$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142789.roa File: AS142789.roa (raw, json) Hash identifier: k8X6T4Mi3IXa58BColasqAVJb+arrvMb3qNuHDSLRcI= Subject key identifier: 1D:EE:8A:98:02:E1:55:B2:56:9A:CE:B0:D1:69:B6:B2:70:48:73:92 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 32B2892D830F8A2AF6EFE85A69FD80717C0B817A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142789.roa Signing time: Wed 04 Mar 2026 06:06:44 +0000 ROA not before: Wed 04 Mar 2026 06:01:44 +0000 ROA not after: Wed 03 Mar 2027 06:06:44 +0000 asID: 142789 IP address blocks: 240a:a08b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:b2:89:2d:83:0f:8a:2a:f6:ef:e8:5a:69:fd:80:71:7c:0b:81:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:44 2026 GMT Not After : Mar 3 06:06:44 2027 GMT Subject: CN=1DEE8A9802E155B2569ACEB0D169B6B270487392 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:1c:36:ef:2d:78:ae:b7:fa:e0:38:22:54:eb: 6e:89:0d:e6:67:57:4d:aa:4d:a7:8d:a9:2c:63:8b: 8e:34:7f:3a:57:78:69:8f:ff:97:8b:85:41:da:09: fb:7d:a8:7b:2e:ae:5b:57:74:3c:2b:5e:fb:3b:f1: ed:ac:9f:62:88:39:70:64:43:6b:b8:75:e0:3b:29: 38:c8:41:0e:a4:45:49:a1:ab:52:6e:9e:6b:ac:86: f1:6b:3a:37:49:00:2c:0f:ad:9b:59:2c:5c:3c:aa: bc:1d:78:4a:ce:41:87:ad:a5:78:ff:9e:47:c7:7d: 35:dc:8f:f8:04:1e:bd:a7:61:e0:e6:89:d6:85:01: 64:45:d7:2a:cb:57:23:f5:4f:bb:57:8f:46:c6:f2: b5:df:60:37:17:47:8d:18:1c:9e:b7:ab:0c:7b:f4: fe:aa:cd:4b:60:5c:73:2e:2c:1d:26:ca:7f:89:51: a9:38:20:b6:6c:db:af:c1:6a:2a:58:0a:73:3f:e0: 6c:9c:01:31:63:e1:b5:d4:f4:4f:51:77:eb:29:64: 69:2e:9e:3c:15:de:d4:61:1d:eb:59:7c:a5:87:a3: ea:9f:f5:08:d5:cb:d9:7d:72:74:46:bc:a4:09:e4: a9:f2:7e:54:31:ce:1f:c6:6f:10:f0:3c:1b:88:e4: 53:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:EE:8A:98:02:E1:55:B2:56:9A:CE:B0:D1:69:B6:B2:70:48:73:92 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142789.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a08b::/32 Signature Algorithm: sha256WithRSAEncryption 53:cc:61:10:1b:79:26:22:c9:5b:b0:92:ed:82:39:26:2a:d7: 18:3c:27:ee:55:ae:fa:9f:23:c5:06:31:cb:84:e1:17:e8:c8: 55:54:e7:06:a7:ea:34:39:7f:62:1d:38:8b:71:27:c9:a3:39: 09:b6:3c:a5:aa:b4:12:59:ff:6d:7c:9c:2d:ab:36:ab:f5:8c: 8d:d0:1f:4a:65:26:ea:5a:97:f8:f5:19:65:7f:2c:b3:cc:88: f3:d9:b5:44:41:c6:21:c0:e7:7b:7e:b2:04:c1:c4:0c:53:7d: ca:b7:53:f6:7e:ff:84:d8:d7:4d:8c:2f:8e:e2:70:7f:ca:61: b9:50:69:53:5e:7e:e1:ec:c2:cd:84:8a:e3:27:e3:bf:0c:65: 70:6d:6b:85:87:a2:75:6b:3f:57:0c:14:1b:3b:4c:fe:02:80: 58:1a:a4:22:98:57:6d:e7:fc:7d:91:aa:82:e9:1f:14:01:07: c5:b5:cc:22:ea:6b:ce:ee:64:28:2c:2d:3e:3b:3a:56:9f:4d: 78:32:fa:a8:10:5f:fc:28:49:35:33:57:68:c4:fc:a1:5f:da: bc:ae:f6:10:fe:5f:65:a3:96:50:e8:70:6b:2a:78:da:4c:22: 06:0e:29:e5:61:d2:9e:23:13:e1:bc:7a:f7:fe:4f:d9:1e:f7: ef:44:f2:1d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMrKJLYMPiir27+haaf2AcXwLgXowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE0NFoX DTI3MDMwMzA2MDY0NFowMzExMC8GA1UEAxMoMURFRThBOTgwMkUxNTVCMjU2OUFD RUIwRDE2OUI2QjI3MDQ4NzM5MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM0cNu8teK63+uA4IlTrbokN5mdXTapNp42pLGOLjjR/Old4aY//l4uFQdoJ +32oey6uW1d0PCte+zvx7ayfYog5cGRDa7h14DspOMhBDqRFSaGrUm6ea6yG8Ws6 N0kALA+tm1ksXDyqvB14Ss5Bh62leP+eR8d9NdyP+AQevadh4OaJ1oUBZEXXKstX I/VPu1ePRsbytd9gNxdHjRgcnrerDHv0/qrNS2Bccy4sHSbKf4lRqTggtmzbr8Fq KlgKcz/gbJwBMWPhtdT0T1F36ylkaS6ePBXe1GEd61l8pYej6p/1CNXL2X1ydEa8 pAnkqfJ+VDHOH8ZvEPA8G4jkUxMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQd7oqY AuFVslaazrDRabaycEhzkjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjc4OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oIswDQYJKoZIhvcNAQELBQADggEBAFPMYRAbeSYiyVuwku2COSYq1xg8J+5Vrvqf I8UGMcuE4RfoyFVU5wan6jQ5f2IdOItxJ8mjOQm2PKWqtBJZ/218nC2rNqv1jI3Q H0plJupal/j1GWV/LLPMiPPZtURBxiHA53t+sgTBxAxTfcq3U/Z+/4TY102ML47i cH/KYblQaVNefuHsws2EiuMn478MZXBta4WHonVrP1cMFBs7TP4CgFgapCKYV23n /H2RqoLpHxQBB8W1zCLqa87uZCgsLT47OlafTXgy+qgQX/woSTUzV2jE/KFf2ryu 9hD+X2WjllDocGsqeNpMIgYOKeVh0p4jE+G8evf+T9ke9+9E8h0= -----END CERTIFICATE-----Generated at Sat Mar 28 14:26:39 2026 by rpki-client