$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142768.roa File: AS142768.roa (raw, json) Hash identifier: NvARXhK9qw4iwO8+XBj/nz+lzJRlPBnBoS1VZYbFHyQ= Subject key identifier: 3B:8F:53:E2:71:46:20:1F:2E:D9:D8:5E:C8:E9:8B:01:40:8B:1D:A6 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 46AB72F88FF681B744B2805212293EB9F5E8CA51 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142768.roa Signing time: Wed 04 Mar 2026 06:05:58 +0000 ROA not before: Wed 04 Mar 2026 06:00:58 +0000 ROA not after: Wed 03 Mar 2027 06:05:58 +0000 asID: 142768 IP address blocks: 240a:a076::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:ab:72:f8:8f:f6:81:b7:44:b2:80:52:12:29:3e:b9:f5:e8:ca:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:58 2026 GMT Not After : Mar 3 06:05:58 2027 GMT Subject: CN=3B8F53E27146201F2ED9D85EC8E98B01408B1DA6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:86:3f:22:a1:f2:7d:1b:03:12:94:e0:50:bc: 1d:71:3e:0b:42:1a:68:7b:6a:db:3c:82:df:8c:df: 17:89:18:ed:83:8d:23:9d:4d:30:2c:f4:c5:e9:75: 04:c9:a3:59:03:b5:8e:ba:fc:1e:d5:42:d2:8d:b9: 8d:c4:c2:e6:04:f4:a2:1a:40:13:59:66:49:2d:de: c2:b7:5d:c4:a5:d6:3b:6f:6d:3b:97:bd:3e:19:fa: 33:8d:49:64:ad:28:7f:fd:3a:3e:55:9d:3d:56:30: 4d:d6:0e:05:90:32:b8:f0:27:8e:d2:ec:0a:08:df: aa:10:06:13:c0:57:1d:1f:2f:9c:ea:9f:8d:51:c6: 86:1c:a5:5d:34:04:d0:32:57:b4:d2:04:2f:d9:ae: bf:99:92:39:7b:22:ee:fa:14:77:84:2f:92:31:b4: 0d:9d:c1:6c:f9:74:23:14:d1:22:9b:0e:73:b2:0e: b6:0c:02:10:e0:d0:cb:fc:04:86:b0:d5:e3:aa:58: ce:b8:e8:3f:da:fb:f9:84:54:6a:9d:05:7e:ad:ba: cf:67:73:b3:ba:ea:0c:14:fc:b8:34:ca:5f:eb:a0: b9:33:d8:34:d2:cf:2e:c0:62:40:67:8e:c7:9e:af: 6e:0e:88:da:03:c8:61:8d:7c:94:34:82:be:69:84: 34:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:8F:53:E2:71:46:20:1F:2E:D9:D8:5E:C8:E9:8B:01:40:8B:1D:A6 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142768.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a076::/32 Signature Algorithm: sha256WithRSAEncryption 63:5f:ea:e8:ff:5f:35:8e:84:a2:8c:5e:38:4f:cf:e5:e1:1c: ec:0b:72:a1:92:6f:b4:4b:c3:05:48:eb:49:f1:6f:37:1f:68: ec:1a:b3:30:46:9f:35:b1:8f:24:67:4f:8f:0a:0b:11:3d:f0: 7c:04:d4:f9:9c:c6:bb:66:dd:45:a7:0d:4e:2a:d4:58:d4:cd: 8c:44:7d:2e:45:1d:aa:7f:bb:45:3d:88:52:58:f6:c7:1c:22: 3f:92:58:1c:30:95:0e:9d:5f:59:ee:34:4c:4e:f6:12:32:58: 8c:ee:97:07:79:fa:cd:63:f7:dd:0c:24:7d:90:64:62:ae:5f: 97:7f:24:a7:86:b0:4e:91:79:dc:4f:4e:e3:25:9c:d6:4e:4c: 65:7d:36:a6:3c:17:ee:6d:e9:0c:0d:f3:7f:a8:e1:b2:f9:71: 4e:88:12:3b:4e:0e:a1:db:72:3e:e8:3a:61:b7:a1:6f:47:49: 2c:ea:97:0e:e0:66:81:ea:eb:19:8a:78:6d:ad:f4:73:bb:66: ca:ce:b4:9a:fc:12:de:5f:e8:8c:a1:f9:cc:a3:08:54:a2:0c: aa:31:e9:5b:89:14:7f:20:79:0d:bd:99:01:7d:55:69:fc:0c: 99:78:b0:33:a3:fb:01:30:34:42:ad:ba:02:4f:ef:85:4f:f4: 6e:4a:8e:1e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIURqty+I/2gbdEsoBSEik+ufXoylEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA1OFoX DTI3MDMwMzA2MDU1OFowMzExMC8GA1UEAxMoM0I4RjUzRTI3MTQ2MjAxRjJFRDlE ODVFQzhFOThCMDE0MDhCMURBNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJKGPyKh8n0bAxKU4FC8HXE+C0IaaHtq2zyC34zfF4kY7YONI51NMCz0xel1 BMmjWQO1jrr8HtVC0o25jcTC5gT0ohpAE1lmSS3ewrddxKXWO29tO5e9Phn6M41J ZK0of/06PlWdPVYwTdYOBZAyuPAnjtLsCgjfqhAGE8BXHR8vnOqfjVHGhhylXTQE 0DJXtNIEL9muv5mSOXsi7voUd4QvkjG0DZ3BbPl0IxTRIpsOc7IOtgwCEODQy/wE hrDV46pYzrjoP9r7+YRUap0Ffq26z2dzs7rqDBT8uDTKX+uguTPYNNLPLsBiQGeO x56vbg6I2gPIYY18lDSCvmmENJsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ7j1Pi cUYgHy7Z2F7I6YsBQIsdpjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjc2OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oHYwDQYJKoZIhvcNAQELBQADggEBAGNf6uj/XzWOhKKMXjhPz+XhHOwLcqGSb7RL wwVI60nxbzcfaOwaszBGnzWxjyRnT48KCxE98HwE1Pmcxrtm3UWnDU4q1FjUzYxE fS5FHap/u0U9iFJY9sccIj+SWBwwlQ6dX1nuNExO9hIyWIzulwd5+s1j990MJH2Q ZGKuX5d/JKeGsE6RedxPTuMlnNZOTGV9NqY8F+5t6QwN83+o4bL5cU6IEjtODqHb cj7oOmG3oW9HSSzqlw7gZoHq6xmKeG2t9HO7ZsrOtJr8Et5f6Iyh+cyjCFSiDKox 6VuJFH8geQ29mQF9VWn8DJl4sDOj+wEwNEKtugJP74VP9G5Kjh4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:15 2026 by rpki-client