$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142787.roa File: AS142787.roa (raw, json) Hash identifier: YNiiV60xW7sBsncLNt2TueAd/0Vh5FRPVETD8O8imMI= Subject key identifier: 1B:21:71:CD:CC:D2:F2:03:35:95:1F:30:9B:6C:C2:2F:82:72:3F:D0 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6B42100F3578576021DC26E7E8B5058A020F82E7 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142787.roa Signing time: Wed 04 Mar 2026 06:05:31 +0000 ROA not before: Wed 04 Mar 2026 06:00:31 +0000 ROA not after: Wed 03 Mar 2027 06:05:31 +0000 asID: 142787 IP address blocks: 240a:a089::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:42:10:0f:35:78:57:60:21:dc:26:e7:e8:b5:05:8a:02:0f:82:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:31 2026 GMT Not After : Mar 3 06:05:31 2027 GMT Subject: CN=1B2171CDCCD2F20335951F309B6CC22F82723FD0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:19:63:7c:0e:09:43:6f:1b:6e:ce:cc:64:f6: cb:12:f0:59:64:85:a4:9a:b7:1e:82:1d:c4:5f:41: f2:b5:ae:e5:af:9a:d9:3b:cc:c2:54:4b:6d:86:2a: 9e:df:c2:ac:9c:1e:b8:07:a7:24:b0:3b:23:79:84: 0a:c1:f0:d6:2a:fd:50:f4:d4:1e:d4:ab:2d:60:61: 1e:3b:f4:5f:3d:72:ba:54:ed:a7:36:0f:4f:52:68: 1c:d9:10:4d:1a:99:a1:09:9b:9c:0f:a8:38:b0:55: 77:7f:32:cb:0a:1a:26:fd:91:84:ac:8f:7b:04:42: 53:b9:ce:22:60:98:2e:0a:74:c1:33:11:d0:d5:df: 93:6e:0a:c8:4c:8f:2d:1b:8c:53:37:c4:06:3a:68: 54:f8:57:10:9b:c8:2c:fb:04:97:70:34:03:9a:82: ae:c2:2b:1d:4a:8a:e1:70:4d:27:65:03:9d:ea:b1: 3a:a6:aa:fd:83:3e:2a:6f:3f:db:10:3d:7b:77:b3: b7:c8:42:08:bc:49:a5:6c:8f:dd:6e:b6:ff:fd:51: 20:f4:12:60:f8:60:88:07:cb:3c:dd:a9:b0:1a:22: b5:81:34:a1:02:4f:54:b2:72:4e:c7:12:c6:ce:cf: cf:ac:3e:2a:97:95:ba:31:61:e4:26:e9:d2:10:20: 32:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:21:71:CD:CC:D2:F2:03:35:95:1F:30:9B:6C:C2:2F:82:72:3F:D0 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142787.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a089::/32 Signature Algorithm: sha256WithRSAEncryption 31:3f:5c:c5:6c:ad:f5:55:06:c1:64:33:79:03:49:e6:8a:50: 56:ab:83:2a:dc:19:1d:c0:8d:55:ab:61:3a:28:f6:5f:ca:a3: fd:f6:ba:a6:4a:07:f5:f0:7d:61:f2:92:04:cd:b2:e3:ce:f1: d8:92:d1:be:9d:8d:23:08:e1:be:72:67:a5:3a:75:92:f4:2f: 64:4a:1f:9e:db:34:98:1f:67:bd:c4:37:7c:95:d7:18:68:53: d2:77:37:25:7e:f7:8d:eb:c4:1f:b3:f4:fe:e8:6b:a7:cf:9c: f3:26:23:25:ae:b9:09:3c:29:b3:22:36:34:8b:71:20:0d:e4: 56:8c:0e:23:24:93:1b:f8:11:20:64:59:56:2b:ca:28:89:a1: ed:eb:b0:ea:21:56:58:1d:28:ba:74:3f:f2:9c:04:15:29:4c: f1:19:a4:f1:4f:d4:c8:b9:e0:fb:fe:b5:72:ce:a0:a9:29:29: 05:5e:67:7d:e2:f8:c5:fe:13:26:58:fe:0a:79:a3:41:e1:3a: 24:0d:1f:38:3a:71:30:57:94:4c:b4:7b:08:31:66:44:0b:09: 93:4a:a1:e7:ed:39:dc:66:d2:d9:eb:4b:d0:eb:bd:69:34:7f: 89:f8:b3:e3:49:22:92:da:22:32:ca:f9:f7:d6:a7:dc:9f:7a: 72:d9:ff:c6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUa0IQDzV4V2Ah3Cbn6LUFigIPgucwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAzMVoX DTI3MDMwMzA2MDUzMVowMzExMC8GA1UEAxMoMUIyMTcxQ0RDQ0QyRjIwMzM1OTUx RjMwOUI2Q0MyMkY4MjcyM0ZEMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMEZY3wOCUNvG27OzGT2yxLwWWSFpJq3HoIdxF9B8rWu5a+a2TvMwlRLbYYq nt/CrJweuAenJLA7I3mECsHw1ir9UPTUHtSrLWBhHjv0Xz1yulTtpzYPT1JoHNkQ TRqZoQmbnA+oOLBVd38yywoaJv2RhKyPewRCU7nOImCYLgp0wTMR0NXfk24KyEyP LRuMUzfEBjpoVPhXEJvILPsEl3A0A5qCrsIrHUqK4XBNJ2UDneqxOqaq/YM+Km8/ 2xA9e3ezt8hCCLxJpWyP3W62//1RIPQSYPhgiAfLPN2psBoitYE0oQJPVLJyTscS xs7Pz6w+KpeVujFh5Cbp0hAgMlMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQbIXHN zNLyAzWVHzCbbMIvgnI/0DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjc4Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oIkwDQYJKoZIhvcNAQELBQADggEBADE/XMVsrfVVBsFkM3kDSeaKUFargyrcGR3A jVWrYToo9l/Ko/32uqZKB/XwfWHykgTNsuPO8diS0b6djSMI4b5yZ6U6dZL0L2RK H57bNJgfZ73EN3yV1xhoU9J3NyV+943rxB+z9P7oa6fPnPMmIyWuuQk8KbMiNjSL cSAN5FaMDiMkkxv4ESBkWVYryiiJoe3rsOohVlgdKLp0P/KcBBUpTPEZpPFP1Mi5 4Pv+tXLOoKkpKQVeZ33i+MX+EyZY/gp5o0HhOiQNHzg6cTBXlEy0ewgxZkQLCZNK oeftOdxm0tnrS9DrvWk0f4n4s+NJIpLaIjLK+ffWp9yfenLZ/8Y= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:34 2026 by rpki-client