$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142867.roa File: AS142867.roa (raw, json) Hash identifier: WMQgrs/qUrfZT6GsTschrmhlu5nGUoLq66ik2mG+qaY= Subject key identifier: 73:30:47:9F:A5:FD:69:A7:94:2A:D1:FB:65:5C:C2:C9:5E:DA:FE:CF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7B685753645CFEF816FFB8670AD60BF89D85ED0E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142867.roa Signing time: Wed 04 Mar 2026 06:07:33 +0000 ROA not before: Wed 04 Mar 2026 06:02:33 +0000 ROA not after: Wed 03 Mar 2027 06:07:33 +0000 asID: 142867 IP address blocks: 240a:a0d9::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:68:57:53:64:5c:fe:f8:16:ff:b8:67:0a:d6:0b:f8:9d:85:ed:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:33 2026 GMT Not After : Mar 3 06:07:33 2027 GMT Subject: CN=7330479FA5FD69A7942AD1FB655CC2C95EDAFECF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:1e:b5:dd:b1:5d:28:87:41:2f:08:66:fd:0d: 52:37:22:d4:ba:68:56:e7:5d:14:ef:08:ef:29:a6: 7c:b5:63:64:ad:21:d0:aa:de:a3:a0:60:94:0a:bc: a5:73:ed:0b:c5:d3:92:38:fb:2d:52:ef:35:ce:f3: a2:82:5d:63:a9:8c:30:3e:09:52:13:c3:97:92:64: 7e:ac:ff:19:e6:f0:02:39:c6:c7:ae:fe:d5:ca:e4: 4c:b9:16:51:e3:ed:96:e1:52:af:5d:03:19:85:6e: 72:e1:f8:d8:e8:93:d6:b9:2b:a0:6d:c9:d8:d9:68: 2f:75:b0:6d:a1:fe:15:70:f4:22:c5:23:45:b9:ff: ea:fe:fa:e0:8e:89:91:78:c2:76:76:62:5d:b4:ed: 72:54:15:a0:64:42:36:54:70:9b:2b:88:2e:d7:39: 2e:3e:f3:bc:05:c0:aa:02:3f:09:35:1d:de:5c:f0: 55:da:05:1c:83:59:c1:47:e6:66:0d:70:4a:13:62: 32:71:9d:b5:40:a9:e9:c5:43:57:c0:10:9f:10:77: b4:c6:5e:7d:e4:e0:a4:bd:27:08:f8:ec:4d:05:1e: a1:ef:be:e5:05:a6:f8:d5:2a:f9:ff:cc:9c:c0:27: ff:48:08:b6:52:bf:06:da:63:a4:84:c2:bc:39:d8: 47:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:30:47:9F:A5:FD:69:A7:94:2A:D1:FB:65:5C:C2:C9:5E:DA:FE:CF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142867.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0d9::/32 Signature Algorithm: sha256WithRSAEncryption 02:d9:a9:8d:cd:b1:38:36:97:c4:07:b5:27:de:1e:3d:80:52: 5c:aa:47:39:3f:71:ef:0a:99:ff:8b:22:00:54:09:cf:52:a6: 02:29:04:7c:dc:b8:b2:89:58:7f:4a:70:54:db:cb:64:68:b2: ad:61:52:7f:7f:c5:fa:6d:4a:28:bd:d4:07:bc:ea:63:8f:4e: da:28:e8:d3:65:b8:08:74:3e:70:3b:24:1b:20:b6:be:6d:76: b0:60:a1:5f:de:af:96:79:35:e1:f3:30:22:ab:de:02:85:b4: 40:ee:60:c8:0b:77:6f:29:cf:8d:21:b4:ce:87:67:81:f0:ea: 05:56:9f:cf:61:c0:b5:ad:0c:7a:33:2a:9e:5e:fe:cd:6b:8c: 6b:a8:4d:1a:08:85:90:bb:25:2f:08:cb:71:49:de:f6:6a:28: 4a:c4:03:11:77:ba:c6:19:d3:d6:fa:74:10:6c:af:8d:23:fd: ab:1b:3e:b8:c1:d4:37:7e:97:6a:5c:09:fd:bf:92:47:c0:c2: fb:db:bb:23:02:08:e3:44:51:aa:7c:38:9c:ac:a6:3b:96:42: 3a:05:ce:69:8e:dc:a4:bf:a0:34:ff:c1:42:c2:b2:1b:b2:e7: fc:f2:92:2d:3c:62:62:be:8b:a5:ed:93:b3:c1:e8:a9:50:2c: c0:0e:db:8d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUe2hXU2Rc/vgW/7hnCtYL+J2F7Q4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIzM1oX DTI3MDMwMzA2MDczM1owMzExMC8GA1UEAxMoNzMzMDQ3OUZBNUZENjlBNzk0MkFE MUZCNjU1Q0MyQzk1RURBRkVDRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANgetd2xXSiHQS8IZv0NUjci1LpoVuddFO8I7ymmfLVjZK0h0Kreo6BglAq8 pXPtC8XTkjj7LVLvNc7zooJdY6mMMD4JUhPDl5Jkfqz/GebwAjnGx67+1crkTLkW UePtluFSr10DGYVucuH42OiT1rkroG3J2NloL3WwbaH+FXD0IsUjRbn/6v764I6J kXjCdnZiXbTtclQVoGRCNlRwmyuILtc5Lj7zvAXAqgI/CTUd3lzwVdoFHINZwUfm Zg1wShNiMnGdtUCp6cVDV8AQnxB3tMZefeTgpL0nCPjsTQUeoe++5QWm+NUq+f/M nMAn/0gItlK/BtpjpITCvDnYR5ECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRzMEef pf1pp5Qq0ftlXMLJXtr+zzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjg2Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oNkwDQYJKoZIhvcNAQELBQADggEBAALZqY3NsTg2l8QHtSfeHj2AUlyqRzk/ce8K mf+LIgBUCc9SpgIpBHzcuLKJWH9KcFTby2Rosq1hUn9/xfptSii91Ae86mOPTtoo 6NNluAh0PnA7JBsgtr5tdrBgoV/er5Z5NeHzMCKr3gKFtEDuYMgLd28pz40htM6H Z4Hw6gVWn89hwLWtDHozKp5e/s1rjGuoTRoIhZC7JS8Iy3FJ3vZqKErEAxF3usYZ 09b6dBBsr40j/asbPrjB1Dd+l2pcCf2/kkfAwvvbuyMCCONEUap8OJyspjuWQjoF zmmO3KS/oDT/wULCshuy5/zyki08YmK+i6Xtk7PB6KlQLMAO240= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:40 2026 by rpki-client