$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142801.roa File: AS142801.roa (raw, json) Hash identifier: AOkTCMrfSt0hsHpf4ZHqSwjAk5IAo8ro4Ao8kJUW9Y4= Subject key identifier: 97:EE:56:BB:96:8B:D5:36:BE:0F:61:39:45:2A:D7:23:4A:04:44:C2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 55D7FE1E72DEC47A0B433FD3CF38AFEF5A82320E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142801.roa Signing time: Wed 04 Mar 2026 06:06:02 +0000 ROA not before: Wed 04 Mar 2026 06:01:02 +0000 ROA not after: Wed 03 Mar 2027 06:06:02 +0000 asID: 142801 IP address blocks: 240a:a097::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:d7:fe:1e:72:de:c4:7a:0b:43:3f:d3:cf:38:af:ef:5a:82:32:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:02 2026 GMT Not After : Mar 3 06:06:02 2027 GMT Subject: CN=97EE56BB968BD536BE0F6139452AD7234A0444C2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:72:16:fc:4c:15:df:5c:4e:aa:cb:7a:9e:14: 3b:8a:29:e0:04:d6:d3:46:9e:85:39:c9:1b:b5:63: 2c:bd:99:cb:19:3a:9e:b5:22:fd:a0:ae:31:ae:d4: 1f:49:57:20:40:ff:63:65:81:7c:93:f2:97:f0:62: 28:87:2b:71:2c:54:93:be:bb:22:ed:90:5f:77:e0: 09:6a:f9:57:c1:bd:e3:9a:9f:8d:9b:b8:0e:ac:e7: 8f:b0:f8:79:e2:a1:4c:07:4e:0c:15:e5:c0:76:9e: ce:9f:51:59:a6:63:b2:a7:28:04:73:ac:28:03:80: d5:90:f3:fb:38:37:ce:e6:12:b8:06:01:13:92:1e: 5a:35:79:8b:03:67:57:e3:e5:20:f8:46:a3:99:68: 64:31:64:41:40:81:9d:5f:26:21:e8:1e:7d:d8:57: a6:bf:69:a2:d7:54:19:3e:fb:3a:82:68:ec:e8:a1: 2c:cb:57:50:46:f7:d1:c3:03:de:f9:50:ef:ee:05: 7f:57:88:d1:69:43:95:8f:30:64:13:da:5c:88:f1: b8:68:37:05:98:bd:ba:85:84:77:af:cc:c2:09:74: cc:12:77:dc:6d:e3:f8:51:01:79:b4:1a:f5:32:8c: 09:a6:ce:ef:d4:0e:64:a4:36:b1:fd:88:e9:84:32: dc:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:EE:56:BB:96:8B:D5:36:BE:0F:61:39:45:2A:D7:23:4A:04:44:C2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142801.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a097::/32 Signature Algorithm: sha256WithRSAEncryption 7b:ea:da:35:16:e3:36:df:c6:02:b8:c2:eb:71:d5:b9:ef:06: bc:e8:49:d1:39:21:be:ac:49:66:fd:70:a0:78:81:b3:6c:b2: 8c:51:4a:9e:10:4c:83:69:5e:6c:21:d1:a9:ed:a6:98:3c:5f: b0:19:dd:2b:1b:0a:4a:15:1d:a7:fd:5d:89:35:d9:df:f3:b9: 3d:a8:05:fa:89:70:3c:de:ac:9b:9b:e1:20:0f:aa:8d:9d:d1: 72:0c:ea:57:fe:1c:e8:b0:1c:6f:41:ae:e6:db:30:1b:28:4b: 1f:c9:ef:7a:fd:4d:33:92:34:12:9f:c0:62:81:b5:e3:28:ca: 48:44:12:a8:e8:02:40:f6:af:80:ee:db:b2:2b:9a:5d:f5:b4: d1:5b:cd:5c:22:ec:22:27:f9:c3:75:9b:d0:49:26:f3:86:88: 68:b6:d1:f9:41:b4:59:20:25:e1:23:2c:aa:fd:b8:3f:41:8c: a3:cf:cb:63:63:05:cf:fa:3d:50:6e:58:91:11:8a:37:64:78: 2b:da:61:0f:f6:79:9a:c5:52:7e:f8:0c:0f:fe:e3:06:f7:0b: 76:3b:02:05:4e:b3:e3:c7:67:04:0d:33:2b:de:18:a9:de:c4: 87:af:a7:78:42:68:b8:47:a7:07:c2:ed:1a:bb:b4:87:a0:49: c1:ea:99:4e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVdf+HnLexHoLQz/Tzziv71qCMg4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEwMloX DTI3MDMwMzA2MDYwMlowMzExMC8GA1UEAxMoOTdFRTU2QkI5NjhCRDUzNkJFMEY2 MTM5NDUyQUQ3MjM0QTA0NDRDMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMNyFvxMFd9cTqrLep4UO4op4ATW00aehTnJG7VjLL2Zyxk6nrUi/aCuMa7U H0lXIED/Y2WBfJPyl/BiKIcrcSxUk767Iu2QX3fgCWr5V8G945qfjZu4Dqznj7D4 eeKhTAdODBXlwHaezp9RWaZjsqcoBHOsKAOA1ZDz+zg3zuYSuAYBE5IeWjV5iwNn V+PlIPhGo5loZDFkQUCBnV8mIegefdhXpr9potdUGT77OoJo7OihLMtXUEb30cMD 3vlQ7+4Ff1eI0WlDlY8wZBPaXIjxuGg3BZi9uoWEd6/Mwgl0zBJ33G3j+FEBebQa 9TKMCabO79QOZKQ2sf2I6YQy3DcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSX7la7 lovVNr4PYTlFKtcjSgREwjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjgwMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oJcwDQYJKoZIhvcNAQELBQADggEBAHvq2jUW4zbfxgK4wutx1bnvBrzoSdE5Ib6s SWb9cKB4gbNssoxRSp4QTINpXmwh0antppg8X7AZ3SsbCkoVHaf9XYk12d/zuT2o BfqJcDzerJub4SAPqo2d0XIM6lf+HOiwHG9BrubbMBsoSx/J73r9TTOSNBKfwGKB teMoykhEEqjoAkD2r4Du27Irml31tNFbzVwi7CIn+cN1m9BJJvOGiGi20flBtFkg JeEjLKr9uD9BjKPPy2NjBc/6PVBuWJERijdkeCvaYQ/2eZrFUn74DA/+4wb3C3Y7 AgVOs+PHZwQNMyveGKnexIevp3hCaLhHpwfC7Rq7tIegScHqmU4= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:36 2026 by rpki-client