$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142752.roa File: AS142752.roa (raw, json) Hash identifier: BAAyAflw/12AVKhPJVEenyOHm/xlzH1eobLbVRIhBwE= Subject key identifier: D0:9A:7F:AC:BB:0B:2B:29:6D:BB:94:A7:0D:8A:24:5A:93:E9:1B:75 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7C2D7FFAA9686E9A3890A3DFBBD168199BFE4DD5 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142752.roa Signing time: Wed 04 Mar 2026 06:06:13 +0000 ROA not before: Wed 04 Mar 2026 06:01:13 +0000 ROA not after: Wed 03 Mar 2027 06:06:13 +0000 asID: 142752 IP address blocks: 240a:a066::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:2d:7f:fa:a9:68:6e:9a:38:90:a3:df:bb:d1:68:19:9b:fe:4d:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:13 2026 GMT Not After : Mar 3 06:06:13 2027 GMT Subject: CN=D09A7FACBB0B2B296DBB94A70D8A245A93E91B75 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:e7:c7:20:75:ad:78:8e:0b:aa:fc:a0:e5:52: 7e:91:5c:aa:ec:47:9c:72:0f:31:e8:4f:07:5e:c2: 94:85:96:02:0a:02:f5:46:5d:2f:15:33:08:c8:27: 74:5e:76:ca:0a:0d:80:04:f1:5e:b6:76:da:a1:04: df:53:0a:b5:1a:fa:f4:7f:71:0b:2f:52:c2:9d:24: 10:b9:b4:ea:f6:c4:94:1b:6a:3d:d2:42:33:dd:27: c2:bc:e3:95:fa:ce:48:98:1b:36:45:be:ef:b0:fd: 45:ff:67:54:5d:41:52:18:a7:38:3b:62:70:b3:1a: ea:3e:42:4a:51:a3:9e:cf:44:5e:d5:e3:3f:a5:22: 63:c9:10:e5:26:c1:ce:db:7b:11:7c:02:1e:98:bc: df:c3:80:45:f8:19:2e:56:c3:2d:ca:fc:9e:6a:92: 2d:17:58:44:bf:86:68:b6:16:55:3f:27:3a:3d:3c: bc:3a:70:30:ef:81:cd:26:5e:74:96:69:75:70:07: 26:fa:a5:d8:eb:7b:14:9e:c1:e0:ee:5b:1a:79:e6: 59:f9:74:8f:19:c1:50:ad:02:65:dd:05:6d:fa:e1: ab:4b:91:df:29:5a:6f:ef:9f:24:04:49:88:1b:7e: 61:6c:6c:4d:95:9f:5f:97:2d:ca:e5:11:ef:6f:08: 36:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:9A:7F:AC:BB:0B:2B:29:6D:BB:94:A7:0D:8A:24:5A:93:E9:1B:75 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142752.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a066::/32 Signature Algorithm: sha256WithRSAEncryption 6c:19:53:d8:39:4e:19:2f:70:fa:e6:25:f4:1b:0f:04:0a:d2: 42:46:db:dd:69:5f:5a:35:97:68:82:81:5b:ef:18:78:47:39: 33:67:c2:e4:8e:34:40:f7:88:96:d9:37:d9:22:0e:e2:8d:1f: 97:50:5b:51:94:52:41:83:7d:28:8d:8c:9e:6e:8e:f5:ba:b7: 96:0e:f0:e6:e0:17:5a:82:72:d2:e3:e6:5e:17:8c:ee:4e:5e: e4:37:45:f4:ab:d0:f1:63:75:56:9b:44:0e:82:91:e3:67:bd: 5d:44:72:e8:3a:c4:bf:7a:c6:e0:fd:24:15:33:da:16:4a:ff: 0b:60:28:d3:fa:59:73:f0:38:52:c5:cf:b4:db:6d:9b:24:8b: 4d:ab:a7:56:91:18:5a:cb:9d:6c:dc:ed:91:04:8c:ee:f7:ae: 20:f4:c2:41:ad:fa:9e:28:16:8b:50:ae:96:f1:7c:fd:0a:8c: 1d:33:10:0c:41:dd:80:32:7b:75:86:e2:03:f7:41:06:56:3f: 34:ca:32:ae:05:35:3f:3c:3a:b7:c6:c6:e8:35:33:a4:76:23: 3c:74:73:f3:2e:eb:e4:6a:6a:13:3d:bd:40:ee:b5:48:32:aa: 1e:06:65:77:ee:35:95:85:97:aa:14:67:95:e0:27:db:15:a6: 02:a6:67:24 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUfC1/+qlobpo4kKPfu9FoGZv+TdUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDExM1oX DTI3MDMwMzA2MDYxM1owMzExMC8GA1UEAxMoRDA5QTdGQUNCQjBCMkIyOTZEQkI5 NEE3MEQ4QTI0NUE5M0U5MUI3NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKjnxyB1rXiOC6r8oOVSfpFcquxHnHIPMehPB17ClIWWAgoC9UZdLxUzCMgn dF52ygoNgATxXrZ22qEE31MKtRr69H9xCy9Swp0kELm06vbElBtqPdJCM90nwrzj lfrOSJgbNkW+77D9Rf9nVF1BUhinODticLMa6j5CSlGjns9EXtXjP6UiY8kQ5SbB ztt7EXwCHpi838OARfgZLlbDLcr8nmqSLRdYRL+GaLYWVT8nOj08vDpwMO+BzSZe dJZpdXAHJvql2Ot7FJ7B4O5bGnnmWfl0jxnBUK0CZd0Fbfrhq0uR3ylab++fJARJ iBt+YWxsTZWfX5ctyuUR728INmcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTQmn+s uwsrKW27lKcNiiRak+kbdTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjc1Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oGYwDQYJKoZIhvcNAQELBQADggEBAGwZU9g5ThkvcPrmJfQbDwQK0kJG291pX1o1 l2iCgVvvGHhHOTNnwuSONED3iJbZN9kiDuKNH5dQW1GUUkGDfSiNjJ5ujvW6t5YO 8ObgF1qCctLj5l4XjO5OXuQ3RfSr0PFjdVabRA6CkeNnvV1Ecug6xL96xuD9JBUz 2hZK/wtgKNP6WXPwOFLFz7TbbZski02rp1aRGFrLnWzc7ZEEjO73riD0wkGt+p4o FotQrpbxfP0KjB0zEAxB3YAye3WG4gP3QQZWPzTKMq4FNT88OrfGxug1M6R2Izx0 c/Mu6+RqahM9vUDutUgyqh4GZXfuNZWFl6oUZ5XgJ9sVpgKmZyQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:31 2026 by rpki-client