$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142844.roa File: AS142844.roa (raw, json) Hash identifier: IXFer+IR/4RYZaemBHzRkwICw3EdR6k2pid5UTq4z5U= Subject key identifier: 41:EA:39:FE:BE:9B:53:9B:04:CB:A3:8D:2B:12:D8:E3:18:80:58:13 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 34D96E98854161BA9DC4C950FE2F6D5C16D016BB Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142844.roa Signing time: Wed 04 Mar 2026 06:06:07 +0000 ROA not before: Wed 04 Mar 2026 06:01:07 +0000 ROA not after: Wed 03 Mar 2027 06:06:07 +0000 asID: 142844 IP address blocks: 240a:a0c2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:d9:6e:98:85:41:61:ba:9d:c4:c9:50:fe:2f:6d:5c:16:d0:16:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:07 2026 GMT Not After : Mar 3 06:06:07 2027 GMT Subject: CN=41EA39FEBE9B539B04CBA38D2B12D8E318805813 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:f2:7c:1b:c4:41:fd:92:d5:c8:24:87:34:8f: fd:a7:82:26:ea:d9:81:16:74:b1:33:1a:a7:2f:7d: d2:e8:6c:1a:ec:99:96:47:d9:d1:4a:04:f5:73:9e: 96:e3:2c:46:8c:fd:f8:4c:b3:60:7a:cd:b0:cd:f7: f9:bd:38:6e:b0:54:ec:54:d6:15:a0:56:34:c3:ca: 5d:bd:fb:97:34:ea:c1:a7:70:6b:ef:f0:59:00:e1: 10:60:9b:85:7b:d0:88:88:65:a9:99:e5:2f:ac:50: 4c:1f:27:d8:6b:94:7e:c4:56:d5:9c:2e:57:e5:9b: a5:87:b0:31:8a:d0:c5:44:46:c7:6e:ac:08:a5:c0: 3f:44:aa:ec:61:3c:eb:b9:34:18:02:67:9d:62:55: ed:7f:d7:0f:04:d3:1b:13:13:e6:d4:7f:e9:a4:0a: c5:18:48:27:42:77:3f:80:75:8b:8a:4c:57:ea:aa: 70:22:66:20:a0:0b:ad:7c:5a:a7:65:c8:6c:ed:dc: 0c:10:79:1b:14:ea:8d:74:6d:b2:ee:e9:fa:22:af: 9c:86:23:b3:4d:74:2d:6c:14:fa:af:e4:60:49:19: d1:b0:25:62:88:ec:8a:83:98:3b:42:08:8c:83:a1: 45:ba:a6:c8:36:84:c7:75:3c:d1:56:6c:4b:e7:90: b8:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:EA:39:FE:BE:9B:53:9B:04:CB:A3:8D:2B:12:D8:E3:18:80:58:13 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142844.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0c2::/32 Signature Algorithm: sha256WithRSAEncryption cd:96:06:85:84:c5:71:67:13:40:80:f2:90:8b:b2:c4:ee:54: 56:70:74:47:7e:ed:b9:7a:79:58:96:da:aa:f9:16:2a:f5:98: a6:0a:7c:b5:bd:16:e1:24:4d:c5:a4:79:42:0c:35:8b:04:8c: e2:3e:6a:a6:9b:ed:c4:b3:78:f2:6f:3f:30:3b:b5:18:a8:70: f0:35:5a:df:c1:38:3e:9f:75:58:6d:b4:da:d8:a2:0e:e1:6b: 00:37:a7:c1:29:09:aa:98:4a:2a:ad:1d:77:4c:94:3c:66:59: 65:82:c8:7f:dd:69:ad:00:43:79:c2:36:1d:ac:1e:d0:2b:7f: a7:fb:2b:63:ca:61:42:53:bc:25:f1:1b:6f:e5:ac:0c:ee:fa: a2:d0:62:b3:78:2f:e3:ad:20:9e:fe:18:1f:7d:ae:9a:9d:cf: d5:8a:34:1f:ce:ef:0e:5d:8d:69:53:51:e7:03:41:e6:9b:4a: 57:b9:96:7f:4d:e1:be:39:4f:00:bc:d1:29:20:11:f9:a5:f7: 2e:2e:0f:f7:18:8b:79:c1:24:2a:9e:00:40:01:89:14:f0:c5: d9:75:65:28:b6:92:55:49:70:78:91:1e:1a:5c:19:ec:dc:41: b1:d5:c1:90:03:f1:7c:20:3e:b4:2e:5c:83:fa:cd:c5:a2:8f: e4:be:1b:d9 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNNlumIVBYbqdxMlQ/i9tXBbQFrswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEwN1oX DTI3MDMwMzA2MDYwN1owMzExMC8GA1UEAxMoNDFFQTM5RkVCRTlCNTM5QjA0Q0JB MzhEMkIxMkQ4RTMxODgwNTgxMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJjyfBvEQf2S1cgkhzSP/aeCJurZgRZ0sTMapy990uhsGuyZlkfZ0UoE9XOe luMsRoz9+EyzYHrNsM33+b04brBU7FTWFaBWNMPKXb37lzTqwadwa+/wWQDhEGCb hXvQiIhlqZnlL6xQTB8n2GuUfsRW1ZwuV+WbpYewMYrQxURGx26sCKXAP0Sq7GE8 67k0GAJnnWJV7X/XDwTTGxMT5tR/6aQKxRhIJ0J3P4B1i4pMV+qqcCJmIKALrXxa p2XIbO3cDBB5GxTqjXRtsu7p+iKvnIYjs010LWwU+q/kYEkZ0bAlYojsioOYO0II jIOhRbqmyDaEx3U80VZsS+eQuKMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRB6jn+ vptTmwTLo40rEtjjGIBYEzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjg0NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oMIwDQYJKoZIhvcNAQELBQADggEBAM2WBoWExXFnE0CA8pCLssTuVFZwdEd+7bl6 eViW2qr5Fir1mKYKfLW9FuEkTcWkeUIMNYsEjOI+aqab7cSzePJvPzA7tRiocPA1 Wt/BOD6fdVhttNrYog7hawA3p8EpCaqYSiqtHXdMlDxmWWWCyH/daa0AQ3nCNh2s HtArf6f7K2PKYUJTvCXxG2/lrAzu+qLQYrN4L+OtIJ7+GB99rpqdz9WKNB/O7w5d jWlTUecDQeabSle5ln9N4b45TwC80SkgEfml9y4uD/cYi3nBJCqeAEABiRTwxdl1 ZSi2klVJcHiRHhpcGezcQbHVwZAD8XwgPrQuXIP6zcWij+S+G9k= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:04 2026 by rpki-client