$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142803.roa File: AS142803.roa (raw, json) Hash identifier: u3XgLzlcarvnTdRLNtCtTSjRg9oqLT4bEUhk1SxlV5c= Subject key identifier: 85:62:37:0B:B0:E3:A3:39:AC:F0:E4:2A:90:1C:0A:D6:22:78:6E:DA Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2D257238677E9A3C4C15C66C3D0DB61E62F73E0C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142803.roa Signing time: Wed 04 Mar 2026 06:07:12 +0000 ROA not before: Wed 04 Mar 2026 06:02:12 +0000 ROA not after: Wed 03 Mar 2027 06:07:12 +0000 asID: 142803 IP address blocks: 240a:a099::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:25:72:38:67:7e:9a:3c:4c:15:c6:6c:3d:0d:b6:1e:62:f7:3e:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:12 2026 GMT Not After : Mar 3 06:07:12 2027 GMT Subject: CN=8562370BB0E3A339ACF0E42A901C0AD622786EDA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:aa:5f:cc:a0:39:39:68:71:c3:57:f7:65:9f: 07:ab:11:4f:25:21:5b:7b:c2:a0:cb:e2:ad:1d:0e: 42:27:61:c4:84:30:f2:a2:af:2f:cf:d0:52:7a:dd: 04:95:27:e9:81:4d:4f:2c:58:33:80:fd:af:ef:ab: b5:0f:a1:4b:56:e0:94:b3:69:d7:82:ee:96:63:5d: ed:0b:a7:32:63:02:3f:3a:c3:3d:1c:20:48:a8:71: a7:a3:9c:41:f9:a0:db:92:44:9d:5b:ae:1e:7d:4e: 40:43:4a:de:58:2b:b0:a0:9f:a0:ad:7c:d2:28:e5: 8f:10:22:68:2b:39:9d:7a:66:05:ca:e2:7c:c9:a4: 19:60:e0:fd:85:11:23:4a:ca:27:18:9d:fd:ea:ef: 13:4e:f1:fe:5e:a6:39:8e:b4:7e:8e:b8:69:c9:7c: a4:82:a1:9f:91:ec:91:e9:b5:ee:95:3f:22:86:63: ec:40:59:04:65:32:57:80:ae:a5:39:28:36:18:ee: 5b:fe:8a:68:55:39:1d:75:44:fe:e3:26:ed:0d:1f: 7e:f8:ae:9f:07:79:83:34:89:8a:8e:e0:57:6e:20: e6:32:85:b6:43:e1:79:c0:44:66:f9:7d:69:8f:2a: 4e:70:9c:73:1d:10:ca:ab:97:9d:56:e7:93:77:95: db:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:62:37:0B:B0:E3:A3:39:AC:F0:E4:2A:90:1C:0A:D6:22:78:6E:DA X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142803.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a099::/32 Signature Algorithm: sha256WithRSAEncryption 12:11:e3:e9:e1:e1:71:2a:63:43:ce:2f:09:fb:5b:33:d2:b3: 67:ac:2b:32:9e:da:4b:84:24:75:77:a7:e7:d4:9c:86:74:e5: ff:3f:7d:a6:27:50:79:65:3c:70:cc:b2:7b:0e:b8:d0:e2:f2: 19:4d:4f:9e:5f:9c:b6:58:de:dd:28:28:d6:1e:48:9c:97:8e: 00:84:88:b1:f2:8a:63:d4:84:d5:04:ff:14:50:a1:f5:b8:2f: 83:3f:82:79:ac:1b:24:fc:a8:eb:03:3a:4d:da:6e:f9:b4:e1: 05:ff:58:51:07:11:1f:e0:bd:24:5d:34:2f:20:72:d8:f8:6b: 81:68:c9:14:e2:ad:dd:1d:3d:8f:04:61:37:0f:92:b8:3c:1a: a2:97:fa:0f:46:34:ec:a6:0b:3e:d0:75:e7:8d:0f:83:3c:5c: 39:66:72:2f:0e:32:66:54:48:ea:3b:5c:c0:41:87:17:0f:9a: 8b:90:a2:ff:99:4f:c8:61:53:86:a8:81:21:e8:a0:f5:47:7e: 90:04:c4:00:2f:a0:b9:1d:a0:1e:bd:83:0f:bc:dd:8e:4d:00: b6:21:15:15:d7:c9:c4:ea:38:ee:87:f4:91:42:81:d2:71:73: 3c:7f:ef:71:aa:56:d4:94:cf:9b:9e:29:45:e9:44:80:f8:f3: 50:c3:80:ee -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULSVyOGd+mjxMFcZsPQ22HmL3PgwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIxMloX DTI3MDMwMzA2MDcxMlowMzExMC8GA1UEAxMoODU2MjM3MEJCMEUzQTMzOUFDRjBF NDJBOTAxQzBBRDYyMjc4NkVEQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK+qX8ygOTloccNX92WfB6sRTyUhW3vCoMvirR0OQidhxIQw8qKvL8/QUnrd BJUn6YFNTyxYM4D9r++rtQ+hS1bglLNp14LulmNd7QunMmMCPzrDPRwgSKhxp6Oc Qfmg25JEnVuuHn1OQENK3lgrsKCfoK180ijljxAiaCs5nXpmBcrifMmkGWDg/YUR I0rKJxid/ervE07x/l6mOY60fo64acl8pIKhn5Hskem17pU/IoZj7EBZBGUyV4Cu pTkoNhjuW/6KaFU5HXVE/uMm7Q0ffviunwd5gzSJio7gV24g5jKFtkPhecBEZvl9 aY8qTnCccx0QyquXnVbnk3eV2w8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSFYjcL sOOjOazw5CqQHArWInhu2jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjgwMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oJkwDQYJKoZIhvcNAQELBQADggEBABIR4+nh4XEqY0POLwn7WzPSs2esKzKe2kuE JHV3p+fUnIZ05f8/faYnUHllPHDMsnsOuNDi8hlNT55fnLZY3t0oKNYeSJyXjgCE iLHyimPUhNUE/xRQofW4L4M/gnmsGyT8qOsDOk3abvm04QX/WFEHER/gvSRdNC8g ctj4a4FoyRTird0dPY8EYTcPkrg8GqKX+g9GNOymCz7QdeeND4M8XDlmci8OMmZU SOo7XMBBhxcPmouQov+ZT8hhU4aogSHooPVHfpAExAAvoLkdoB69gw+83Y5NALYh FRXXycTqOO6H9JFCgdJxczx/73GqVtSUz5ueKUXpRID481DDgO4= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:13 2026 by rpki-client