$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142732.roa File: AS142732.roa (raw, json) Hash identifier: gBGuUWlIwuNydTM2Ulk7PV2Mv5WfhtA1yYygjeoq05k= Subject key identifier: 56:5C:B9:72:01:3E:E0:F9:58:AC:73:AA:D6:4E:C2:2C:4F:F5:FF:3D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 70D52A9A302AD8FEC84DC9C08B8BC114397A9CD3 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142732.roa Signing time: Wed 04 Mar 2026 06:07:43 +0000 ROA not before: Wed 04 Mar 2026 06:02:43 +0000 ROA not after: Wed 03 Mar 2027 06:07:43 +0000 asID: 142732 IP address blocks: 240a:a052::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:d5:2a:9a:30:2a:d8:fe:c8:4d:c9:c0:8b:8b:c1:14:39:7a:9c:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:43 2026 GMT Not After : Mar 3 06:07:43 2027 GMT Subject: CN=565CB972013EE0F958AC73AAD64EC22C4FF5FF3D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:4a:9a:a7:61:9b:6d:21:7a:5b:19:5d:7a:ee: be:34:65:18:ab:5b:64:66:eb:69:e9:3b:1d:93:f6: 30:fe:e5:8e:5c:67:15:ad:ee:e1:91:fa:cd:40:4d: 8f:97:3c:11:91:2a:58:ba:f7:df:bf:0b:af:4c:e5: ce:b8:f1:e7:9f:80:7e:9f:d9:e5:47:37:14:2d:56: 53:b1:dc:77:c7:7c:39:d7:a1:8e:ff:27:92:45:bc: e2:2d:86:71:af:7d:6a:e5:ba:7b:47:13:82:fb:b5: a9:ee:78:c9:b0:cd:12:37:20:84:e6:e5:30:a9:5c: 7b:f5:46:b2:27:0b:9d:92:72:e2:52:6d:64:91:40: 8c:20:29:2e:6a:ec:fe:33:d9:e6:e6:fc:2b:bb:fa: 55:ca:33:3b:81:2f:70:34:d9:f2:c2:ad:d0:ec:e8: a2:68:5a:cf:6f:68:7d:cf:36:c2:67:e3:00:3b:48: 6c:1e:9f:c5:8d:af:c3:fb:79:34:0d:19:89:4d:7f: 48:32:a5:7e:e5:51:64:07:25:39:06:32:cb:b2:ca: ba:ec:00:7d:58:cc:0f:5e:cd:6e:bd:36:e9:c5:d7: e0:89:31:f7:ea:78:86:85:4c:11:b1:55:18:6f:d8: f1:75:0a:5b:2f:ac:9d:77:f3:fc:44:1b:91:67:42: 48:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:5C:B9:72:01:3E:E0:F9:58:AC:73:AA:D6:4E:C2:2C:4F:F5:FF:3D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142732.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a052::/32 Signature Algorithm: sha256WithRSAEncryption b4:da:68:56:1a:60:96:f1:62:07:77:70:76:29:bd:32:6d:9b: 72:4d:ca:98:59:86:62:6c:59:7e:10:2e:ad:fa:96:e8:3b:3f: 61:81:4b:0b:7a:e1:14:ec:85:3e:d3:9f:c8:d6:b8:19:2b:b6: 2d:93:81:56:5d:18:95:ef:fb:4b:65:9b:e2:49:6a:bd:e3:4b: 2a:d3:c1:bc:98:17:f9:dc:bd:16:df:e3:57:d7:c3:32:8c:4f: 1e:70:5e:2b:79:90:91:d2:71:ce:a1:62:34:18:38:a3:38:f9: 12:b1:21:52:1c:96:58:70:49:30:37:39:cb:3b:25:4d:8d:b0: 90:96:61:fe:81:63:06:0b:20:4b:39:cf:aa:07:f9:84:3f:49: 5c:29:a4:fc:06:e2:a3:76:73:d0:ba:71:76:aa:c0:79:d4:d8: 91:cb:b8:a3:00:fc:65:97:7c:fe:4c:7c:c5:2f:95:55:91:19: 99:b7:ee:0f:e7:44:96:e0:f1:f4:26:f2:13:47:af:3b:bb:22: 27:69:73:59:8c:c6:5a:ae:7b:81:97:8c:c8:39:55:84:d2:01: a3:8c:1f:cc:17:b6:ca:8b:d6:cd:04:e8:85:a7:47:72:f2:a1: e8:d6:f1:e4:5f:89:e2:24:f6:9e:cb:83:92:49:44:b4:dc:7b: 88:d0:29:f7 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUcNUqmjAq2P7ITcnAi4vBFDl6nNMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI0M1oX DTI3MDMwMzA2MDc0M1owMzExMC8GA1UEAxMoNTY1Q0I5NzIwMTNFRTBGOTU4QUM3 M0FBRDY0RUMyMkM0RkY1RkYzRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMBKmqdhm20helsZXXruvjRlGKtbZGbraek7HZP2MP7ljlxnFa3u4ZH6zUBN j5c8EZEqWLr3378Lr0zlzrjx55+Afp/Z5Uc3FC1WU7Hcd8d8Odehjv8nkkW84i2G ca99auW6e0cTgvu1qe54ybDNEjcghOblMKlce/VGsicLnZJy4lJtZJFAjCApLmrs /jPZ5ub8K7v6VcozO4EvcDTZ8sKt0Ozoomhaz29ofc82wmfjADtIbB6fxY2vw/t5 NA0ZiU1/SDKlfuVRZAclOQYyy7LKuuwAfVjMD17Nbr026cXX4Ikx9+p4hoVMEbFV GG/Y8XUKWy+snXfz/EQbkWdCSDsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRWXLly AT7g+Visc6rWTsIsT/X/PTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjczMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oFIwDQYJKoZIhvcNAQELBQADggEBALTaaFYaYJbxYgd3cHYpvTJtm3JNyphZhmJs WX4QLq36lug7P2GBSwt64RTshT7Tn8jWuBkrti2TgVZdGJXv+0tlm+JJar3jSyrT wbyYF/ncvRbf41fXwzKMTx5wXit5kJHScc6hYjQYOKM4+RKxIVIcllhwSTA3Ocs7 JU2NsJCWYf6BYwYLIEs5z6oH+YQ/SVwppPwG4qN2c9C6cXaqwHnU2JHLuKMA/GWX fP5MfMUvlVWRGZm37g/nRJbg8fQm8hNHrzu7Iidpc1mMxlque4GXjMg5VYTSAaOM H8wXtsqL1s0E6IWnR3LyoejW8eRfieIk9p7Lg5JJRLTce4jQKfc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:24 2026 by rpki-client