$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142717.roa File: AS142717.roa (raw, json) Hash identifier: SwBw5yaKDc+JLVJvp6v/KFlLYcg8v3crW71PI7Ja6Qg= Subject key identifier: 86:BA:8C:39:00:F8:BB:A2:C9:2E:F6:18:3C:8F:89:3E:5C:3C:71:77 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1F22DF61D81AC6E2AEA90D501A46F94D400BDA32 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142717.roa Signing time: Wed 04 Mar 2026 06:06:28 +0000 ROA not before: Wed 04 Mar 2026 06:01:28 +0000 ROA not after: Wed 03 Mar 2027 06:06:28 +0000 asID: 142717 IP address blocks: 240a:a043::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:22:df:61:d8:1a:c6:e2:ae:a9:0d:50:1a:46:f9:4d:40:0b:da:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:28 2026 GMT Not After : Mar 3 06:06:28 2027 GMT Subject: CN=86BA8C3900F8BBA2C92EF6183C8F893E5C3C7177 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:de:0b:64:fa:ff:79:c8:34:1c:00:c8:50:5d: 08:6f:c0:25:60:1f:1e:94:63:86:6e:a5:16:36:fb: 5d:ea:24:73:d9:6c:05:f9:c6:71:7b:fa:72:c2:10: b2:e8:10:48:21:c0:63:5f:3f:6e:0f:33:d8:bd:3c: c2:d2:e2:c3:96:ad:45:29:3b:1b:a9:74:b6:1d:22: 29:fc:ac:d2:fe:fd:ec:fe:16:3a:f6:77:a9:e4:3e: da:3b:e2:43:a9:00:c3:6a:70:28:45:fb:17:f4:f9: c6:39:d1:37:f3:d1:1c:b6:87:e9:6a:55:9a:b3:58: ea:be:e5:fe:0c:c6:cc:dd:74:ed:ff:01:82:2f:41: 5f:f9:59:68:b7:16:3d:15:ad:a2:a6:f1:24:99:3f: ac:59:41:63:8e:b1:51:ac:ef:a2:2d:c4:5c:32:cb: b8:e6:f0:71:f2:02:f4:68:76:20:31:eb:3d:aa:ec: b8:38:36:3c:77:8a:d8:2a:47:6b:d2:40:4a:c3:3b: 1c:eb:c6:13:e8:e4:b5:31:19:db:f4:a9:bd:67:76: 09:b9:e7:94:33:b2:99:1a:73:a7:40:c7:5a:74:18: 91:06:bd:6f:9e:67:e9:f3:f6:b7:82:49:f2:90:5e: fc:df:ac:94:54:cf:4a:aa:02:94:46:8f:08:9c:2b: cb:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:BA:8C:39:00:F8:BB:A2:C9:2E:F6:18:3C:8F:89:3E:5C:3C:71:77 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142717.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a043::/32 Signature Algorithm: sha256WithRSAEncryption d8:be:c1:b4:c5:10:a2:69:21:73:ea:af:96:9d:0d:84:56:04: ed:a3:9b:05:e4:65:8b:1a:07:9d:66:e0:76:96:06:aa:47:63: 90:4c:8d:85:40:2c:6f:27:87:39:da:5f:0d:26:bf:2e:5e:5e: 03:33:10:c2:76:10:29:4d:98:35:fe:e9:37:34:1c:11:a6:47: a4:bf:90:44:66:a5:4e:6d:68:1b:0e:41:1e:e4:9f:18:66:25: 47:ea:cb:e6:80:28:e4:1e:cb:dd:6b:90:34:98:8e:5b:14:54: aa:cd:65:8c:32:a5:35:c6:54:60:3d:f4:05:05:73:14:2f:af: f2:63:1e:ca:76:5e:f5:75:4e:48:d7:b5:d6:e9:17:6d:61:75: ed:f7:92:d5:a8:7b:94:a2:d0:59:08:98:97:cc:02:27:6c:9e: 0d:35:fb:8d:aa:ad:93:4a:c4:38:8d:98:e5:1f:d6:80:f5:b7: e6:7f:c0:41:bc:ef:5b:cf:9e:07:05:7a:ee:8f:26:2e:3b:00: 69:dc:be:61:92:77:ed:15:bf:8a:10:dd:fa:b2:cc:93:1d:06: 10:53:90:d5:2a:b1:d8:75:9f:56:39:27:81:ab:ed:80:44:ee: ca:4d:c5:37:74:1a:ce:07:d1:63:85:a7:52:6f:29:02:3b:54: 1d:02:73:1f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUHyLfYdgaxuKuqQ1QGkb5TUAL2jIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEyOFoX DTI3MDMwMzA2MDYyOFowMzExMC8GA1UEAxMoODZCQThDMzkwMEY4QkJBMkM5MkVG NjE4M0M4Rjg5M0U1QzNDNzE3NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOXeC2T6/3nINBwAyFBdCG/AJWAfHpRjhm6lFjb7Xeokc9lsBfnGcXv6csIQ sugQSCHAY18/bg8z2L08wtLiw5atRSk7G6l0th0iKfys0v797P4WOvZ3qeQ+2jvi Q6kAw2pwKEX7F/T5xjnRN/PRHLaH6WpVmrNY6r7l/gzGzN107f8Bgi9BX/lZaLcW PRWtoqbxJJk/rFlBY46xUazvoi3EXDLLuObwcfIC9Gh2IDHrParsuDg2PHeK2CpH a9JASsM7HOvGE+jktTEZ2/SpvWd2CbnnlDOymRpzp0DHWnQYkQa9b55n6fP2t4JJ 8pBe/N+slFTPSqoClEaPCJwry7ECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSGuow5 APi7osku9hg8j4k+XDxxdzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjcxNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oEMwDQYJKoZIhvcNAQELBQADggEBANi+wbTFEKJpIXPqr5adDYRWBO2jmwXkZYsa B51m4HaWBqpHY5BMjYVALG8nhznaXw0mvy5eXgMzEMJ2EClNmDX+6Tc0HBGmR6S/ kERmpU5taBsOQR7knxhmJUfqy+aAKOQey91rkDSYjlsUVKrNZYwypTXGVGA99AUF cxQvr/JjHsp2XvV1TkjXtdbpF21hde33ktWoe5Si0FkImJfMAidsng01+42qrZNK xDiNmOUf1oD1t+Z/wEG871vPngcFeu6PJi47AGncvmGSd+0Vv4oQ3fqyzJMdBhBT kNUqsdh1n1Y5J4Gr7YBE7spNxTd0Gs4H0WOFp1JvKQI7VB0Ccx8= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:30 2026 by rpki-client