$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142842.roa File: AS142842.roa (raw, json) Hash identifier: cXnQN81op0aEpkBthv6012CdJpRV44g7siug89V6Xxg= Subject key identifier: 48:44:9B:C6:78:29:A1:1A:6B:A0:BB:C0:71:96:8D:B8:46:80:30:B9 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6807F02E0CBBE1DB661B5F5639EDF079659CF649 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142842.roa Signing time: Wed 04 Mar 2026 06:07:43 +0000 ROA not before: Wed 04 Mar 2026 06:02:43 +0000 ROA not after: Wed 03 Mar 2027 06:07:43 +0000 asID: 142842 IP address blocks: 240a:a0c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:07:f0:2e:0c:bb:e1:db:66:1b:5f:56:39:ed:f0:79:65:9c:f6:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:43 2026 GMT Not After : Mar 3 06:07:43 2027 GMT Subject: CN=48449BC67829A11A6BA0BBC071968DB8468030B9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:2a:8f:39:e8:06:d8:55:22:b8:67:30:c2:b0: b7:92:5e:0b:17:94:61:88:4c:93:fe:e1:90:81:44: eb:05:79:6b:af:14:33:5f:92:91:97:16:7d:e4:17: d3:9b:8e:3e:37:ad:c2:20:36:f2:0e:d5:b6:4e:ba: cf:fd:7a:e0:3b:11:46:f9:71:60:03:a7:08:07:53: 64:2f:3f:de:4a:4c:ba:8f:09:f9:78:3f:e5:38:4e: c0:21:df:78:5c:80:aa:96:a9:9a:d4:66:f3:8f:84: 22:05:f8:c8:a9:2e:d7:1b:dd:89:cc:0d:c9:03:74: 8e:41:58:7b:bb:ae:50:fb:ec:42:77:4a:e4:d2:3e: 30:56:ae:b2:0e:b4:df:a7:83:ad:c6:87:28:2e:9e: 38:c1:89:6f:24:99:5c:d8:bf:02:3a:94:f7:07:3f: 93:a8:41:87:f3:15:bd:f4:51:95:5b:91:9e:d1:e0: 1c:87:2c:e8:ed:0e:e2:ad:b3:84:e4:66:ef:0e:ea: 02:6e:73:13:4c:34:75:fa:ce:61:58:84:20:aa:b1: c2:97:bd:10:2d:f4:06:18:58:42:0d:b2:ba:68:b0: c6:be:db:4c:d9:45:c1:87:9c:e0:03:02:35:e1:c4: 1f:9b:fd:7b:3c:63:61:8a:35:28:0d:47:4f:32:88: 25:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:44:9B:C6:78:29:A1:1A:6B:A0:BB:C0:71:96:8D:B8:46:80:30:B9 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142842.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0c0::/32 Signature Algorithm: sha256WithRSAEncryption 2b:6d:96:a8:cf:cf:6d:5c:d7:0d:16:fd:ba:72:c3:9a:2d:cc: d4:20:7c:08:84:61:86:3d:2c:d5:50:8b:79:10:fb:28:0c:90: 64:b2:7e:79:a6:cb:0a:df:8f:33:7b:e0:0a:1b:64:1f:83:ed: 30:ac:1a:bb:fe:da:6a:9f:22:36:8d:b8:2e:5f:6f:c4:49:16: c4:b2:fe:b4:6c:01:66:47:bd:21:98:f3:16:80:b5:67:10:79: f8:f2:1e:a2:bb:f7:03:70:1a:ac:e0:8d:fe:73:34:63:e9:38: dc:c4:03:5d:15:3a:56:7b:44:68:dd:7f:e9:af:7f:58:58:6a: 43:37:f5:5e:ea:56:14:d2:51:d2:ed:ae:71:51:6c:0e:2d:49: 08:11:d4:f5:56:8c:b7:67:5f:49:fc:94:93:5b:2c:1e:fe:e5: 24:4f:28:c8:a6:a2:4b:45:12:c4:bd:e1:99:d2:d0:81:8e:b8: 76:50:b5:e3:c5:37:24:ee:b5:3e:af:2e:fe:77:94:a2:ec:18: 4b:75:aa:12:b4:86:4d:ec:e4:40:b5:db:42:dc:40:a6:3a:1a: 3f:71:d6:01:45:40:ec:f9:4d:28:b1:91:7a:9d:3e:84:73:20: 18:d7:56:7d:5d:73:11:92:3b:9b:77:98:16:c3:78:67:53:32: 8b:b8:9d:b1 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUaAfwLgy74dtmG19WOe3weWWc9kkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI0M1oX DTI3MDMwMzA2MDc0M1owMzExMC8GA1UEAxMoNDg0NDlCQzY3ODI5QTExQTZCQTBC QkMwNzE5NjhEQjg0NjgwMzBCOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM4qjznoBthVIrhnMMKwt5JeCxeUYYhMk/7hkIFE6wV5a68UM1+SkZcWfeQX 05uOPjetwiA28g7Vtk66z/164DsRRvlxYAOnCAdTZC8/3kpMuo8J+Xg/5ThOwCHf eFyAqpapmtRm84+EIgX4yKku1xvdicwNyQN0jkFYe7uuUPvsQndK5NI+MFausg60 36eDrcaHKC6eOMGJbySZXNi/AjqU9wc/k6hBh/MVvfRRlVuRntHgHIcs6O0O4q2z hORm7w7qAm5zE0w0dfrOYViEIKqxwpe9EC30BhhYQg2yumiwxr7bTNlFwYec4AMC NeHEH5v9ezxjYYo1KA1HTzKIJRcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRIRJvG eCmhGmugu8Bxlo24RoAwuTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjg0Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oMAwDQYJKoZIhvcNAQELBQADggEBACttlqjPz21c1w0W/bpyw5otzNQgfAiEYYY9 LNVQi3kQ+ygMkGSyfnmmywrfjzN74AobZB+D7TCsGrv+2mqfIjaNuC5fb8RJFsSy /rRsAWZHvSGY8xaAtWcQefjyHqK79wNwGqzgjf5zNGPpONzEA10VOlZ7RGjdf+mv f1hYakM39V7qVhTSUdLtrnFRbA4tSQgR1PVWjLdnX0n8lJNbLB7+5SRPKMimoktF EsS94ZnS0IGOuHZQtePFNyTutT6vLv53lKLsGEt1qhK0hk3s5EC120LcQKY6Gj9x 1gFFQOz5TSixkXqdPoRzIBjXVn1dcxGSO5t3mBbDeGdTMou4nbE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:55 2026 by rpki-client