$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142854.roa File: AS142854.roa (raw, json) Hash identifier: KTVZKFo8EroYzH5pjBrEHBot9R/jqQjH9qxvd5PlA2s= Subject key identifier: D4:9F:F2:DD:5F:BA:77:0B:85:AB:02:42:7F:4E:9A:09:A3:1A:E2:41 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7A18D695847EB28D581F6724A0E87FC2200634B4 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142854.roa Signing time: Wed 04 Mar 2026 06:06:39 +0000 ROA not before: Wed 04 Mar 2026 06:01:39 +0000 ROA not after: Wed 03 Mar 2027 06:06:39 +0000 asID: 142854 IP address blocks: 240a:a0cc::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:18:d6:95:84:7e:b2:8d:58:1f:67:24:a0:e8:7f:c2:20:06:34:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:39 2026 GMT Not After : Mar 3 06:06:39 2027 GMT Subject: CN=D49FF2DD5FBA770B85AB02427F4E9A09A31AE241 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:9d:22:e7:42:7f:6e:b2:34:44:d1:d4:e9:8f: 9c:7f:74:40:3e:49:4f:1c:37:62:cb:33:a8:e1:26: 08:f3:3a:53:69:55:72:7f:4f:a0:fb:39:72:29:e0: 53:d3:f3:ec:99:b8:71:88:08:8b:72:24:03:89:46: ae:e7:cc:22:95:bd:1c:3b:00:4c:90:24:f1:70:e4: 30:fb:15:b8:0b:c9:04:7b:5e:d3:ce:be:75:cd:70: da:83:6b:7e:a5:d5:ce:64:28:c7:cd:83:91:60:c1: 39:ab:d4:c6:3e:b7:06:6b:4c:c6:6b:70:13:93:08: e8:75:35:e5:04:b3:42:12:e2:ea:46:62:65:16:6d: 18:e7:59:f7:5e:c0:0a:d0:be:7c:39:2a:53:85:73: 38:da:5a:84:30:0f:3e:43:2a:c3:b3:3e:05:78:1f: d4:be:03:b8:d7:ba:a6:8d:b0:0c:b3:cf:6a:4a:2d: 35:32:1d:0b:fd:96:cd:c8:91:9e:aa:2e:b8:fe:8e: af:d0:e5:a0:07:fd:a0:a2:1f:48:c3:b0:df:a8:00: d2:2c:b8:75:46:e8:5c:5b:ae:f7:11:68:2b:ed:7c: 8b:39:ae:97:b3:da:68:47:b6:23:d6:89:13:10:49: ed:09:5a:94:5f:2b:6a:f9:07:66:77:a8:24:44:70: 2f:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:9F:F2:DD:5F:BA:77:0B:85:AB:02:42:7F:4E:9A:09:A3:1A:E2:41 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142854.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0cc::/32 Signature Algorithm: sha256WithRSAEncryption 2c:76:41:7b:e4:1b:3c:25:5b:58:c4:ed:d9:2d:5e:62:26:83: a8:b3:53:97:a9:fa:aa:31:74:65:f3:1c:2a:67:67:f1:96:60: 21:1e:15:8f:5c:7a:e3:36:e5:7c:03:f7:31:90:fd:d7:f9:50: fd:1c:0f:be:a5:06:53:9f:f0:35:8d:ba:27:72:a5:46:40:1d: ae:47:25:dc:71:d7:6c:10:aa:b3:75:56:96:e7:4f:a8:b0:d0: 8d:42:6f:61:2f:83:67:e5:5b:76:d7:b2:18:4a:d0:8d:ab:20: 4c:1c:3e:19:b0:43:62:d0:eb:35:39:e9:c8:f3:0f:08:af:b6: 44:f9:f4:51:53:10:4d:51:7e:a9:05:b4:f3:66:db:f1:f3:0d: 9c:6b:4f:7f:53:5e:3b:3c:af:a9:60:55:2c:17:9b:5c:69:e9: c1:b1:7e:78:75:72:61:21:de:95:62:eb:e4:9d:80:59:a5:d9: 97:d4:08:41:12:49:f5:86:29:da:9d:da:df:bb:ec:4f:39:88: b9:ee:6e:16:c0:a8:db:2c:ce:0b:68:76:4a:f2:22:14:21:6b: b1:ff:0e:0c:34:be:54:dc:97:49:00:6b:81:5f:2d:df:7c:aa: aa:1c:e5:d7:49:74:7d:c8:0d:49:21:ec:c0:a7:26:00:33:2a: 80:17:19:30 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUehjWlYR+so1YH2ckoOh/wiAGNLQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEzOVoX DTI3MDMwMzA2MDYzOVowMzExMC8GA1UEAxMoRDQ5RkYyREQ1RkJBNzcwQjg1QUIw MjQyN0Y0RTlBMDlBMzFBRTI0MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJmdIudCf26yNETR1OmPnH90QD5JTxw3YsszqOEmCPM6U2lVcn9PoPs5cing U9Pz7Jm4cYgIi3IkA4lGrufMIpW9HDsATJAk8XDkMPsVuAvJBHte086+dc1w2oNr fqXVzmQox82DkWDBOavUxj63BmtMxmtwE5MI6HU15QSzQhLi6kZiZRZtGOdZ917A CtC+fDkqU4VzONpahDAPPkMqw7M+BXgf1L4DuNe6po2wDLPPakotNTIdC/2WzciR nqouuP6Or9DloAf9oKIfSMOw36gA0iy4dUboXFuu9xFoK+18izmul7PaaEe2I9aJ ExBJ7QlalF8ravkHZneoJERwL38CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTUn/Ld X7p3C4WrAkJ/TpoJoxriQTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjg1NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oMwwDQYJKoZIhvcNAQELBQADggEBACx2QXvkGzwlW1jE7dktXmImg6izU5ep+qox dGXzHCpnZ/GWYCEeFY9ceuM25XwD9zGQ/df5UP0cD76lBlOf8DWNuidypUZAHa5H Jdxx12wQqrN1VpbnT6iw0I1Cb2Evg2flW3bXshhK0I2rIEwcPhmwQ2LQ6zU56cjz DwivtkT59FFTEE1RfqkFtPNm2/HzDZxrT39TXjs8r6lgVSwXm1xp6cGxfnh1cmEh 3pVi6+SdgFml2ZfUCEESSfWGKdqd2t+77E85iLnubhbAqNsszgtodkryIhQha7H/ Dgw0vlTcl0kAa4FfLd98qqoc5ddJdH3IDUkh7MCnJgAzKoAXGTA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:39 2026 by rpki-client