$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142820.roa File: AS142820.roa (raw, json) Hash identifier: qFbFSspCZHh3ocz6Ay6PVE9V0Nu78lycAdBM9Q09yVg= Subject key identifier: 5B:B0:90:1E:38:43:E5:1B:C4:19:CC:91:A3:D7:77:73:16:F0:70:6D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7218971A8E4E7C93C27CA86815C55016073D5B38 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142820.roa Signing time: Wed 04 Mar 2026 06:06:40 +0000 ROA not before: Wed 04 Mar 2026 06:01:40 +0000 ROA not after: Wed 03 Mar 2027 06:06:40 +0000 asID: 142820 IP address blocks: 240a:a0aa::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:18:97:1a:8e:4e:7c:93:c2:7c:a8:68:15:c5:50:16:07:3d:5b:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:40 2026 GMT Not After : Mar 3 06:06:40 2027 GMT Subject: CN=5BB0901E3843E51BC419CC91A3D7777316F0706D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:7b:cb:f3:70:c2:15:3f:87:28:4b:3c:8f:39: 11:27:ca:79:b9:1e:53:ea:6d:20:1f:38:ba:35:b9: f8:27:81:ad:6c:3f:53:b8:84:66:b6:87:4b:f3:62: 98:a7:0d:05:c6:89:83:65:a8:de:cf:ed:f2:8f:c8: 8c:8c:17:bc:fd:5a:e6:19:b7:a4:9f:42:f8:58:9d: f4:cf:b2:2d:b2:a8:6b:f9:07:64:01:b1:41:59:7a: 6f:d9:ac:d0:14:be:38:91:46:72:ff:36:df:e5:f5: 43:30:c7:fa:e6:1b:fa:51:a7:54:bd:21:01:4f:40: 86:02:1d:9e:5c:8e:13:a1:ae:1f:a7:85:44:38:0d: cb:36:00:0f:b7:ed:fe:90:38:e3:7e:4b:2c:12:09: c4:98:76:e6:35:8e:99:5f:1f:66:a5:76:d7:e5:75: 44:7e:25:2a:5c:d2:5c:7a:9b:f3:16:36:5f:64:73: 99:06:7a:79:8e:e4:f4:e4:0e:ad:c1:72:83:a6:f4: 3b:b9:82:3e:62:05:1a:af:0d:dc:91:e5:e8:1c:db: 1c:5e:6e:c9:ba:3a:b0:4c:7a:5c:3a:08:96:5c:0d: f7:9e:82:27:dc:a4:69:24:27:d3:98:ea:55:f1:61: f4:92:6f:bc:23:0a:ae:fe:63:19:38:65:f9:f9:c5: 9d:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:B0:90:1E:38:43:E5:1B:C4:19:CC:91:A3:D7:77:73:16:F0:70:6D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142820.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0aa::/32 Signature Algorithm: sha256WithRSAEncryption 58:32:35:45:0a:38:f1:e9:21:15:18:c5:3e:7f:c9:61:73:d6: fb:04:e4:7f:f3:86:d5:65:ce:60:3e:d6:54:c8:80:01:2f:ff: dd:8e:d8:5c:c5:4e:13:8e:e3:b4:d7:a1:87:3a:1c:22:0f:44: b8:4b:df:b3:62:81:57:9e:bc:52:58:42:13:eb:4f:e4:be:b0: 57:f1:b5:51:b6:23:d8:ca:21:38:b8:19:5f:07:c4:0a:0f:80: 98:a2:bd:8b:95:6c:49:41:30:21:54:8c:25:c5:38:c8:b3:74: a7:c2:79:13:58:4a:88:8c:73:36:23:0a:80:46:60:81:49:f7: 93:85:95:be:41:31:d6:48:84:7c:47:cb:f2:da:0f:68:ef:6c: 3d:aa:fb:46:b9:af:7f:e3:ce:97:ca:f2:05:4c:26:4c:57:b1: 65:11:e5:8e:28:cb:e6:20:49:06:dc:70:09:63:01:db:53:20: d5:01:93:ae:25:bd:2f:d0:8c:69:64:93:65:52:0b:dc:c4:46: e3:bc:59:aa:1c:00:96:55:56:56:d6:e7:cf:cb:2b:1b:38:41: ce:91:f7:88:62:ef:85:a2:cb:01:23:fc:78:11:07:bc:db:76: 2e:e0:2b:8b:04:b2:3e:85:3a:a2:cc:b5:b5:77:0f:1d:60:91: 28:17:94:c9 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUchiXGo5OfJPCfKhoFcVQFgc9WzgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE0MFoX DTI3MDMwMzA2MDY0MFowMzExMC8GA1UEAxMoNUJCMDkwMUUzODQzRTUxQkM0MTlD QzkxQTNENzc3NzMxNkYwNzA2RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOl7y/NwwhU/hyhLPI85ESfKebkeU+ptIB84ujW5+CeBrWw/U7iEZraHS/Ni mKcNBcaJg2Wo3s/t8o/IjIwXvP1a5hm3pJ9C+Fid9M+yLbKoa/kHZAGxQVl6b9ms 0BS+OJFGcv823+X1QzDH+uYb+lGnVL0hAU9AhgIdnlyOE6GuH6eFRDgNyzYAD7ft /pA4435LLBIJxJh25jWOmV8fZqV21+V1RH4lKlzSXHqb8xY2X2RzmQZ6eY7k9OQO rcFyg6b0O7mCPmIFGq8N3JHl6BzbHF5uybo6sEx6XDoIllwN956CJ9ykaSQn05jq VfFh9JJvvCMKrv5jGThl+fnFncMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRbsJAe OEPlG8QZzJGj13dzFvBwbTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjgyMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oKowDQYJKoZIhvcNAQELBQADggEBAFgyNUUKOPHpIRUYxT5/yWFz1vsE5H/zhtVl zmA+1lTIgAEv/92O2FzFThOO47TXoYc6HCIPRLhL37NigVeevFJYQhPrT+S+sFfx tVG2I9jKITi4GV8HxAoPgJiivYuVbElBMCFUjCXFOMizdKfCeRNYSoiMczYjCoBG YIFJ95OFlb5BMdZIhHxHy/LaD2jvbD2q+0a5r3/jzpfK8gVMJkxXsWUR5Y4oy+Yg SQbccAljAdtTINUBk64lvS/QjGlkk2VSC9zERuO8WaocAJZVVlbW58/LKxs4Qc6R 94hi74WiywEj/HgRB7zbdi7gK4sEsj6FOqLMtbV3Dx1gkSgXlMk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:10 2026 by rpki-client