$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142799.roa File: AS142799.roa (raw, json) Hash identifier: /htfnjszfYkIxDpQHmz7DbvmwFceMWC1fGbK9u127EY= Subject key identifier: 6D:D9:34:CC:99:7E:AA:DC:9A:8F:12:83:8B:29:83:FF:B8:A6:C4:68 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5AF4D6D9D85C9F8AE623DCD6711B8D02BD1E431C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142799.roa Signing time: Wed 04 Mar 2026 06:06:52 +0000 ROA not before: Wed 04 Mar 2026 06:01:52 +0000 ROA not after: Wed 03 Mar 2027 06:06:52 +0000 asID: 142799 IP address blocks: 240a:a095::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:f4:d6:d9:d8:5c:9f:8a:e6:23:dc:d6:71:1b:8d:02:bd:1e:43:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:52 2026 GMT Not After : Mar 3 06:06:52 2027 GMT Subject: CN=6DD934CC997EAADC9A8F12838B2983FFB8A6C468 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:2d:22:c0:15:63:74:5c:61:e2:4e:e4:c6:5a: 10:56:b7:52:54:17:59:da:b6:ac:f7:86:53:7e:04: 59:76:ee:ef:02:50:37:73:5a:0b:64:84:6a:9b:20: 93:3c:b4:69:9c:53:ef:86:a1:c0:6e:52:fb:4c:f6: 51:a9:ce:53:ea:01:b0:90:c3:a6:69:d2:47:c3:d6: 6a:2b:8c:3e:81:39:c1:cb:f0:c4:4b:92:ab:23:1e: 76:c3:3b:00:11:3b:fa:b4:d1:0d:8d:36:35:f4:8f: 6b:cd:9e:7f:2e:1c:a4:5c:36:87:4b:8a:46:69:5a: e0:4a:40:76:6d:a6:ab:80:7b:fd:ee:b8:d1:88:83: b9:a8:44:66:1e:83:43:4b:4a:d4:dd:b2:70:d1:a3: 1d:40:0d:f4:1e:81:2a:3a:58:a9:31:6e:54:3c:d7: e8:65:07:47:b6:de:15:a2:4e:4d:80:76:55:a4:1f: 27:50:7c:39:33:48:45:e2:f7:16:a0:6d:0a:7f:e1: 50:a5:19:bc:61:44:26:47:e3:d7:8e:31:2e:4f:7c: 81:a2:24:86:1f:d3:db:1d:0d:1b:94:6e:32:8f:85: 6a:92:95:56:09:aa:bf:12:56:9b:59:7b:30:2a:69: 04:ab:02:4d:fc:a4:7e:c6:b9:7b:7d:3b:b0:01:7f: 25:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:D9:34:CC:99:7E:AA:DC:9A:8F:12:83:8B:29:83:FF:B8:A6:C4:68 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142799.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a095::/32 Signature Algorithm: sha256WithRSAEncryption ba:9e:a8:bc:38:66:bd:6e:2c:41:30:19:b6:e9:9c:8d:39:f5: 97:6d:87:57:df:c3:38:ae:2d:a5:ef:28:b1:03:85:32:01:09: 6d:96:f3:1f:f6:77:39:c7:5d:2e:c1:76:f8:a8:3c:ab:9e:33: 91:24:58:29:6b:bc:37:63:60:4e:16:48:d8:99:ef:a1:bc:4e: 39:4e:15:86:b4:61:5b:85:c4:3f:73:1e:93:e0:76:dc:a0:c9: 10:c2:64:61:25:27:bf:26:9d:1c:ed:b2:ed:18:af:99:93:9f: cc:83:8e:dd:17:78:bc:0c:86:eb:f1:0e:87:b7:68:6c:33:3f: d4:c6:3a:fa:fc:50:53:5b:87:62:4b:79:bd:ac:86:6e:0c:dc: 95:13:4c:78:c2:27:09:80:64:e0:a4:fe:f5:1a:61:2c:a3:03: 2f:5e:37:2e:41:fb:32:31:00:4a:bc:36:9d:2c:2f:63:d8:25: 67:0b:a1:02:b5:26:10:57:5b:8f:88:19:1c:1e:b9:24:86:d2: 1b:a9:65:81:cb:4c:0b:ab:0c:25:f0:a8:99:ec:22:61:a4:74: 77:90:a5:e2:35:06:1e:15:38:6e:40:69:f6:66:8f:ec:8d:07: 0d:1a:21:6a:b9:6b:d5:6e:29:23:12:f9:15:a3:04:f5:c3:2d: c1:1e:e8:6b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWvTW2dhcn4rmI9zWcRuNAr0eQxwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE1MloX DTI3MDMwMzA2MDY1MlowMzExMC8GA1UEAxMoNkREOTM0Q0M5OTdFQUFEQzlBOEYx MjgzOEIyOTgzRkZCOEE2QzQ2ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIstIsAVY3RcYeJO5MZaEFa3UlQXWdq2rPeGU34EWXbu7wJQN3NaC2SEapsg kzy0aZxT74ahwG5S+0z2UanOU+oBsJDDpmnSR8PWaiuMPoE5wcvwxEuSqyMedsM7 ABE7+rTRDY02NfSPa82efy4cpFw2h0uKRmla4EpAdm2mq4B7/e640YiDuahEZh6D Q0tK1N2ycNGjHUAN9B6BKjpYqTFuVDzX6GUHR7beFaJOTYB2VaQfJ1B8OTNIReL3 FqBtCn/hUKUZvGFEJkfj144xLk98gaIkhh/T2x0NG5RuMo+FapKVVgmqvxJWm1l7 MCppBKsCTfykfsa5e307sAF/JUcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRt2TTM mX6q3JqPEoOLKYP/uKbEaDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjc5OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oJUwDQYJKoZIhvcNAQELBQADggEBALqeqLw4Zr1uLEEwGbbpnI059Zdth1ffwziu LaXvKLEDhTIBCW2W8x/2dznHXS7BdvioPKueM5EkWClrvDdjYE4WSNiZ76G8TjlO FYa0YVuFxD9zHpPgdtygyRDCZGElJ78mnRztsu0Yr5mTn8yDjt0XeLwMhuvxDoe3 aGwzP9TGOvr8UFNbh2JLeb2shm4M3JUTTHjCJwmAZOCk/vUaYSyjAy9eNy5B+zIx AEq8Np0sL2PYJWcLoQK1JhBXW4+IGRweuSSG0hupZYHLTAurDCXwqJnsImGkdHeQ peI1Bh4VOG5AafZmj+yNBw0aIWq5a9VuKSMS+RWjBPXDLcEe6Gs= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:49 2026 by rpki-client