$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142825.roa File: AS142825.roa (raw, json) Hash identifier: KSgt0PVejA3vm8aQeXtl2s94z3GWbqzFw+LJBwPVDzg= Subject key identifier: 19:1A:2E:A9:A8:D8:63:68:FA:6E:CD:A0:D1:E0:B8:FD:7B:EB:37:22 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 36C3FA9C9C182CC9085E8C6E5150CB0933F85351 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142825.roa Signing time: Wed 04 Mar 2026 06:06:45 +0000 ROA not before: Wed 04 Mar 2026 06:01:45 +0000 ROA not after: Wed 03 Mar 2027 06:06:45 +0000 asID: 142825 IP address blocks: 240a:a0af::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:c3:fa:9c:9c:18:2c:c9:08:5e:8c:6e:51:50:cb:09:33:f8:53:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:45 2026 GMT Not After : Mar 3 06:06:45 2027 GMT Subject: CN=191A2EA9A8D86368FA6ECDA0D1E0B8FD7BEB3722 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:2b:39:10:2d:f8:ba:1d:69:d7:68:b1:bd:7d: ee:b2:09:cb:3a:d4:dd:40:81:03:b5:7e:c0:77:6d: 4d:ed:4c:c8:05:34:86:82:81:33:a4:20:09:0d:db: 10:c5:73:a9:49:c0:76:2c:5a:29:89:a9:72:7f:7f: 1e:29:dc:89:a8:42:87:d6:b5:08:4a:37:c1:04:de: ff:b9:d0:d8:6d:30:4c:e8:44:59:6a:fe:49:3c:eb: e9:fe:ab:fa:a9:c3:54:77:47:6e:cf:bc:a8:1f:c0: 6c:92:93:02:d9:8c:ee:4f:ac:4f:d1:22:8c:38:f5: 3f:b6:19:64:29:70:68:ce:c6:15:7d:33:77:16:36: b9:b9:65:8a:b7:0a:1c:cd:df:d8:7e:cb:bc:8a:b9: 06:3a:b1:86:5a:89:f2:7b:a9:11:b2:0c:58:f3:7e: 6e:09:3d:a7:a6:0d:ec:4c:11:4c:a2:18:15:c8:39: e7:ba:3d:4e:8b:18:e9:84:04:28:ba:ea:a0:42:aa: 1b:8f:32:ac:86:eb:6d:f4:af:67:24:44:23:4f:3c: a2:3e:b0:b0:d3:29:d3:6e:16:13:38:7d:c9:44:61: da:5c:24:a8:0d:2b:50:e0:66:15:c7:11:b6:2e:b8: 1f:26:08:5c:d2:7a:98:ad:34:aa:35:22:9a:6c:da: 4a:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:1A:2E:A9:A8:D8:63:68:FA:6E:CD:A0:D1:E0:B8:FD:7B:EB:37:22 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142825.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0af::/32 Signature Algorithm: sha256WithRSAEncryption 61:cc:69:01:df:90:40:df:77:00:08:32:c1:38:de:2e:ed:4b: 6d:e9:83:2e:c6:79:d1:5b:47:41:b8:e0:80:52:d8:12:ec:52: 2e:30:b8:a6:5c:6c:3b:34:aa:40:bd:5c:ec:3b:dc:e7:3f:20: e8:1e:1f:27:13:e5:bd:60:55:c8:99:7d:a1:8d:36:d4:b7:08: c8:a6:4c:2c:72:23:2a:db:4c:fd:a6:04:a5:9f:94:4c:2f:b1: a9:e8:aa:35:7e:f0:c1:57:5b:2d:bf:63:5c:f7:97:fb:72:4b: 80:4d:db:10:f0:d3:81:0e:76:23:8d:4c:f3:2e:77:d0:26:61: 5b:2c:04:75:1c:9f:4d:ac:c9:9f:97:ce:6f:03:07:0f:52:ec: af:a3:16:53:b1:e4:2d:c5:f9:6a:30:87:d9:af:ad:53:56:d2: 13:a1:1e:0d:a6:79:ad:4e:fb:c3:11:5d:3f:03:a7:04:55:1f: 0c:38:96:19:97:21:73:b1:4c:c0:4f:cd:fd:28:74:b9:1a:0a: 4a:08:74:0d:2d:66:bb:1c:18:32:05:be:02:b3:50:62:c7:61: 91:58:95:8f:da:09:17:8d:b9:fb:c0:00:0d:3d:82:a2:c2:17: 05:10:bc:df:71:ca:ac:d4:9e:0b:54:7f:44:7e:ee:31:8f:3c: de:db:04:b2 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNsP6nJwYLMkIXoxuUVDLCTP4U1EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE0NVoX DTI3MDMwMzA2MDY0NVowMzExMC8GA1UEAxMoMTkxQTJFQTlBOEQ4NjM2OEZBNkVD REEwRDFFMEI4RkQ3QkVCMzcyMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI8rORAt+Lodaddosb197rIJyzrU3UCBA7V+wHdtTe1MyAU0hoKBM6QgCQ3b EMVzqUnAdixaKYmpcn9/HinciahCh9a1CEo3wQTe/7nQ2G0wTOhEWWr+STzr6f6r +qnDVHdHbs+8qB/AbJKTAtmM7k+sT9EijDj1P7YZZClwaM7GFX0zdxY2ubllircK HM3f2H7LvIq5BjqxhlqJ8nupEbIMWPN+bgk9p6YN7EwRTKIYFcg557o9TosY6YQE KLrqoEKqG48yrIbrbfSvZyREI088oj6wsNMp024WEzh9yURh2lwkqA0rUOBmFccR ti64HyYIXNJ6mK00qjUimmzaSq8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQZGi6p qNhjaPpuzaDR4Lj9e+s3IjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjgyNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oK8wDQYJKoZIhvcNAQELBQADggEBAGHMaQHfkEDfdwAIMsE43i7tS23pgy7GedFb R0G44IBS2BLsUi4wuKZcbDs0qkC9XOw73Oc/IOgeHycT5b1gVciZfaGNNtS3CMim TCxyIyrbTP2mBKWflEwvsanoqjV+8MFXWy2/Y1z3l/tyS4BN2xDw04EOdiONTPMu d9AmYVssBHUcn02syZ+Xzm8DBw9S7K+jFlOx5C3F+Wowh9mvrVNW0hOhHg2mea1O +8MRXT8DpwRVHww4lhmXIXOxTMBPzf0odLkaCkoIdA0tZrscGDIFvgKzUGLHYZFY lY/aCReNufvAAA09gqLCFwUQvN9xyqzUngtUf0R+7jGPPN7bBLI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:52 2026 by rpki-client