$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142849.roa File: AS142849.roa (raw, json) Hash identifier: OdexT6EF6TyzfbTQVq1Je75/DVZksmOe9v9fVx1M/yU= Subject key identifier: 22:CD:FB:09:97:DE:57:3F:5B:AD:23:14:A8:19:F3:79:AA:0A:C3:AD Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 54B5FFDC203067F956AA00B8EA174A98D0DD8761 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142849.roa Signing time: Wed 04 Mar 2026 06:06:53 +0000 ROA not before: Wed 04 Mar 2026 06:01:53 +0000 ROA not after: Wed 03 Mar 2027 06:06:53 +0000 asID: 142849 IP address blocks: 240a:a0c7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:b5:ff:dc:20:30:67:f9:56:aa:00:b8:ea:17:4a:98:d0:dd:87:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:53 2026 GMT Not After : Mar 3 06:06:53 2027 GMT Subject: CN=22CDFB0997DE573F5BAD2314A819F379AA0AC3AD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:45:11:ba:c3:8b:0c:8f:2b:fd:65:b6:d3:50: a2:14:a6:94:60:94:5a:0f:73:61:91:97:e4:81:88: 0d:48:53:c7:85:42:bb:47:60:25:f1:a1:d8:c9:f0: 4f:c6:79:cf:a6:e1:17:d9:e0:80:83:25:46:c3:15: 4b:81:70:47:b6:3d:98:49:02:20:37:9d:50:a1:71: a2:5a:f8:37:ba:fb:e7:fd:e7:2b:a8:ab:44:92:9a: 8d:9d:39:cd:c8:05:76:a3:0b:31:e4:9e:e7:e6:8c: 98:4f:33:69:95:6e:7d:fa:49:5d:97:9a:1e:2a:ae: 82:f3:fb:b0:33:79:ca:9e:d0:72:57:0e:59:69:06: 64:6d:65:73:fb:cc:b5:74:8c:9d:c8:67:2a:d7:13: 75:43:9e:9e:ef:03:3d:b6:d3:a9:0e:59:f6:46:75: 88:a9:56:f2:5a:89:fb:b5:ec:11:22:73:5b:8f:db: bd:5f:11:7c:b8:1c:c4:7e:df:88:09:5f:3f:82:eb: b4:8e:f6:7a:67:c9:15:6c:83:70:5b:12:45:78:28: 76:6d:96:fc:53:63:3b:5b:5f:0c:44:e4:f2:0a:65: 1a:89:5f:81:27:4e:74:de:4a:0e:98:de:31:a5:c8: 0b:39:a3:e8:03:d4:6f:c4:1e:df:e1:8e:5f:76:40: 12:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:CD:FB:09:97:DE:57:3F:5B:AD:23:14:A8:19:F3:79:AA:0A:C3:AD X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142849.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0c7::/32 Signature Algorithm: sha256WithRSAEncryption 7f:13:da:8d:96:a2:39:e4:5f:7e:62:8d:22:88:40:c7:27:94: 2c:ab:63:2c:b1:9e:29:3d:fa:96:0b:2a:d8:ad:f5:d4:c0:ed: aa:33:e2:80:ee:78:42:ca:b8:c4:b9:6f:d5:ec:6a:dd:bb:c1: 9e:38:d3:eb:e8:3c:3a:ea:cd:ec:de:4a:95:f7:4b:c3:16:d7: 1a:e4:9f:bd:6a:fd:be:6c:a0:0f:cd:71:ac:1a:7d:02:04:23: 9f:0c:bd:4a:0b:45:78:bb:d2:05:0f:30:6b:3c:68:c9:55:14: 3f:ac:36:61:ed:20:94:47:80:d9:93:35:f3:fb:fd:fd:62:92: 5e:90:91:ed:68:49:3c:ca:94:bd:18:a4:a1:21:cf:91:99:59: 5f:d1:94:72:f0:24:ac:34:64:47:39:82:86:49:99:ba:ca:44: b8:e9:22:5c:67:c3:3c:5a:d4:3a:27:b6:6e:d5:f7:61:83:87: f8:60:f0:f7:97:9e:bc:0f:59:25:50:ab:e0:bc:be:37:14:86: 0e:e9:c4:7f:00:34:f2:b0:de:5c:43:43:85:62:9b:52:ee:7a: c9:92:94:ce:da:f3:f7:b1:9c:4e:d9:8a:1f:e3:b0:b0:63:51: b8:8b:8f:97:06:0f:d0:0c:43:eb:9a:50:b1:a9:5c:e8:41:fa: cc:fd:57:2e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVLX/3CAwZ/lWqgC46hdKmNDdh2EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE1M1oX DTI3MDMwMzA2MDY1M1owMzExMC8GA1UEAxMoMjJDREZCMDk5N0RFNTczRjVCQUQy MzE0QTgxOUYzNzlBQTBBQzNBRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM1FEbrDiwyPK/1lttNQohSmlGCUWg9zYZGX5IGIDUhTx4VCu0dgJfGh2Mnw T8Z5z6bhF9nggIMlRsMVS4FwR7Y9mEkCIDedUKFxolr4N7r75/3nK6irRJKajZ05 zcgFdqMLMeSe5+aMmE8zaZVuffpJXZeaHiqugvP7sDN5yp7QclcOWWkGZG1lc/vM tXSMnchnKtcTdUOenu8DPbbTqQ5Z9kZ1iKlW8lqJ+7XsESJzW4/bvV8RfLgcxH7f iAlfP4LrtI72emfJFWyDcFsSRXgodm2W/FNjO1tfDETk8gplGolfgSdOdN5KDpje MaXICzmj6APUb8Qe3+GOX3ZAEs0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQizfsJ l95XP1utIxSoGfN5qgrDrTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjg0OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oMcwDQYJKoZIhvcNAQELBQADggEBAH8T2o2WojnkX35ijSKIQMcnlCyrYyyxnik9 +pYLKtit9dTA7aoz4oDueELKuMS5b9Xsat27wZ440+voPDrqzezeSpX3S8MW1xrk n71q/b5soA/NcawafQIEI58MvUoLRXi70gUPMGs8aMlVFD+sNmHtIJRHgNmTNfP7 /f1ikl6Qke1oSTzKlL0YpKEhz5GZWV/RlHLwJKw0ZEc5goZJmbrKRLjpIlxnwzxa 1Dontm7V92GDh/hg8PeXnrwPWSVQq+C8vjcUhg7pxH8ANPKw3lxDQ4Vim1LuesmS lM7a8/exnE7Zih/jsLBjUbiLj5cGD9AMQ+uaULGpXOhB+sz9Vy4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:32 2026 by rpki-client