$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142808.roa File: AS142808.roa (raw, json) Hash identifier: nB1bEFZUWLLP6BYr8dpATJuriFrgdTnT5T4mjimix4k= Subject key identifier: AC:10:37:EB:2A:04:ED:61:0A:81:A0:28:59:C8:67:E7:6F:8B:B8:85 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3FA16A52CDB1DAAC31C52BDC2A27F4E1C09498EC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142808.roa Signing time: Wed 04 Mar 2026 06:07:43 +0000 ROA not before: Wed 04 Mar 2026 06:02:43 +0000 ROA not after: Wed 03 Mar 2027 06:07:43 +0000 asID: 142808 IP address blocks: 240a:a09e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:a1:6a:52:cd:b1:da:ac:31:c5:2b:dc:2a:27:f4:e1:c0:94:98:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:43 2026 GMT Not After : Mar 3 06:07:43 2027 GMT Subject: CN=AC1037EB2A04ED610A81A02859C867E76F8BB885 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:59:22:4d:ac:68:66:dd:8b:41:88:ac:2b:86: 57:9d:b5:11:c9:6d:23:db:d1:3b:1a:3f:fd:2f:41: 34:4e:7a:ef:2b:00:ab:27:39:64:41:11:31:40:ae: 33:a3:2e:89:c8:59:ea:6e:62:11:22:e2:68:b8:54: ac:d6:75:3a:aa:78:00:6b:90:ad:d0:e7:57:cd:e5: c6:20:c2:9f:b3:e8:c5:41:69:56:a7:a1:02:cf:cf: 31:02:db:45:d1:87:31:5c:ff:5e:30:a9:b1:99:40: 10:0e:a6:a5:c9:39:7d:40:ce:5d:23:2d:d0:3b:86: 7d:7d:56:a6:99:0a:c9:e6:9a:4a:b7:6c:f1:18:08: 57:7c:8b:9c:56:07:18:44:04:50:75:01:13:bd:d8: 15:ea:48:7b:40:30:60:dd:a5:a9:1c:a4:df:ff:37: c6:e4:f1:6c:dc:6f:b1:1a:7b:dd:0d:4d:fa:61:d9: 5f:30:ec:29:18:b8:df:88:1c:9f:e4:e7:a4:dc:85: 83:04:1e:c8:f4:e7:f2:5d:02:15:65:67:0a:a8:bd: 3c:b3:b5:34:b2:46:e8:0c:c5:1e:6e:bc:13:3d:7d: 7f:be:d7:3d:c0:c9:d5:aa:48:6a:9e:94:af:60:ba: b5:99:cf:0f:29:26:ce:8f:60:b1:51:39:e8:31:68: a7:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:10:37:EB:2A:04:ED:61:0A:81:A0:28:59:C8:67:E7:6F:8B:B8:85 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142808.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a09e::/32 Signature Algorithm: sha256WithRSAEncryption cc:0d:36:e5:77:33:7c:94:3a:7f:73:74:a8:7a:53:1a:08:38: 76:e8:5e:9d:62:c5:3a:5b:82:c5:97:2c:91:3a:3b:bc:cf:d0: f1:d6:3c:c3:98:ef:3d:f2:94:c4:86:ad:2c:13:72:c9:1b:90: fb:3c:1a:94:66:d9:a9:80:e3:af:3c:b7:82:ff:56:16:e0:f3: e6:fb:7b:62:9a:1c:73:e2:f7:c5:59:46:19:45:7e:3d:92:e5: d5:81:31:14:d1:65:c2:62:3b:f4:f4:5c:7c:a9:79:f9:f4:b9: 8c:15:a7:25:f2:2d:a2:79:56:96:89:85:d3:c8:76:8a:b8:85: c3:5f:06:74:c9:ae:8a:61:93:80:9a:ca:bf:5e:6a:d1:48:50: 2c:9f:93:dd:82:dd:78:98:0c:f0:96:09:9b:3b:ec:0e:29:8a: 00:60:4d:e1:bd:21:1d:51:e8:8b:88:68:53:40:e8:f1:b5:42: 63:e2:13:22:e6:6f:cd:bd:a2:13:6a:e4:19:17:a5:44:2f:5b: 43:b5:22:99:b2:30:6a:fd:a4:34:f4:57:29:eb:29:1e:2c:d6: 2d:70:a5:3f:ce:e3:ba:cc:b1:4d:d1:7c:7d:47:fe:33:c7:7d: 18:33:b3:d6:51:28:82:ed:48:81:45:ee:27:4a:dc:36:52:15: 67:7e:5c:ab -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUP6FqUs2x2qwxxSvcKif04cCUmOwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI0M1oX DTI3MDMwMzA2MDc0M1owMzExMC8GA1UEAxMoQUMxMDM3RUIyQTA0RUQ2MTBBODFB MDI4NTlDODY3RTc2RjhCQjg4NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKxZIk2saGbdi0GIrCuGV521EcltI9vROxo//S9BNE567ysAqyc5ZEERMUCu M6MuichZ6m5iESLiaLhUrNZ1Oqp4AGuQrdDnV83lxiDCn7PoxUFpVqehAs/PMQLb RdGHMVz/XjCpsZlAEA6mpck5fUDOXSMt0DuGfX1WppkKyeaaSrds8RgIV3yLnFYH GEQEUHUBE73YFepIe0AwYN2lqRyk3/83xuTxbNxvsRp73Q1N+mHZXzDsKRi434gc n+TnpNyFgwQeyPTn8l0CFWVnCqi9PLO1NLJG6AzFHm68Ez19f77XPcDJ1apIap6U r2C6tZnPDykmzo9gsVE56DFop18CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSsEDfr KgTtYQqBoChZyGfnb4u4hTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjgwOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oJ4wDQYJKoZIhvcNAQELBQADggEBAMwNNuV3M3yUOn9zdKh6UxoIOHboXp1ixTpb gsWXLJE6O7zP0PHWPMOY7z3ylMSGrSwTcskbkPs8GpRm2amA4688t4L/Vhbg8+b7 e2KaHHPi98VZRhlFfj2S5dWBMRTRZcJiO/T0XHypefn0uYwVpyXyLaJ5VpaJhdPI doq4hcNfBnTJrophk4Cayr9eatFIUCyfk92C3XiYDPCWCZs77A4pigBgTeG9IR1R 6IuIaFNA6PG1QmPiEyLmb829ohNq5BkXpUQvW0O1IpmyMGr9pDT0VynrKR4s1i1w pT/O47rMsU3RfH1H/jPHfRgzs9ZRKILtSIFF7idK3DZSFWd+XKs= -----END CERTIFICATE-----Generated at Sat Mar 28 13:15:14 2026 by rpki-client