$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142809.roa File: AS142809.roa (raw, json) Hash identifier: ek7YPVD6AbR2x1LnAS7Sscfi86CA+2Wm6++VZUnrimk= Subject key identifier: 56:87:C0:7D:08:BC:10:2D:1E:F7:BD:A1:A4:79:BC:9B:06:6B:DA:39 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 21B4D0C9A2C84FFE10DD3D50B3699DA998A4A221 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142809.roa Signing time: Wed 04 Mar 2026 06:06:01 +0000 ROA not before: Wed 04 Mar 2026 06:01:01 +0000 ROA not after: Wed 03 Mar 2027 06:06:01 +0000 asID: 142809 IP address blocks: 240a:a09f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:b4:d0:c9:a2:c8:4f:fe:10:dd:3d:50:b3:69:9d:a9:98:a4:a2:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:01 2026 GMT Not After : Mar 3 06:06:01 2027 GMT Subject: CN=5687C07D08BC102D1EF7BDA1A479BC9B066BDA39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:cd:bc:ed:72:5d:44:a6:12:7b:7c:c3:74:82: d5:e5:43:89:82:28:c6:20:02:6a:e1:d5:af:e5:8f: 2a:b5:05:9e:e0:d0:cf:28:fb:24:33:d2:64:08:2b: d4:35:09:b7:44:3f:38:34:94:48:05:44:e6:d9:5e: cb:26:60:24:b2:ed:f8:b2:6f:2b:ab:f0:7d:3f:cd: 24:94:0b:3f:05:58:64:16:e6:4e:65:97:be:1e:59: 2b:43:71:83:86:cb:c8:4b:2a:70:cf:ce:be:d8:3a: 7a:55:50:ac:23:da:91:0a:7e:dc:88:99:7e:65:98: e3:0c:d6:9a:89:51:1a:9e:3c:6e:6b:4a:90:7f:24: c9:28:8e:e7:b6:c8:fb:99:f0:db:87:7e:b6:16:24: 74:a1:25:70:1f:bb:56:91:90:dd:98:c7:ff:57:3c: 2d:2c:9f:4a:04:37:d1:08:3c:72:c8:6f:ed:d6:e5: fc:18:b4:ff:c8:c1:21:ab:ee:ab:da:9f:0e:a9:e2: e2:47:00:07:b1:a9:33:7e:ee:b9:87:84:40:65:0d: e1:02:b3:03:fa:1a:96:bc:f7:b7:47:3b:f4:61:cc: b2:81:de:78:6d:3b:ab:2c:68:40:1c:a0:3a:73:57: 95:09:69:23:da:9e:e1:c0:ae:e3:3e:19:da:d8:f3: bf:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:87:C0:7D:08:BC:10:2D:1E:F7:BD:A1:A4:79:BC:9B:06:6B:DA:39 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142809.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a09f::/32 Signature Algorithm: sha256WithRSAEncryption c1:cb:03:b9:06:ac:ef:55:1e:3d:a3:96:60:ca:e7:6b:4a:5a: 05:04:8e:1f:82:71:25:8c:56:bf:22:ec:b2:b9:e9:3b:1f:e1: 7c:c0:e8:b1:77:78:8d:40:b9:f3:d3:e6:3c:26:d1:5a:24:26: c0:e3:d9:31:0a:60:a7:31:7f:4b:f9:56:cf:e9:06:77:ed:4b: 2e:39:44:b9:0c:bb:e6:f4:3f:9d:30:de:64:6f:de:ae:42:01: 17:38:36:67:f1:cb:d3:0a:74:f2:cb:1a:f6:55:06:36:28:90: 40:f4:0b:17:fc:ee:4b:53:2a:88:73:ea:93:4b:70:15:3a:e2: c4:3b:b0:c6:03:67:c2:a6:73:74:84:51:4f:19:3f:fb:41:48: f7:e1:2a:54:38:c6:ab:42:9d:90:ed:06:14:cb:9d:9e:58:4b: a8:c3:0b:95:c4:1f:01:69:9f:f6:dd:c4:bb:d2:b3:dc:48:7c: 59:d0:1f:61:a1:ac:19:65:96:7d:a6:d4:72:7e:9c:46:78:b8: 83:e3:fb:99:2e:a3:c5:4a:c7:24:77:32:e1:7f:ac:bd:54:23: 03:b5:61:00:42:83:9c:4d:f9:a2:2a:1f:e9:d8:69:c1:73:25: e3:0a:50:1e:bd:d3:68:89:5b:d7:59:55:dc:b8:2f:e1:62:4c: 41:0c:b5:25 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUIbTQyaLIT/4Q3T1Qs2mdqZikoiEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEwMVoX DTI3MDMwMzA2MDYwMVowMzExMC8GA1UEAxMoNTY4N0MwN0QwOEJDMTAyRDFFRjdC REExQTQ3OUJDOUIwNjZCREEzOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJjNvO1yXUSmEnt8w3SC1eVDiYIoxiACauHVr+WPKrUFnuDQzyj7JDPSZAgr 1DUJt0Q/ODSUSAVE5tleyyZgJLLt+LJvK6vwfT/NJJQLPwVYZBbmTmWXvh5ZK0Nx g4bLyEsqcM/Ovtg6elVQrCPakQp+3IiZfmWY4wzWmolRGp48bmtKkH8kySiO57bI +5nw24d+thYkdKElcB+7VpGQ3ZjH/1c8LSyfSgQ30Qg8cshv7dbl/Bi0/8jBIavu q9qfDqni4kcAB7GpM37uuYeEQGUN4QKzA/oalrz3t0c79GHMsoHeeG07qyxoQByg OnNXlQlpI9qe4cCu4z4Z2tjzv60CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRWh8B9 CLwQLR73vaGkebybBmvaOTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjgwOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oJ8wDQYJKoZIhvcNAQELBQADggEBAMHLA7kGrO9VHj2jlmDK52tKWgUEjh+CcSWM Vr8i7LK56Tsf4XzA6LF3eI1AufPT5jwm0VokJsDj2TEKYKcxf0v5Vs/pBnftSy45 RLkMu+b0P50w3mRv3q5CARc4Nmfxy9MKdPLLGvZVBjYokED0Cxf87ktTKohz6pNL cBU64sQ7sMYDZ8Kmc3SEUU8ZP/tBSPfhKlQ4xqtCnZDtBhTLnZ5YS6jDC5XEHwFp n/bdxLvSs9xIfFnQH2GhrBllln2m1HJ+nEZ4uIPj+5kuo8VKxyR3MuF/rL1UIwO1 YQBCg5xN+aIqH+nYacFzJeMKUB6902iJW9dZVdy4L+FiTEEMtSU= -----END CERTIFICATE-----Generated at Sat Mar 28 13:13:41 2026 by rpki-client