$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142821.roa File: AS142821.roa (raw, json) Hash identifier: sI84xqdt5KM9zXb9YOj7kw5LeXkMh2yWnYBCW7trmBQ= Subject key identifier: 35:79:20:61:D6:9C:42:FB:73:87:EE:DC:5E:5E:DF:4B:8D:6C:32:C9 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4E8C6C812E329C24587B44345E0852D8C4CF10DF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142821.roa Signing time: Wed 04 Mar 2026 06:05:50 +0000 ROA not before: Wed 04 Mar 2026 06:00:50 +0000 ROA not after: Wed 03 Mar 2027 06:05:50 +0000 asID: 142821 IP address blocks: 240a:a0ab::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:8c:6c:81:2e:32:9c:24:58:7b:44:34:5e:08:52:d8:c4:cf:10:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:50 2026 GMT Not After : Mar 3 06:05:50 2027 GMT Subject: CN=35792061D69C42FB7387EEDC5E5EDF4B8D6C32C9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:08:a5:93:59:5e:d6:f0:48:38:90:f8:5d:7d: c1:9a:6d:e4:7e:f8:f8:b6:21:b6:e5:a1:08:60:1d: ef:f2:43:2c:72:13:b0:65:eb:35:72:74:d9:3e:44: 01:d1:f7:45:31:22:30:bc:a7:c7:0e:e1:b3:44:09: be:01:57:e2:51:0c:5d:60:c4:a5:6c:a6:e9:34:8a: 96:f0:f0:9b:a5:e4:77:54:99:aa:50:dc:27:24:9b: 43:50:fe:f5:34:72:31:dc:5b:a2:bf:9f:52:de:9e: dc:87:c2:d1:f2:d0:77:04:71:da:ee:47:5e:e5:cd: 49:a1:12:34:09:e1:be:d1:62:73:fe:ad:c8:9a:a4: 29:50:48:1b:1b:3a:c6:e5:22:da:e8:07:72:27:e2: 5e:6b:56:76:80:09:06:be:4d:ec:72:24:24:60:6a: 8b:8d:6a:f8:c2:ca:c4:a7:f7:ff:4b:0d:19:20:4e: 54:72:f6:6b:b1:d5:3f:99:f9:24:d7:b7:ea:ed:18: 99:00:69:6e:a1:bb:60:fe:33:f2:61:ed:35:29:0a: e8:e8:3e:0b:df:ad:b8:07:c3:77:56:dc:8b:8e:95: c7:ff:5e:e6:16:0e:52:89:d6:86:98:79:02:1e:f0: fa:1c:c6:2e:6c:50:54:00:d4:df:a4:30:4a:3c:58: 8a:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:79:20:61:D6:9C:42:FB:73:87:EE:DC:5E:5E:DF:4B:8D:6C:32:C9 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142821.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0ab::/32 Signature Algorithm: sha256WithRSAEncryption 7c:19:bb:20:dc:7c:15:d5:a0:65:f2:50:93:5f:99:ad:7a:4e: a0:7b:a7:c6:55:b4:67:51:b9:1a:a3:49:73:98:ae:f8:a9:07: 80:e2:7e:84:c6:af:38:71:57:f2:5f:99:6e:38:04:70:66:39: 81:15:6b:67:ee:3b:cb:8b:55:05:0c:71:37:b1:03:d4:69:b5: 09:6b:3d:f1:4c:58:0b:4c:cf:c0:7e:9b:37:84:a2:f9:a2:7f: 18:58:6a:f3:b9:35:ff:0c:2b:7d:bc:cc:df:e6:da:a5:68:14: 20:ea:be:b5:f7:e3:9f:63:85:2e:23:0e:ed:24:0f:70:8b:55: bf:c7:66:c5:d5:ee:5a:5f:b5:84:01:82:90:80:af:c7:b7:d7: a6:d8:25:a4:ec:54:64:ba:6e:67:86:dc:92:2e:e6:4a:79:22: c3:7d:70:f0:64:19:fb:6d:16:8e:2f:63:36:84:2f:55:fa:2a: d2:c3:2b:e4:87:20:73:81:cd:56:6a:8e:05:e3:bf:c6:87:2b: f9:88:4c:e5:e4:83:b9:5a:44:f2:07:a9:94:8d:cd:8b:96:a0: 81:0d:3c:75:6b:f2:81:ed:da:d1:a2:96:bb:31:6a:45:11:8d: 49:13:8d:a6:a4:83:ee:0b:80:74:45:8d:36:fd:8f:9f:65:01: fc:b9:87:fc -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUToxsgS4ynCRYe0Q0XghS2MTPEN8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA1MFoX DTI3MDMwMzA2MDU1MFowMzExMC8GA1UEAxMoMzU3OTIwNjFENjlDNDJGQjczODdF RURDNUU1RURGNEI4RDZDMzJDOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANcIpZNZXtbwSDiQ+F19wZpt5H74+LYhtuWhCGAd7/JDLHITsGXrNXJ02T5E AdH3RTEiMLynxw7hs0QJvgFX4lEMXWDEpWym6TSKlvDwm6Xkd1SZqlDcJySbQ1D+ 9TRyMdxbor+fUt6e3IfC0fLQdwRx2u5HXuXNSaESNAnhvtFic/6tyJqkKVBIGxs6 xuUi2ugHcifiXmtWdoAJBr5N7HIkJGBqi41q+MLKxKf3/0sNGSBOVHL2a7HVP5n5 JNe36u0YmQBpbqG7YP4z8mHtNSkK6Og+C9+tuAfDd1bci46Vx/9e5hYOUonWhph5 Ah7w+hzGLmxQVADU36QwSjxYio8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ1eSBh 1pxC+3OH7txeXt9LjWwyyTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjgyMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oKswDQYJKoZIhvcNAQELBQADggEBAHwZuyDcfBXVoGXyUJNfma16TqB7p8ZVtGdR uRqjSXOYrvipB4DifoTGrzhxV/JfmW44BHBmOYEVa2fuO8uLVQUMcTexA9RptQlr PfFMWAtMz8B+mzeEovmifxhYavO5Nf8MK328zN/m2qVoFCDqvrX3459jhS4jDu0k D3CLVb/HZsXV7lpftYQBgpCAr8e316bYJaTsVGS6bmeG3JIu5kp5IsN9cPBkGftt Fo4vYzaEL1X6KtLDK+SHIHOBzVZqjgXjv8aHK/mITOXkg7laRPIHqZSNzYuWoIEN PHVr8oHt2tGilrsxakURjUkTjaakg+4LgHRFjTb9j59lAfy5h/w= -----END CERTIFICATE-----Generated at Sat Mar 28 13:11:27 2026 by rpki-client