$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142811.roa File: AS142811.roa (raw, json) Hash identifier: XGAWxHmlLtPTVHDKZXXoNJlk3WxBVQ3+Cp6sG9qrXdc= Subject key identifier: 14:BC:F1:62:88:3C:4A:55:F3:8E:02:C7:21:0E:2F:D0:2E:31:09:B4 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 73F2EFF9CAC3646B68439A75D6A5726EBB7DB173 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142811.roa Signing time: Wed 04 Mar 2026 06:06:16 +0000 ROA not before: Wed 04 Mar 2026 06:01:16 +0000 ROA not after: Wed 03 Mar 2027 06:06:16 +0000 asID: 142811 IP address blocks: 240a:a0a1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:f2:ef:f9:ca:c3:64:6b:68:43:9a:75:d6:a5:72:6e:bb:7d:b1:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:16 2026 GMT Not After : Mar 3 06:06:16 2027 GMT Subject: CN=14BCF162883C4A55F38E02C7210E2FD02E3109B4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:c2:1e:ed:66:69:85:87:4a:b5:db:bd:90:df: 05:71:0d:b5:47:97:f1:21:45:4e:54:2b:c9:b2:a4: cc:1d:1d:73:4a:de:bb:fd:d9:89:c7:21:84:42:8a: 01:e4:5d:e0:51:2d:f0:e1:c3:77:f0:3b:fb:28:40: dc:cf:34:19:fe:e0:64:b3:79:ea:4b:ac:60:7e:ec: 66:ca:2f:d3:33:e2:86:d9:b0:7f:c3:c2:ad:f9:d3: 98:d0:70:6e:c0:9e:f1:e8:4f:5d:7d:74:66:5a:02: 24:1b:45:ef:fd:2b:42:88:53:ad:2d:ae:c1:dc:03: 76:32:84:07:36:59:b1:0f:5f:20:76:47:09:ed:09: fb:cc:54:03:b7:c6:67:cb:b8:66:fb:f2:51:41:9c: a2:e6:af:4b:fc:f5:ac:c3:e9:ec:5f:51:be:2a:82: 86:1c:dc:d9:89:4b:d9:43:56:65:d6:e6:fd:95:8a: bf:ad:d8:58:03:22:15:97:7f:b4:61:57:f1:0b:2d: c6:4f:3d:2f:b3:a0:ee:68:49:06:39:12:29:9d:21: ee:b5:19:63:ac:39:fd:1c:c9:9a:40:30:02:5c:77: 6d:b3:d0:aa:4c:2f:b1:fb:ea:d3:6d:15:3a:5f:c1: 90:aa:cb:a8:1b:8c:da:81:33:aa:d7:57:36:c0:c3: aa:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:BC:F1:62:88:3C:4A:55:F3:8E:02:C7:21:0E:2F:D0:2E:31:09:B4 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142811.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0a1::/32 Signature Algorithm: sha256WithRSAEncryption 55:7f:2f:c1:a5:11:22:d1:44:3c:74:08:32:c5:1c:c4:21:da: ca:92:c9:67:d1:e1:3c:3c:45:10:bb:a9:e4:df:d0:fc:8f:93: 6e:d8:60:db:38:25:a6:63:1d:9b:a4:70:dc:0c:38:0c:9e:7b: 79:95:a5:92:44:45:d3:a6:15:8c:04:e0:0c:90:c4:56:91:a7: 7d:8f:03:73:5d:3b:b1:77:a3:c1:08:bc:c9:61:25:e4:84:b4: 0a:8b:63:0b:ee:de:20:81:43:87:f7:74:3c:99:f4:f0:4b:de: f1:b9:35:87:33:2c:4c:5c:00:aa:ef:8f:a3:b9:e2:5c:5a:1e: e7:86:49:e8:f4:65:34:1f:c5:af:b5:a1:19:77:cb:1e:f8:e0: 72:0c:50:b7:f4:c7:ed:f9:42:8d:bd:6f:32:8e:30:8b:12:a6: 5d:3b:58:3f:e3:90:3f:a0:df:83:58:9e:97:ab:bf:1a:e3:fa: a0:41:b7:97:4d:60:ff:b5:68:86:5b:60:8f:e3:71:1e:28:1b: 85:c8:3f:2b:e9:af:e6:5b:f6:9f:16:f1:d2:bc:a9:ad:7c:5e: 1b:af:a7:04:64:ae:99:13:df:38:10:8c:3e:fd:0f:f5:78:3d: 87:e2:c1:e3:16:44:2d:06:5d:d8:56:39:47:0b:6f:56:17:5d: 91:9d:8f:04 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUc/Lv+crDZGtoQ5p11qVybrt9sXMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDExNloX DTI3MDMwMzA2MDYxNlowMzExMC8GA1UEAxMoMTRCQ0YxNjI4ODNDNEE1NUYzOEUw MkM3MjEwRTJGRDAyRTMxMDlCNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN7CHu1maYWHSrXbvZDfBXENtUeX8SFFTlQrybKkzB0dc0reu/3ZicchhEKK AeRd4FEt8OHDd/A7+yhA3M80Gf7gZLN56kusYH7sZsov0zPihtmwf8PCrfnTmNBw bsCe8ehPXX10ZloCJBtF7/0rQohTrS2uwdwDdjKEBzZZsQ9fIHZHCe0J+8xUA7fG Z8u4ZvvyUUGcouavS/z1rMPp7F9RviqChhzc2YlL2UNWZdbm/ZWKv63YWAMiFZd/ tGFX8Qstxk89L7Og7mhJBjkSKZ0h7rUZY6w5/RzJmkAwAlx3bbPQqkwvsfvq020V Ol/BkKrLqBuM2oEzqtdXNsDDqt8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQUvPFi iDxKVfOOAschDi/QLjEJtDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjgxMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oKEwDQYJKoZIhvcNAQELBQADggEBAFV/L8GlESLRRDx0CDLFHMQh2sqSyWfR4Tw8 RRC7qeTf0PyPk27YYNs4JaZjHZukcNwMOAyee3mVpZJERdOmFYwE4AyQxFaRp32P A3NdO7F3o8EIvMlhJeSEtAqLYwvu3iCBQ4f3dDyZ9PBL3vG5NYczLExcAKrvj6O5 4lxaHueGSej0ZTQfxa+1oRl3yx744HIMULf0x+35Qo29bzKOMIsSpl07WD/jkD+g 34NYnpervxrj+qBBt5dNYP+1aIZbYI/jcR4oG4XIPyvpr+Zb9p8W8dK8qa18Xhuv pwRkrpkT3zgQjD79D/V4PYfiweMWRC0GXdhWOUcLb1YXXZGdjwQ= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:11 2026 by rpki-client