$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142856.roa File: AS142856.roa (raw, json) Hash identifier: wCNEm2kECAsUnGaJctctXCmapDk1lGHtV2mXnAA67nM= Subject key identifier: 2B:17:38:3B:0D:D9:D8:8E:22:EC:D6:87:55:2E:51:2F:E6:D4:A1:B6 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0F85AD215E284FBC0EED3381FD3D9F9CB050AD03 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142856.roa Signing time: Wed 04 Mar 2026 06:05:23 +0000 ROA not before: Wed 04 Mar 2026 06:00:23 +0000 ROA not after: Wed 03 Mar 2027 06:05:23 +0000 asID: 142856 IP address blocks: 240a:a0ce::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:85:ad:21:5e:28:4f:bc:0e:ed:33:81:fd:3d:9f:9c:b0:50:ad:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:23 2026 GMT Not After : Mar 3 06:05:23 2027 GMT Subject: CN=2B17383B0DD9D88E22ECD687552E512FE6D4A1B6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:7e:8c:d4:99:c0:57:33:9e:fb:f3:1e:c7:cc: 69:02:ef:9d:81:51:62:5a:d2:ad:2a:f7:e5:27:85: 5c:59:8e:9c:94:20:6b:69:52:45:c4:23:87:09:9a: ab:e9:c1:96:c6:4e:5b:d7:2c:0e:bd:d2:82:f7:b4: 5a:8e:e4:ab:55:a3:58:6c:12:9e:61:1d:7d:d9:b8: 27:d1:ac:4f:c0:de:b9:25:ee:2d:d5:66:ec:2d:df: 2f:b5:9c:d5:af:40:5e:78:a2:88:a6:58:ce:1b:05: b7:ae:c3:ab:4b:3f:02:44:58:bf:73:1b:fc:07:2e: ef:10:6b:14:54:26:f5:98:dc:fc:18:4d:fc:cc:eb: 06:c3:90:af:b4:65:3c:a4:cd:25:e3:1f:c4:34:0d: fb:45:87:84:7d:ae:82:f1:8e:ef:5c:e2:3b:86:78: c5:f8:1c:17:92:cc:16:be:06:e8:ae:33:0a:4c:fd: e3:35:a9:fd:ea:1b:bb:83:59:17:05:06:e1:a1:f5: 0a:4a:d3:3f:bc:c4:87:0d:41:3c:d2:00:49:ab:6a: aa:b6:29:ab:0c:d1:3b:7b:d4:bf:47:8c:9a:94:9f: cc:d3:f3:04:f1:df:86:0c:3b:88:cb:f8:74:80:99: 1f:f7:bb:ee:8b:00:4d:d4:f0:b9:3e:c9:0c:ee:fb: dd:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:17:38:3B:0D:D9:D8:8E:22:EC:D6:87:55:2E:51:2F:E6:D4:A1:B6 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142856.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0ce::/32 Signature Algorithm: sha256WithRSAEncryption a3:bd:cd:4f:19:80:b9:c9:6a:b4:9b:53:de:05:ec:73:ec:1e: 3c:01:65:22:e3:d4:dc:8a:8d:20:5b:ad:23:33:09:f1:f0:1f: 72:08:84:63:93:56:5a:e6:1b:f6:86:38:21:f0:1f:23:43:68: 00:93:cd:54:19:07:2d:05:57:96:32:80:04:27:62:e4:85:ea: b5:5b:09:72:95:6e:79:89:c5:48:99:8d:44:c1:3f:d0:01:23: 6c:50:12:a0:1d:d2:cc:f0:1a:0a:b0:c0:7c:ab:a5:9f:d5:e9: d2:d4:4f:72:49:b1:82:1e:f7:7f:d8:e8:de:df:d0:fd:1e:e4: d6:54:c7:4a:79:bb:8c:f0:bb:13:89:08:99:0d:6b:3c:d9:67: 7e:bc:52:55:f9:14:63:54:db:18:eb:bd:40:7e:b3:3e:f7:39: de:3b:6c:1f:a9:a0:33:9d:28:23:e3:d8:95:20:24:ba:68:48: d6:81:9a:a3:26:d3:75:1e:81:af:fb:4b:3b:e5:2f:cc:43:26: 76:d6:e7:e5:72:ed:dc:d6:c2:0e:55:d0:14:34:39:b5:e1:b4: 21:b5:4e:78:ad:4d:5f:08:11:48:22:62:0e:c3:0a:42:03:b5: ca:69:bb:09:d1:6c:97:ce:04:37:a9:e7:e2:05:18:78:df:2d: 8d:a5:7f:c6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUD4WtIV4oT7wO7TOB/T2fnLBQrQMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAyM1oX DTI3MDMwMzA2MDUyM1owMzExMC8GA1UEAxMoMkIxNzM4M0IwREQ5RDg4RTIyRUNE Njg3NTUyRTUxMkZFNkQ0QTFCNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMR+jNSZwFcznvvzHsfMaQLvnYFRYlrSrSr35SeFXFmOnJQga2lSRcQjhwma q+nBlsZOW9csDr3Sgve0Wo7kq1WjWGwSnmEdfdm4J9GsT8DeuSXuLdVm7C3fL7Wc 1a9AXniiiKZYzhsFt67Dq0s/AkRYv3Mb/Acu7xBrFFQm9Zjc/BhN/MzrBsOQr7Rl PKTNJeMfxDQN+0WHhH2ugvGO71ziO4Z4xfgcF5LMFr4G6K4zCkz94zWp/eobu4NZ FwUG4aH1CkrTP7zEhw1BPNIASatqqrYpqwzRO3vUv0eMmpSfzNPzBPHfhgw7iMv4 dICZH/e77osATdTwuT7JDO773VsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQrFzg7 DdnYjiLs1odVLlEv5tShtjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjg1Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oM4wDQYJKoZIhvcNAQELBQADggEBAKO9zU8ZgLnJarSbU94F7HPsHjwBZSLj1NyK jSBbrSMzCfHwH3IIhGOTVlrmG/aGOCHwHyNDaACTzVQZBy0FV5YygAQnYuSF6rVb CXKVbnmJxUiZjUTBP9ABI2xQEqAd0szwGgqwwHyrpZ/V6dLUT3JJsYIe93/Y6N7f 0P0e5NZUx0p5u4zwuxOJCJkNazzZZ368UlX5FGNU2xjrvUB+sz73Od47bB+poDOd KCPj2JUgJLpoSNaBmqMm03Uega/7SzvlL8xDJnbW5+Vy7dzWwg5V0BQ0ObXhtCG1 TnitTV8IEUgiYg7DCkIDtcppuwnRbJfOBDep5+IFGHjfLY2lf8Y= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:35 2026 by rpki-client