$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142851.roa File: AS142851.roa (raw, json) Hash identifier: sjT7p8Ivf9h8LgqPBC9fnlL33dyJJMn2HQKbQknvFjg= Subject key identifier: C9:48:9A:6E:91:5C:2D:F9:E4:EA:26:A7:7A:36:EE:0E:2B:74:28:C8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5131EA148441E2ECF458786E61EE09DA7AEE27BC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142851.roa Signing time: Wed 04 Mar 2026 06:06:51 +0000 ROA not before: Wed 04 Mar 2026 06:01:51 +0000 ROA not after: Wed 03 Mar 2027 06:06:51 +0000 asID: 142851 IP address blocks: 240a:a0c9::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:31:ea:14:84:41:e2:ec:f4:58:78:6e:61:ee:09:da:7a:ee:27:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:51 2026 GMT Not After : Mar 3 06:06:51 2027 GMT Subject: CN=C9489A6E915C2DF9E4EA26A77A36EE0E2B7428C8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:69:ca:f1:c3:62:cf:6e:2b:5d:80:1e:6e:8b: d1:40:67:2c:de:50:57:80:0f:23:14:b3:30:1c:d8: 0f:ab:50:86:be:22:27:43:70:ed:58:43:f9:8c:95: 84:6a:2b:7c:05:fd:e7:08:36:19:61:2d:a6:b6:3a: 14:36:36:80:95:ec:0e:b0:c4:7c:13:91:7d:af:dd: bc:d6:10:8d:42:dc:39:9d:a3:38:b1:46:6b:af:44: c5:65:d9:54:43:2d:db:1a:46:c9:4f:8a:bd:ca:d0: d2:4f:9f:76:a7:c9:87:59:c7:15:c2:aa:eb:4f:66: 84:04:52:66:44:c4:46:ea:0f:30:46:f7:6c:a2:1d: 8d:42:ab:fd:a7:89:34:13:f5:01:54:c0:2a:2e:a8: 50:9b:54:05:83:4c:15:70:62:af:24:c8:79:54:d8: 22:11:b5:52:56:71:ee:27:e6:8c:5a:f1:22:be:9a: 1b:d0:b7:63:0b:5b:81:fb:5d:ca:60:45:e0:59:07: d4:8c:55:dc:b6:f7:9b:82:08:57:cc:c8:c4:9f:a9: f6:fc:00:50:e8:b1:bd:59:a3:c9:f3:eb:1b:fb:65: ad:fc:34:19:4c:b6:93:74:83:5e:f4:a5:ff:33:39: e7:b5:b8:99:fc:14:76:db:63:80:4a:a7:30:94:0b: ad:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:48:9A:6E:91:5C:2D:F9:E4:EA:26:A7:7A:36:EE:0E:2B:74:28:C8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142851.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0c9::/32 Signature Algorithm: sha256WithRSAEncryption 48:cd:64:d0:c8:69:fe:17:ef:d0:cd:ab:5a:e5:ac:b4:3e:64: e4:78:4f:c4:7c:2e:9f:d7:ea:75:cf:69:aa:73:e9:14:51:da: a0:03:34:2a:94:3b:8c:ed:e2:b9:7d:8b:e7:dd:b0:a9:b0:64: 8e:4a:07:b7:96:d3:23:47:87:93:59:a0:5e:48:6a:bf:6a:6c: af:03:f7:ae:00:99:fa:30:1c:2c:b0:9f:ba:39:58:45:7f:65: 5f:17:71:b1:ff:49:95:26:29:d1:a1:ce:a9:fd:42:5c:e3:ca: d0:22:3d:d7:ab:49:ce:ac:e2:8d:22:4d:c7:f3:3e:3f:0f:d1: 91:f9:01:bb:9b:04:25:bf:ad:93:dc:ec:a7:c9:20:f4:f3:b2: 67:d0:cc:c1:16:b5:23:35:6e:b4:54:b8:73:35:7a:c7:77:62: 77:1a:c5:16:e0:ba:5b:2f:56:83:e8:6d:8b:69:a7:4f:94:00: 70:62:2d:d7:46:15:3e:46:d2:6f:51:b3:3b:a8:45:e1:bd:bb: 07:5e:ef:28:45:7d:92:c5:02:76:25:98:cc:2d:bc:8f:9a:20: ab:37:6a:bb:30:d0:a7:3c:8c:9f:ca:66:ea:51:03:f2:e5:ac: a5:e7:56:ac:d3:39:49:db:3e:00:b6:57:2d:ef:a6:e1:b4:32: 34:61:58:1e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUUTHqFIRB4uz0WHhuYe4J2nruJ7wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE1MVoX DTI3MDMwMzA2MDY1MVowMzExMC8GA1UEAxMoQzk0ODlBNkU5MTVDMkRGOUU0RUEy NkE3N0EzNkVFMEUyQjc0MjhDODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMBpyvHDYs9uK12AHm6L0UBnLN5QV4APIxSzMBzYD6tQhr4iJ0Nw7VhD+YyV hGorfAX95wg2GWEtprY6FDY2gJXsDrDEfBORfa/dvNYQjULcOZ2jOLFGa69ExWXZ VEMt2xpGyU+KvcrQ0k+fdqfJh1nHFcKq609mhARSZkTERuoPMEb3bKIdjUKr/aeJ NBP1AVTAKi6oUJtUBYNMFXBiryTIeVTYIhG1UlZx7ifmjFrxIr6aG9C3Ywtbgftd ymBF4FkH1IxV3Lb3m4IIV8zIxJ+p9vwAUOixvVmjyfPrG/tlrfw0GUy2k3SDXvSl /zM557W4mfwUdttjgEqnMJQLrRcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTJSJpu kVwt+eTqJqd6Nu4OK3QoyDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjg1MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oMkwDQYJKoZIhvcNAQELBQADggEBAEjNZNDIaf4X79DNq1rlrLQ+ZOR4T8R8Lp/X 6nXPaapz6RRR2qADNCqUO4zt4rl9i+fdsKmwZI5KB7eW0yNHh5NZoF5Iar9qbK8D 964AmfowHCywn7o5WEV/ZV8XcbH/SZUmKdGhzqn9QlzjytAiPderSc6s4o0iTcfz Pj8P0ZH5AbubBCW/rZPc7KfJIPTzsmfQzMEWtSM1brRUuHM1esd3YncaxRbgulsv VoPobYtpp0+UAHBiLddGFT5G0m9RszuoReG9uwde7yhFfZLFAnYlmMwtvI+aIKs3 arsw0Kc8jJ/KZupRA/LlrKXnVqzTOUnbPgC2Vy3vpuG0MjRhWB4= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:36 2026 by rpki-client