$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142812.roa File: AS142812.roa (raw, json) Hash identifier: dtwYHuDX9uhw4h4+XW2mhDqYgLuCcG+FFLqqCWasN7I= Subject key identifier: C7:3A:3B:2D:03:04:A8:8E:F6:CC:42:4F:81:5F:AF:2D:3D:12:C7:14 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4A5AC12359A5F77244050662EA578D57C7BB7B95 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142812.roa Signing time: Wed 04 Mar 2026 06:07:05 +0000 ROA not before: Wed 04 Mar 2026 06:02:05 +0000 ROA not after: Wed 03 Mar 2027 06:07:05 +0000 asID: 142812 IP address blocks: 240a:a0a2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:5a:c1:23:59:a5:f7:72:44:05:06:62:ea:57:8d:57:c7:bb:7b:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:05 2026 GMT Not After : Mar 3 06:07:05 2027 GMT Subject: CN=C73A3B2D0304A88EF6CC424F815FAF2D3D12C714 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:9b:54:58:be:23:38:4b:bd:2c:eb:b0:c6:26: 65:5c:07:02:84:c7:88:28:03:f8:51:91:4e:1a:eb: b5:37:e3:a5:8f:02:29:f8:fc:05:13:91:b4:3e:14: ff:02:0b:8a:88:75:ec:dd:1d:33:ec:72:02:c8:46: 9a:09:27:36:c2:ae:ed:68:9c:f9:db:2a:41:96:b9: 46:a8:e6:cd:f5:0a:7e:b9:96:59:ef:31:07:01:89: 97:8f:df:ce:b5:71:2a:7a:de:6f:8c:1c:a3:cc:e7: ae:85:ad:b9:76:96:d2:d9:8d:7f:9f:af:7c:32:c2: 06:fa:6d:c3:a4:d0:9c:59:a9:88:81:4d:74:90:f9: 24:70:bb:e3:38:6a:16:1c:88:4c:2b:cc:1f:1f:aa: b1:42:02:81:26:60:12:00:01:0e:1a:40:e2:22:88: b8:99:df:1c:93:92:db:db:db:49:d0:79:32:d7:b0: ba:f1:b7:85:87:52:3e:06:28:3e:5e:d9:bd:09:58: 57:c2:02:3b:1c:3a:6c:ea:1e:29:db:f6:bf:3b:ea: d5:46:a3:bb:04:0d:79:b0:64:06:35:ab:46:7c:33: 58:35:2b:11:4e:df:06:78:99:33:7b:0c:23:24:78: b4:7c:46:7f:b4:53:5e:37:86:c2:88:c6:8d:6e:0f: 23:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:3A:3B:2D:03:04:A8:8E:F6:CC:42:4F:81:5F:AF:2D:3D:12:C7:14 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142812.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0a2::/32 Signature Algorithm: sha256WithRSAEncryption 3a:dd:c8:f1:be:8d:f3:a1:e9:27:ef:f5:7b:07:8c:b3:55:b8: 48:c7:3a:25:45:fa:16:e0:27:ab:37:e0:c9:4e:09:db:4f:1b: b2:42:b6:84:f0:1a:39:1e:87:6b:ea:d3:71:36:03:44:7b:9d: 0e:75:3d:69:38:ad:e8:d0:27:1b:2b:1f:4c:8f:2d:63:77:6a: a5:88:5f:4d:3d:2a:a0:d8:62:af:10:a9:71:18:7e:47:da:77: 3e:9b:5b:b0:ee:26:09:3a:62:f9:ef:1e:e5:58:64:85:45:fb: 71:65:cd:26:fc:3f:32:67:f4:0f:67:91:a6:5d:22:55:50:20: f9:b3:61:ad:0e:9d:14:f1:8e:9b:6b:59:a5:71:e6:54:87:f8: 28:3a:a2:e9:0a:73:5f:3a:3d:f8:53:fb:63:df:6c:1e:ce:42: fc:8b:18:b8:16:c1:9a:22:f5:87:38:81:2e:0c:16:75:d7:85: 5f:15:df:6b:d9:9c:ba:fb:87:d3:d6:5f:e0:5f:a8:79:e6:02: b9:6c:5d:5b:1c:bd:cb:6e:a8:33:b5:82:b4:4c:2d:b2:da:76: 43:65:bb:c8:02:fa:3f:9c:2c:60:ab:9f:7a:a4:9b:74:38:79: be:f7:3d:84:e3:b4:81:25:f5:1b:4f:49:8a:08:0b:11:64:13: db:d5:f0:cf -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUSlrBI1ml93JEBQZi6leNV8e7e5UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIwNVoX DTI3MDMwMzA2MDcwNVowMzExMC8GA1UEAxMoQzczQTNCMkQwMzA0QTg4RUY2Q0M0 MjRGODE1RkFGMkQzRDEyQzcxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALebVFi+IzhLvSzrsMYmZVwHAoTHiCgD+FGRThrrtTfjpY8CKfj8BRORtD4U /wILioh17N0dM+xyAshGmgknNsKu7Wic+dsqQZa5RqjmzfUKfrmWWe8xBwGJl4/f zrVxKnreb4wco8znroWtuXaW0tmNf5+vfDLCBvptw6TQnFmpiIFNdJD5JHC74zhq FhyITCvMHx+qsUICgSZgEgABDhpA4iKIuJnfHJOS29vbSdB5MtewuvG3hYdSPgYo Pl7ZvQlYV8ICOxw6bOoeKdv2vzvq1UajuwQNebBkBjWrRnwzWDUrEU7fBniZM3sM IyR4tHxGf7RTXjeGwojGjW4PI5kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTHOjst AwSojvbMQk+BX68tPRLHFDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjgxMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oKIwDQYJKoZIhvcNAQELBQADggEBADrdyPG+jfOh6Sfv9XsHjLNVuEjHOiVF+hbg J6s34MlOCdtPG7JCtoTwGjkeh2vq03E2A0R7nQ51PWk4rejQJxsrH0yPLWN3aqWI X009KqDYYq8QqXEYfkfadz6bW7DuJgk6YvnvHuVYZIVF+3FlzSb8PzJn9A9nkaZd IlVQIPmzYa0OnRTxjptrWaVx5lSH+Cg6oukKc186PfhT+2PfbB7OQvyLGLgWwZoi 9Yc4gS4MFnXXhV8V32vZnLr7h9PWX+BfqHnmArlsXVscvctuqDO1grRMLbLadkNl u8gC+j+cLGCrn3qkm3Q4eb73PYTjtIEl9RtPSYoICxFkE9vV8M8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:52 2026 by rpki-client