$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142722.roa File: AS142722.roa (raw, json) Hash identifier: WJVmPzujLAy01tAPsJkHGESQfJOmUHa+kttkFQo2OKQ= Subject key identifier: 2A:63:12:38:67:13:F6:F5:27:3B:EF:07:CE:C4:4E:59:64:92:F4:3F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4D263D4259A23F86DF878A35B8E1D6C0106EDE47 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142722.roa Signing time: Wed 04 Mar 2026 06:06:03 +0000 ROA not before: Wed 04 Mar 2026 06:01:03 +0000 ROA not after: Wed 03 Mar 2027 06:06:03 +0000 asID: 142722 IP address blocks: 240a:a048::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:26:3d:42:59:a2:3f:86:df:87:8a:35:b8:e1:d6:c0:10:6e:de:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:03 2026 GMT Not After : Mar 3 06:06:03 2027 GMT Subject: CN=2A6312386713F6F5273BEF07CEC44E596492F43F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:35:14:94:1e:27:46:64:6d:cf:da:36:e5:03: ba:f3:76:2f:7f:f6:49:50:6a:2e:4b:14:db:e1:83: 49:48:da:2c:8f:8c:f1:8d:37:76:52:82:69:17:9b: 9c:ed:53:fb:68:f5:cb:d2:5e:06:a6:e4:a4:bc:e9: f7:31:89:f9:1e:f1:27:57:04:e9:f4:8b:26:9a:9e: 6d:38:b6:57:5e:23:64:bf:43:0e:5b:65:98:91:f1: 72:3f:bf:8c:d8:c8:e5:75:71:e7:63:32:cd:16:21: 01:8a:1f:dc:3f:e7:95:25:15:69:20:1f:21:92:11: 3f:be:75:40:42:17:56:bd:c4:bb:b7:52:c6:9d:e6: 36:e7:04:3f:43:61:6a:05:19:ce:1e:e6:5f:6c:92: 01:bd:b0:c2:a3:a8:11:53:6c:3e:f9:d9:c2:93:49: 10:f7:31:d7:51:ec:8e:ea:06:f4:22:e3:bc:0e:5c: fd:d4:2d:55:b9:83:bc:d3:e7:5b:0e:14:c4:cd:7c: 08:ed:17:37:f5:38:c9:96:b0:41:a6:66:df:c7:1d: 18:07:98:50:c4:46:10:d9:2e:73:56:ac:8c:af:53: 85:07:23:0e:16:73:5c:30:9c:6f:9c:12:2e:ca:42: c4:ae:99:a6:19:ec:a4:9f:1b:69:4e:6b:5d:aa:f7: 89:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:63:12:38:67:13:F6:F5:27:3B:EF:07:CE:C4:4E:59:64:92:F4:3F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142722.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a048::/32 Signature Algorithm: sha256WithRSAEncryption be:90:5a:c9:63:26:2a:f9:90:84:c1:bb:89:bf:b5:53:8b:0b: 26:11:57:ba:62:a5:72:64:bb:c1:36:90:bc:04:2d:5c:b8:73: 34:5c:5e:26:02:ff:67:74:db:98:f4:1d:b0:38:9d:97:73:8b: 7c:2b:b8:b6:d7:bd:73:10:cf:ac:f5:c5:50:3c:fd:b3:f4:63: 8b:13:6b:b0:4a:16:33:4a:a9:76:13:40:53:bc:f3:a6:6d:21: e2:0e:a6:aa:61:8f:05:27:22:a1:e4:16:cc:66:12:00:0b:1c: 0e:30:47:84:41:41:1e:56:13:80:90:3f:32:32:de:c4:80:e9: 87:fd:40:5e:66:70:ea:eb:1b:ac:e8:72:db:89:31:07:d7:c3: e8:4d:7e:f5:31:36:05:cd:a6:a5:69:31:7f:36:e9:6a:8f:f5: 15:20:af:ab:0e:fc:87:d1:d7:96:25:1a:27:fa:02:e1:3f:26: fe:d4:6c:1a:a5:80:74:e0:46:fc:38:7a:e4:4e:0e:ec:46:8d: 34:7c:b0:fa:6e:da:b7:af:3f:7c:03:70:80:3e:b2:8f:a2:cb: 1d:c4:fd:d7:05:76:92:b3:a9:0a:e4:b0:ca:7c:9b:ea:69:3d: 60:6e:de:21:dd:e5:9c:fe:ba:d2:9b:b8:4d:c4:22:06:1c:91: 5c:1f:b4:b6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTSY9QlmiP4bfh4o1uOHWwBBu3kcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEwM1oX DTI3MDMwMzA2MDYwM1owMzExMC8GA1UEAxMoMkE2MzEyMzg2NzEzRjZGNTI3M0JF RjA3Q0VDNDRFNTk2NDkyRjQzRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAME1FJQeJ0Zkbc/aNuUDuvN2L3/2SVBqLksU2+GDSUjaLI+M8Y03dlKCaReb nO1T+2j1y9JeBqbkpLzp9zGJ+R7xJ1cE6fSLJpqebTi2V14jZL9DDltlmJHxcj+/ jNjI5XVx52MyzRYhAYof3D/nlSUVaSAfIZIRP751QEIXVr3Eu7dSxp3mNucEP0Nh agUZzh7mX2ySAb2wwqOoEVNsPvnZwpNJEPcx11HsjuoG9CLjvA5c/dQtVbmDvNPn Ww4UxM18CO0XN/U4yZawQaZm38cdGAeYUMRGENkuc1asjK9ThQcjDhZzXDCcb5wS LspCxK6ZphnspJ8baU5rXar3iU0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQqYxI4 ZxP29Sc77wfOxE5ZZJL0PzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjcyMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oEgwDQYJKoZIhvcNAQELBQADggEBAL6QWsljJir5kITBu4m/tVOLCyYRV7pipXJk u8E2kLwELVy4czRcXiYC/2d025j0HbA4nZdzi3wruLbXvXMQz6z1xVA8/bP0Y4sT a7BKFjNKqXYTQFO886ZtIeIOpqphjwUnIqHkFsxmEgALHA4wR4RBQR5WE4CQPzIy 3sSA6Yf9QF5mcOrrG6zoctuJMQfXw+hNfvUxNgXNpqVpMX826WqP9RUgr6sO/IfR 15YlGif6AuE/Jv7UbBqlgHTgRvw4euRODuxGjTR8sPpu2revP3wDcIA+so+iyx3E /dcFdpKzqQrksMp8m+ppPWBu3iHd5Zz+utKbuE3EIgYckVwftLY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:51 2026 by rpki-client