$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142718.roa File: AS142718.roa (raw, json) Hash identifier: zy3kPYf5C1X11Lpwhkb6knv7ihik9BosdcNbPr42gwg= Subject key identifier: B9:78:72:B2:84:D2:14:E6:42:5D:B8:F5:F1:1A:FB:33:AB:34:91:CC Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 507A7A3759A025F93671599E9062ED8A93406BDA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142718.roa Signing time: Wed 04 Mar 2026 06:05:36 +0000 ROA not before: Wed 04 Mar 2026 06:00:36 +0000 ROA not after: Wed 03 Mar 2027 06:05:36 +0000 asID: 142718 IP address blocks: 240a:a044::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:7a:7a:37:59:a0:25:f9:36:71:59:9e:90:62:ed:8a:93:40:6b:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:36 2026 GMT Not After : Mar 3 06:05:36 2027 GMT Subject: CN=B97872B284D214E6425DB8F5F11AFB33AB3491CC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:d8:a3:e9:0b:21:4b:9e:33:03:25:8d:c3:23: 69:d7:8d:35:d1:b0:4b:2a:64:c8:90:76:24:90:1a: d9:df:ca:5e:f5:1a:43:1b:aa:65:1c:b0:f2:19:8b: 62:41:b7:76:b0:7f:2e:c5:bc:d2:63:35:84:8b:84: 14:e5:42:f4:d2:2c:c9:a3:f0:f8:c8:66:f5:41:6b: d1:d4:72:bc:5c:d1:09:1e:29:7a:65:30:6a:0b:ed: ad:e5:ec:17:80:a1:91:e0:c6:05:66:94:82:c3:e4: 7c:6c:be:0b:85:7e:0b:04:26:94:43:f3:f8:ac:81: 15:bc:4a:69:c6:01:00:5d:e2:65:d0:25:68:fd:89: 43:d3:7f:80:16:68:5e:48:51:ae:18:56:ef:eb:3d: f2:54:4c:54:2b:01:2d:fa:42:d2:0b:43:5b:ad:70: 01:0e:24:90:5c:72:dc:bf:a4:5c:d6:61:ba:c1:d1: 94:d8:e7:ee:5c:b5:35:71:3c:44:b8:85:a1:51:96: cf:42:50:db:73:a5:11:18:21:c1:a1:fb:37:13:f0: 7b:70:97:7f:8c:04:ba:1f:c2:6d:dc:42:c1:f7:4b: dc:b6:96:97:54:34:87:a7:9d:31:d0:fd:bd:71:b1: a8:04:5f:5c:ed:40:1d:68:58:36:31:14:f3:3f:8c: d0:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:78:72:B2:84:D2:14:E6:42:5D:B8:F5:F1:1A:FB:33:AB:34:91:CC X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142718.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a044::/32 Signature Algorithm: sha256WithRSAEncryption 9b:8b:d5:83:21:58:76:a0:29:d0:6a:c5:6b:f3:aa:9e:22:0e: 64:b5:17:17:df:0c:25:5c:75:c1:13:75:70:c2:3d:48:9b:5d: c9:52:47:ac:b2:b0:eb:de:24:26:b8:ba:fa:d2:1e:f4:eb:62: 3c:e6:fe:87:1e:d6:1a:9e:12:73:99:6a:e7:6d:71:b4:a9:ce: e3:2f:58:6c:b4:db:01:4f:6a:3a:72:db:78:0d:20:a6:f1:31: 3c:48:34:7f:33:f0:55:6c:42:48:c0:9d:66:2d:83:19:94:c5: c4:22:bd:ce:b1:c2:d4:28:1e:79:7a:84:03:db:25:f9:49:55: 2d:bb:d6:2e:e7:48:95:54:36:f7:78:76:3e:37:03:44:d9:e7: 44:10:62:e2:10:d8:8b:28:ad:98:1b:08:a2:1a:a8:af:02:d0: c7:49:f8:2d:68:ed:af:58:55:84:5b:40:34:22:57:fa:c9:78: 0c:72:2c:8f:3e:24:7f:97:91:77:e8:88:e9:4d:e6:28:63:cc: e2:10:02:39:36:35:9a:55:76:27:8c:9b:15:4d:55:4f:52:f1: e1:80:8d:de:55:ef:81:60:b7:b4:52:b9:81:36:86:84:c0:7b: 0f:a7:dc:01:01:92:8e:36:98:2c:77:13:2d:21:1f:2a:b5:a4: 80:cb:07:49 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUUHp6N1mgJfk2cVmekGLtipNAa9owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAzNloX DTI3MDMwMzA2MDUzNlowMzExMC8GA1UEAxMoQjk3ODcyQjI4NEQyMTRFNjQyNURC OEY1RjExQUZCMzNBQjM0OTFDQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMnYo+kLIUueMwMljcMjadeNNdGwSypkyJB2JJAa2d/KXvUaQxuqZRyw8hmL YkG3drB/LsW80mM1hIuEFOVC9NIsyaPw+Mhm9UFr0dRyvFzRCR4pemUwagvtreXs F4ChkeDGBWaUgsPkfGy+C4V+CwQmlEPz+KyBFbxKacYBAF3iZdAlaP2JQ9N/gBZo XkhRrhhW7+s98lRMVCsBLfpC0gtDW61wAQ4kkFxy3L+kXNZhusHRlNjn7ly1NXE8 RLiFoVGWz0JQ23OlERghwaH7NxPwe3CXf4wEuh/CbdxCwfdL3LaWl1Q0h6edMdD9 vXGxqARfXO1AHWhYNjEU8z+M0F0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS5eHKy hNIU5kJduPXxGvszqzSRzDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjcxOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oEQwDQYJKoZIhvcNAQELBQADggEBAJuL1YMhWHagKdBqxWvzqp4iDmS1FxffDCVc dcETdXDCPUibXclSR6yysOveJCa4uvrSHvTrYjzm/oce1hqeEnOZaudtcbSpzuMv WGy02wFPajpy23gNIKbxMTxINH8z8FVsQkjAnWYtgxmUxcQivc6xwtQoHnl6hAPb JflJVS271i7nSJVUNvd4dj43A0TZ50QQYuIQ2IsorZgbCKIaqK8C0MdJ+C1o7a9Y VYRbQDQiV/rJeAxyLI8+JH+XkXfoiOlN5ihjzOIQAjk2NZpVdieMmxVNVU9S8eGA jd5V74Fgt7RSuYE2hoTAew+n3AEBko42mCx3Ey0hHyq1pIDLB0k= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:56 2026 by rpki-client