROA not after: Wed 03 Mar 2027 06:07:52 +0000 asID: 142703 IP address blocks: 240a:a035::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:ca:03:b6:d4:ce:c1:e1:2a:f4:da:9e:67:da:53:af:3e:56:56:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:52 2026 GMT Not After : Mar 3 06:07:52 2027 GMT Subject: CN=C87831F06DEDA162E0B3070CE2505218F972D420 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:84:42:b5:ae:8a:1b:5f:e9:07:a4:2e:97:d5: 6f:8f:43:0a:f2:f6:11:ee:22:82:3e:51:18:b7:fe: d8:b5:dc:18:d1:0b:40:a2:ee:4d:8f:33:4d:b2:d4: 9c:6b:0a:3e:6a:f9:55:a8:44:98:a8:0e:d7:2e:8e: c2:e8:d5:51:2b:ab:a4:b0:c5:4a:17:a5:0e:22:c9: 71:25:c6:00:80:dd:f5:8f:40:52:27:2e:bc:13:9b: 21:b2:d2:35:b9:7f:b3:8f:e2:a9:69:89:2a:9b:6c: 4c:5b:cd:ca:de:3b:65:29:d5:c9:d3:0f:90:75:ae: 6d:78:bb:15:54:81:7c:a1:88:60:41:e3:68:b7:c1: f9:4b:b6:78:4a:db:48:08:27:9b:ca:ae:ee:a5:55: b0:cf:c5:7e:a6:fa:e0:f9:c7:12:74:9a:3b:71:0b: 6b:e9:cb:61:ad:0e:52:02:37:6b:cd:04:93:34:74: 84:b9:97:60:f9:b6:59:d3:7d:10:8f:a1:bb:13:e7: ca:63:40:aa:49:ba:eb:66:e9:e5:27:92:24:c9:c9: 3c:86:45:46:f2:0b:6e:73:86:1a:9c:41:2b:ca:07: 5e:11:a5:27:21:8d:c2:a5:20:15:d1:6b:d2:00:e7: d8:12:9b:2e:96:30:e5:84:74:e1:6a:6f:c5:56:cf: 34:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:78:31:F0:6D:ED:A1:62:E0:B3:07:0C:E2:50:52:18:F9:72:D4:20 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142703.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a035::/32 Signature Algorithm: sha256WithRSAEncryption 43:14:e3:d8:f4:c2:82:f9:b3:95:b3:b2:d6:9e:e2:0e:53:2a: 6c:a9:e7:7b:b4:6b:28:e6:60:1c:04:0f:4f:7a:c5:d4:c3:e8: 7b:a9:bd:98:50:17:16:f9:2b:5d:92:de:b8:52:b4:a0:e2:4d: 7e:e0:55:a6:ae:dd:fc:c2:80:29:87:8b:01:f7:a5:43:39:6e: ea:89:d9:ba:cb:14:fc:62:4d:84:b2:cf:a4:32:2b:4d:20:16: cb:94:1d:e8:59:28:ff:23:5d:83:1b:43:ca:98:57:6b:f1:2e: a0:77:b8:9e:62:4b:4f:ba:11:29:30:4f:32:07:5d:d4:65:bf: cc:fa:52:a5:ac:e7:f5:97:0c:62:68:52:3b:66:e2:ee:b1:bc: 2c:c2:46:a1:53:75:41:01:65:46:e3:af:e5:f8:20:29:32:ed: 50:63:64:cd:ad:1e:29:4c:55:cd:c7:a3:d3:a2:1f:b0:85:fd: c3:47:35:0e:98:3d:63:02:61:ad:42:91:c6:23:23:87:4b:ee: 22:b4:7d:f3:ec:94:37:a2:02:51:95:b6:72:6e:00:ed:ab:0b: 23:5b:b9:c5:00:50:0a:eb:ac:70:c7:60:11:0c:74:34:79:17: a4:30:ee:6f:b3:ae:15:e8:dd:71:c6:b8:a5:d1:c3:45:d9:c5: e8:08:6f:5e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFcoDttTOweEq9NqeZ9pTrz5WVkYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI1MloX DTI3MDMwMzA2MDc1MlowMzExMC8GA1UEAxMoQzg3ODMxRjA2REVEQTE2MkUwQjMw NzBDRTI1MDUyMThGOTcyRDQyMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMWEQrWuihtf6QekLpfVb49DCvL2Ee4igj5RGLf+2LXcGNELQKLuTY8zTbLU nGsKPmr5VahEmKgO1y6OwujVUSurpLDFShelDiLJcSXGAIDd9Y9AUicuvBObIbLS Nbl/s4/iqWmJKptsTFvNyt47ZSnVydMPkHWubXi7FVSBfKGIYEHjaLfB+Uu2eErb SAgnm8qu7qVVsM/Ffqb64PnHEnSaO3ELa+nLYa0OUgI3a80EkzR0hLmXYPm2WdN9 EI+huxPnymNAqkm662bp5SeSJMnJPIZFRvILbnOGGpxBK8oHXhGlJyGNwqUgFdFr 0gDn2BKbLpYw5YR04WpvxVbPNAECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTIeDHw be2hYuCzBwziUFIY+XLUIDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjcwMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oDUwDQYJKoZIhvcNAQELBQADggEBAEMU49j0woL5s5Wzstae4g5TKmyp53u0ayjm YBwED096xdTD6HupvZhQFxb5K12S3rhStKDiTX7gVaau3fzCgCmHiwH3pUM5buqJ 2brLFPxiTYSyz6QyK00gFsuUHehZKP8jXYMbQ8qYV2vxLqB3uJ5iS0+6ESkwTzIH XdRlv8z6UqWs5/WXDGJoUjtm4u6xvCzCRqFTdUEBZUbjr+X4ICky7VBjZM2tHilM Vc3Ho9OiH7CF/cNHNQ6YPWMCYa1CkcYjI4dL7iK0ffPslDeiAlGVtnJuAO2rCyNb ucUAUArrrHDHYBEMdDR5F6Qw7m+zrhXo3XHGuKXRw0XZxegIb14= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:05 2026 by rpki-client