$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142728.roa File: AS142728.roa (raw, json) Hash identifier: MsbzCV9Y9zPCkFZ/IQnfE/dM4++GS1EXjrymP8fBFpY= Subject key identifier: 38:CE:52:A7:55:83:A3:38:4E:A6:28:76:92:3C:53:F1:98:BB:E1:43 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4AE2BA9C3096B5C63903F88E6BC5A4A1801C9C05 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142728.roa Signing time: Wed 04 Mar 2026 06:07:46 +0000 ROA not before: Wed 04 Mar 2026 06:02:46 +0000 ROA not after: Wed 03 Mar 2027 06:07:46 +0000 asID: 142728 IP address blocks: 240a:a04e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:e2:ba:9c:30:96:b5:c6:39:03:f8:8e:6b:c5:a4:a1:80:1c:9c:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:46 2026 GMT Not After : Mar 3 06:07:46 2027 GMT Subject: CN=38CE52A75583A3384EA62876923C53F198BBE143 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:a9:70:cd:37:98:c8:e6:44:01:34:14:cf:06: 89:6a:a8:45:57:ed:37:4a:a5:0f:8d:0c:d0:9f:ec: ae:db:00:f1:8e:3b:6f:39:bd:56:28:94:7f:3c:07: 1f:69:70:cb:61:24:26:29:7c:aa:a5:e0:d5:35:e1: 8b:0c:12:83:8c:51:b6:5b:f0:56:09:63:9d:62:3e: 86:8d:f6:a6:c1:b7:82:79:ab:f9:ed:85:c7:6d:4a: 4f:6b:31:2f:bf:f3:5b:4b:08:33:e3:3d:ba:d6:8b: 1e:e0:c1:28:4d:b3:12:86:11:3f:8d:3b:97:35:8a: 6c:b4:33:32:8a:10:e9:94:f9:c0:f5:36:4f:3b:67: 87:40:0f:a8:50:f3:ac:0f:86:dd:3e:19:3c:d5:b7: 11:6e:23:1e:9a:83:84:66:cd:31:57:eb:bd:8c:75: 5c:13:9a:53:93:a9:f7:63:96:31:c9:d0:03:b6:25: 79:35:2f:56:bb:81:86:c1:f8:e5:2b:a0:0b:a3:d7: f3:1c:95:1f:2c:20:4b:fa:8b:22:f1:e9:5a:91:77: 8a:55:ac:44:e3:dd:d9:c6:ee:57:90:25:86:44:8f: 75:75:6d:02:9f:38:81:4f:87:ad:82:e3:52:11:c6: 61:07:0f:95:12:2b:76:26:64:6b:31:c1:f0:be:63: d9:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:CE:52:A7:55:83:A3:38:4E:A6:28:76:92:3C:53:F1:98:BB:E1:43 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142728.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a04e::/32 Signature Algorithm: sha256WithRSAEncryption 48:5d:ac:c2:15:dd:2b:8b:8a:6b:80:97:cf:70:b0:0f:14:91: 69:44:5f:af:70:14:e7:c3:a9:a1:41:77:94:63:0a:6e:0f:40: 1a:5a:de:95:65:9c:86:db:42:f1:7e:94:b1:57:29:1b:99:f2: 80:74:41:76:d6:1a:79:25:7a:dc:cb:1c:20:05:8a:88:54:a7: 31:e1:0f:47:9a:c5:19:c1:22:40:df:70:2d:cf:b0:4f:4c:c9: c2:2c:9d:17:e5:69:20:bf:04:98:9d:90:b2:bc:23:17:43:4f: a7:b8:ab:96:d8:e8:42:65:77:87:2f:54:6d:fc:5b:f5:cf:c9: 51:d4:32:65:90:81:9d:cc:d0:3c:26:3b:04:86:bf:3b:8b:44: 9e:46:9b:99:32:39:78:3b:cf:30:45:bf:63:ef:e2:ea:e5:cb: 3e:08:51:9b:9b:5c:f1:7b:f3:c9:a1:f5:69:25:31:4b:cc:56: ca:dd:cd:55:28:a1:9e:02:cd:7c:91:bc:29:58:09:18:05:9b: 6a:d5:bf:6d:d3:35:fc:b9:11:bf:54:ec:ed:ac:69:e2:2c:40: d7:7f:7e:7a:f1:5f:e1:90:69:7e:63:4c:fb:32:47:6d:5c:cb: 38:64:54:8e:38:4b:d8:52:f8:04:cb:80:a5:c3:be:1a:78:6c: 88:31:1a:74 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUSuK6nDCWtcY5A/iOa8WkoYAcnAUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI0NloX DTI3MDMwMzA2MDc0NlowMzExMC8GA1UEAxMoMzhDRTUyQTc1NTgzQTMzODRFQTYy ODc2OTIzQzUzRjE5OEJCRTE0MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANWpcM03mMjmRAE0FM8GiWqoRVftN0qlD40M0J/srtsA8Y47bzm9ViiUfzwH H2lwy2EkJil8qqXg1TXhiwwSg4xRtlvwVgljnWI+ho32psG3gnmr+e2Fx21KT2sx L7/zW0sIM+M9utaLHuDBKE2zEoYRP407lzWKbLQzMooQ6ZT5wPU2Tztnh0APqFDz rA+G3T4ZPNW3EW4jHpqDhGbNMVfrvYx1XBOaU5Op92OWMcnQA7YleTUvVruBhsH4 5SugC6PX8xyVHywgS/qLIvHpWpF3ilWsROPd2cbuV5AlhkSPdXVtAp84gU+HrYLj UhHGYQcPlRIrdiZkazHB8L5j2akCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ4zlKn VYOjOE6mKHaSPFPxmLvhQzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjcyOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oE4wDQYJKoZIhvcNAQELBQADggEBAEhdrMIV3SuLimuAl89wsA8UkWlEX69wFOfD qaFBd5RjCm4PQBpa3pVlnIbbQvF+lLFXKRuZ8oB0QXbWGnkletzLHCAFiohUpzHh D0eaxRnBIkDfcC3PsE9MycIsnRflaSC/BJidkLK8IxdDT6e4q5bY6EJld4cvVG38 W/XPyVHUMmWQgZ3M0DwmOwSGvzuLRJ5Gm5kyOXg7zzBFv2Pv4urlyz4IUZubXPF7 88mh9WklMUvMVsrdzVUooZ4CzXyRvClYCRgFm2rVv23TNfy5Eb9U7O2saeIsQNd/ fnrxX+GQaX5jTPsyR21cyzhkVI44S9hS+ATLgKXDvhp4bIgxGnQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:47 2026 by rpki-client