$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142817.roa File: AS142817.roa (raw, json) Hash identifier: JbR71uhNy2RWyhz4q6bnm1/pJ7HDdv7ngTJHYd76QqQ= Subject key identifier: D8:81:D4:3C:2E:F9:8C:1F:CC:AB:73:C3:1F:F3:FC:70:D3:FA:E5:1F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3548D0B4005B18B1C13443011845C8EF6E446E71 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142817.roa Signing time: Wed 04 Mar 2026 06:06:20 +0000 ROA not before: Wed 04 Mar 2026 06:01:20 +0000 ROA not after: Wed 03 Mar 2027 06:06:20 +0000 asID: 142817 IP address blocks: 240a:a0a7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:48:d0:b4:00:5b:18:b1:c1:34:43:01:18:45:c8:ef:6e:44:6e:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:20 2026 GMT Not After : Mar 3 06:06:20 2027 GMT Subject: CN=D881D43C2EF98C1FCCAB73C31FF3FC70D3FAE51F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:5d:78:52:ed:75:ea:af:24:b9:17:0e:47:e9: 2f:6b:f2:fd:14:10:51:a8:2c:74:79:a3:4b:e9:6b: 71:eb:ac:01:26:0c:cc:a4:ea:6f:2a:40:78:29:6c: d4:dc:b5:68:2e:94:40:1d:d4:46:6d:e6:a4:16:d9: 06:00:2d:04:f0:a8:55:19:e1:ca:c1:8c:46:31:b4: 8f:a8:6b:84:53:e5:b8:7a:5d:fb:2e:97:8e:83:79: e7:0b:82:9b:f1:11:2a:d0:f7:70:10:53:54:7e:82: 67:24:ca:fe:f0:f0:f5:2e:75:72:9f:7f:3a:e9:38: 2b:35:f1:08:ac:9b:a1:8c:3a:e0:a6:35:7a:95:9c: 31:0b:d2:55:da:b9:9f:02:d7:cf:ec:4c:34:5b:70: 58:c1:c8:45:25:61:a6:bf:44:e0:f7:77:01:fd:b3: 84:9e:0e:a4:d3:b9:aa:85:36:fc:56:21:82:74:a5: 07:cc:0d:df:fa:a8:6b:e5:9f:5a:bc:77:e6:ac:2d: a4:27:e2:0a:57:82:9b:be:05:4c:ad:10:fe:6b:97: 93:50:db:bc:d7:69:e2:e5:5a:27:fa:e9:14:73:ed: 34:4a:9b:f7:24:2a:39:a6:70:8c:08:9f:4e:16:c9: dd:8d:5b:ff:7c:ca:9f:da:d1:bc:87:d6:bb:d1:a1: 88:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:81:D4:3C:2E:F9:8C:1F:CC:AB:73:C3:1F:F3:FC:70:D3:FA:E5:1F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142817.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0a7::/32 Signature Algorithm: sha256WithRSAEncryption 25:c3:42:4f:0b:50:23:08:88:a7:cf:89:aa:7d:f0:9e:a7:ac: a6:88:fb:56:b8:ce:83:f6:9d:51:44:ff:39:b6:53:e9:25:c8: bc:38:ef:6c:95:55:65:fa:ce:06:1c:86:fb:cf:dd:3a:a1:19: 3e:38:c8:99:a7:2b:a4:dd:9b:2c:27:12:84:d4:31:f8:c7:f6: f9:9e:d2:97:42:64:64:a1:bb:38:2c:ca:b7:e4:7c:aa:01:8a: 92:2b:8b:cd:aa:b0:50:f4:66:03:00:92:71:ba:11:b1:1f:4a: d5:c4:b8:92:86:ef:7f:20:1d:c1:32:15:c4:1e:1f:02:79:9b: 8c:39:e4:92:16:f0:8c:67:e1:a4:dd:55:be:32:7c:17:8d:0f: dd:2c:e1:b9:32:d9:e8:ff:8c:58:1d:56:39:65:d3:fd:7c:a7: fe:03:f3:ca:28:24:93:97:ef:f4:c2:2f:87:ba:d3:4d:90:57: d5:43:79:d9:6a:4e:d5:74:1d:c9:fd:f9:dd:03:6a:18:f4:13: ad:b0:bf:30:89:e3:ff:79:13:56:d9:ef:e7:e3:3f:50:ea:64: 96:0d:4b:5f:3e:14:77:72:00:2c:11:d5:a2:9e:c5:87:54:72: 86:e6:90:90:21:a8:f3:ba:12:ff:2d:54:b7:61:35:71:6e:e7: 54:61:8c:24 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNUjQtABbGLHBNEMBGEXI725EbnEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEyMFoX DTI3MDMwMzA2MDYyMFowMzExMC8GA1UEAxMoRDg4MUQ0M0MyRUY5OEMxRkNDQUI3 M0MzMUZGM0ZDNzBEM0ZBRTUxRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPBdeFLtdeqvJLkXDkfpL2vy/RQQUagsdHmjS+lrceusASYMzKTqbypAeCls 1Ny1aC6UQB3URm3mpBbZBgAtBPCoVRnhysGMRjG0j6hrhFPluHpd+y6XjoN55wuC m/ERKtD3cBBTVH6CZyTK/vDw9S51cp9/Ouk4KzXxCKyboYw64KY1epWcMQvSVdq5 nwLXz+xMNFtwWMHIRSVhpr9E4Pd3Af2zhJ4OpNO5qoU2/FYhgnSlB8wN3/qoa+Wf Wrx35qwtpCfiCleCm74FTK0Q/muXk1DbvNdp4uVaJ/rpFHPtNEqb9yQqOaZwjAif ThbJ3Y1b/3zKn9rRvIfWu9GhiGECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTYgdQ8 LvmMH8yrc8Mf8/xw0/rlHzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjgxNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oKcwDQYJKoZIhvcNAQELBQADggEBACXDQk8LUCMIiKfPiap98J6nrKaI+1a4zoP2 nVFE/zm2U+klyLw472yVVWX6zgYchvvP3TqhGT44yJmnK6TdmywnEoTUMfjH9vme 0pdCZGShuzgsyrfkfKoBipIri82qsFD0ZgMAknG6EbEfStXEuJKG738gHcEyFcQe HwJ5m4w55JIW8Ixn4aTdVb4yfBeND90s4bky2ej/jFgdVjll0/18p/4D88ooJJOX 7/TCL4e6002QV9VDedlqTtV0Hcn9+d0Dahj0E62wvzCJ4/95E1bZ7+fjP1DqZJYN S18+FHdyACwR1aKexYdUcobmkJAhqPO6Ev8tVLdhNXFu51RhjCQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:23 2026 by rpki-client