$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142704.roa File: AS142704.roa (raw, json) Hash identifier: F8MRIjZX9Zuxfk0ZnFJqWKskP3855LBcAJX7EnL0kt0= Subject key identifier: BE:48:82:15:37:C8:41:FC:A8:27:6C:86:57:3C:03:E5:2D:F0:75:08 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1E96C031D79EC0FC8746479785C54524DCA66E15 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142704.roa Signing time: Wed 04 Mar 2026 06:06:54 +0000 ROA not before: Wed 04 Mar 2026 06:01:54 +0000 ROA not after: Wed 03 Mar 2027 06:06:54 +0000 asID: 142704 IP address blocks: 240a:a036::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:96:c0:31:d7:9e:c0:fc:87:46:47:97:85:c5:45:24:dc:a6:6e:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:54 2026 GMT Not After : Mar 3 06:06:54 2027 GMT Subject: CN=BE48821537C841FCA8276C86573C03E52DF07508 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:04:33:c1:2a:ed:84:de:31:1b:a9:80:e0:87: 8c:a3:d6:b4:c3:d4:df:c7:81:72:eb:0d:67:b6:5b: 76:b9:34:f0:5b:b1:77:85:4b:b9:b2:e7:f6:1d:30: 15:65:26:95:74:07:09:54:cc:07:95:62:3d:e7:69: c2:fd:40:fb:3b:15:4c:74:21:c4:3c:7b:1b:13:8a: 7a:77:ab:48:e0:b8:49:af:9e:e7:17:5a:d2:01:3f: e0:a3:96:43:5f:db:26:ed:2d:b7:1a:f3:dd:e4:b9: 2f:31:4f:74:47:8b:4b:46:bb:b0:32:15:14:0c:76: 12:99:9f:a9:92:5c:a4:42:07:c7:25:e2:b9:f2:2e: 96:f6:d4:32:29:66:14:15:22:91:e1:e6:7c:a9:54: 9f:24:d2:72:5b:d2:9a:56:5c:18:65:58:b7:6a:62: 20:c2:a6:49:06:5b:0e:96:e0:83:62:0e:6f:e6:45: c0:d0:6f:af:c6:38:61:4b:56:4b:3d:00:55:89:5a: db:ba:91:9a:c3:15:8b:9d:9d:1a:69:5a:11:e6:b5: e3:71:b1:66:03:40:f8:80:49:de:18:3b:29:5e:4d: fb:3c:9a:d0:bf:19:a0:02:e4:ad:a7:c7:89:09:d8: 25:a1:c1:1e:e7:a5:19:76:dd:a3:7c:c1:a6:37:fa: 6c:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:48:82:15:37:C8:41:FC:A8:27:6C:86:57:3C:03:E5:2D:F0:75:08 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142704.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a036::/32 Signature Algorithm: sha256WithRSAEncryption bb:ca:50:38:e4:c5:ba:0f:5b:73:2f:40:31:b5:e8:72:e5:fe: b2:60:8e:b9:5b:1c:26:cf:a5:6b:40:e4:c0:77:95:e1:d4:5d: 95:b7:5c:ea:1d:80:54:45:b0:a9:d4:91:5a:a1:8e:a5:31:30: 58:44:52:6a:c8:61:ce:2e:92:51:76:9e:d3:cd:5e:6b:56:72: 37:70:7e:81:a2:5d:10:40:b9:df:cc:90:2f:31:db:19:9e:63: e1:02:6a:2b:24:70:4a:4b:10:83:a5:ad:50:05:d8:1e:d0:36: 49:af:d8:90:4d:92:1e:d0:82:e3:87:42:fa:94:01:b8:b8:4c: 26:19:2c:6e:06:d4:13:04:92:da:55:c1:10:9e:eb:fc:95:e6: a9:db:ed:92:1c:ec:c5:49:d8:13:6d:4a:1f:ca:bf:d9:08:7d: 85:67:0e:50:ad:8d:b0:0e:0c:0a:cc:82:aa:63:fb:80:7c:ad: 63:4c:d9:e0:29:47:94:67:27:aa:10:ca:81:ac:97:ae:5f:24: 4f:fa:73:75:12:da:fa:1d:7d:a0:d9:73:1b:fd:63:a8:20:32: 36:47:52:eb:3b:ae:cb:2c:1e:58:d3:d7:39:05:e5:b6:c7:6c: 99:2b:b6:ce:2c:96:c6:b3:b4:b9:94:81:ea:3c:a0:e8:a3:16: ca:dd:c6:9b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUHpbAMdeewPyHRkeXhcVFJNymbhUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE1NFoX DTI3MDMwMzA2MDY1NFowMzExMC8GA1UEAxMoQkU0ODgyMTUzN0M4NDFGQ0E4Mjc2 Qzg2NTczQzAzRTUyREYwNzUwODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALUEM8Eq7YTeMRupgOCHjKPWtMPU38eBcusNZ7Zbdrk08Fuxd4VLubLn9h0w FWUmlXQHCVTMB5ViPedpwv1A+zsVTHQhxDx7GxOKenerSOC4Sa+e5xda0gE/4KOW Q1/bJu0ttxrz3eS5LzFPdEeLS0a7sDIVFAx2EpmfqZJcpEIHxyXiufIulvbUMilm FBUikeHmfKlUnyTSclvSmlZcGGVYt2piIMKmSQZbDpbgg2IOb+ZFwNBvr8Y4YUtW Sz0AVYla27qRmsMVi52dGmlaEea143GxZgNA+IBJ3hg7KV5N+zya0L8ZoALkrafH iQnYJaHBHuelGXbdo3zBpjf6bMMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS+SIIV N8hB/KgnbIZXPAPlLfB1CDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjcwNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oDYwDQYJKoZIhvcNAQELBQADggEBALvKUDjkxboPW3MvQDG16HLl/rJgjrlbHCbP pWtA5MB3leHUXZW3XOodgFRFsKnUkVqhjqUxMFhEUmrIYc4uklF2ntPNXmtWcjdw foGiXRBAud/MkC8x2xmeY+ECaiskcEpLEIOlrVAF2B7QNkmv2JBNkh7QguOHQvqU Abi4TCYZLG4G1BMEktpVwRCe6/yV5qnb7ZIc7MVJ2BNtSh/Kv9kIfYVnDlCtjbAO DArMgqpj+4B8rWNM2eApR5RnJ6oQyoGsl65fJE/6c3US2vodfaDZcxv9Y6ggMjZH Uus7rsssHljT1zkF5bbHbJkrts4slsaztLmUgeo8oOijFsrdxps= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:13 2026 by rpki-client