$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142868.roa File: AS142868.roa (raw, json) Hash identifier: +uGZZPnpvxAniLhHKFxZXF3fEhL7ATyigpI45t9oXGY= Subject key identifier: A6:5A:36:3A:DC:6C:A2:ED:7A:77:D6:13:65:E6:5A:F7:DB:EA:8B:3C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2EB76CA67906B7EC6BC4E4150A0DDBD85C80E6DC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142868.roa Signing time: Wed 04 Mar 2026 06:06:12 +0000 ROA not before: Wed 04 Mar 2026 06:01:12 +0000 ROA not after: Wed 03 Mar 2027 06:06:12 +0000 asID: 142868 IP address blocks: 240a:a0da::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:b7:6c:a6:79:06:b7:ec:6b:c4:e4:15:0a:0d:db:d8:5c:80:e6:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:12 2026 GMT Not After : Mar 3 06:06:12 2027 GMT Subject: CN=A65A363ADC6CA2ED7A77D61365E65AF7DBEA8B3C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:e9:5e:67:22:c3:0a:a3:96:39:cf:15:69:c6: 96:05:67:bf:b3:d9:d1:1a:23:2c:fb:71:e6:77:b0: e3:63:a4:88:2b:6a:f4:ce:33:96:ae:9b:ee:88:4d: 06:8e:66:70:41:f8:73:e0:27:64:af:d3:fe:a8:e6: f1:e7:83:eb:52:f3:47:81:17:ee:4e:94:84:0f:75: b1:a0:ab:30:05:de:8a:24:a0:e4:ac:64:6c:d3:bd: 9f:de:fe:d8:66:8f:02:63:95:75:6f:1f:d4:80:bd: 42:46:33:00:38:a6:bb:8c:e4:ff:8e:5e:32:87:db: f0:8b:aa:09:b5:7e:ff:38:31:98:3c:c9:f8:5c:99: 75:be:67:af:bc:5a:62:e7:33:fc:67:5f:9a:2e:8e: 61:cd:30:2f:d7:e7:9c:59:85:bd:e5:9d:ac:b2:84: 47:5b:85:c5:59:d1:a2:b0:38:03:52:1e:87:d1:24: 3e:6f:36:cb:bc:73:aa:a0:a9:9e:c3:67:e4:8e:b2: ee:f7:9d:b9:57:a5:dd:e6:91:dc:29:62:38:9d:fe: d9:e8:c1:27:40:4f:68:d6:c7:f7:af:1f:46:f4:4a: 14:e6:5a:5d:e3:2a:d6:99:60:fd:ff:ad:b8:1a:52: 9d:d0:22:ff:4b:ab:23:3c:f8:a6:06:43:4c:ec:86: 8a:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:5A:36:3A:DC:6C:A2:ED:7A:77:D6:13:65:E6:5A:F7:DB:EA:8B:3C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142868.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0da::/32 Signature Algorithm: sha256WithRSAEncryption 07:f4:7a:1c:27:fa:f9:a6:8b:d6:56:4c:89:34:cb:b5:52:61: bb:64:9b:b1:2b:d6:55:03:90:e7:e6:e6:5b:31:8a:a4:ea:b1: 66:37:6e:d7:d4:69:3d:4f:ce:84:64:af:2f:72:c0:2d:47:0a: f4:87:4c:18:d5:95:c0:ce:80:51:03:12:7d:14:7d:c7:cc:16: c9:23:21:82:36:9a:b7:98:95:a5:88:8b:8f:22:aa:4c:52:b4: 5b:83:81:e2:56:eb:f8:74:75:09:99:62:e0:5a:d0:77:75:6f: 45:cf:47:fe:a6:4f:3e:52:bf:21:f0:4d:b5:a3:e3:85:1c:02: e5:40:94:db:29:e3:ad:aa:a6:fc:a1:89:8f:12:db:1c:38:35: c6:df:43:0e:8a:56:c0:12:d6:46:9a:47:3d:f4:3a:f6:99:0a: 38:62:cd:95:ae:47:71:af:5c:b8:d4:21:ba:8f:b8:68:9e:6d: d3:b2:a9:17:38:80:3d:58:27:89:ef:3b:40:e4:5b:47:64:f0: 9a:3f:c3:ca:d3:d2:c3:15:89:4a:b9:06:3a:28:cc:d3:5c:b2: 89:67:38:e6:ef:21:fa:9c:4f:11:bc:7c:f7:62:96:e5:70:ce: 93:14:28:fc:7f:47:3d:6e:bd:68:8d:6a:7d:19:32:f7:b7:44: 64:8e:23:21 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULrdspnkGt+xrxOQVCg3b2FyA5twwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDExMloX DTI3MDMwMzA2MDYxMlowMzExMC8GA1UEAxMoQTY1QTM2M0FEQzZDQTJFRDdBNzdE NjEzNjVFNjVBRjdEQkVBOEIzQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKfpXmciwwqjljnPFWnGlgVnv7PZ0RojLPtx5new42OkiCtq9M4zlq6b7ohN Bo5mcEH4c+AnZK/T/qjm8eeD61LzR4EX7k6UhA91saCrMAXeiiSg5KxkbNO9n97+ 2GaPAmOVdW8f1IC9QkYzADimu4zk/45eMofb8IuqCbV+/zgxmDzJ+FyZdb5nr7xa Yucz/Gdfmi6OYc0wL9fnnFmFveWdrLKER1uFxVnRorA4A1Ieh9EkPm82y7xzqqCp nsNn5I6y7veduVel3eaR3CliOJ3+2ejBJ0BPaNbH968fRvRKFOZaXeMq1plg/f+t uBpSndAi/0urIzz4pgZDTOyGimUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSmWjY6 3Gyi7Xp31hNl5lr32+qLPDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjg2OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oNowDQYJKoZIhvcNAQELBQADggEBAAf0ehwn+vmmi9ZWTIk0y7VSYbtkm7Er1lUD kOfm5lsxiqTqsWY3btfUaT1PzoRkry9ywC1HCvSHTBjVlcDOgFEDEn0UfcfMFskj IYI2mreYlaWIi48iqkxStFuDgeJW6/h0dQmZYuBa0Hd1b0XPR/6mTz5SvyHwTbWj 44UcAuVAlNsp462qpvyhiY8S2xw4NcbfQw6KVsAS1kaaRz30OvaZCjhizZWuR3Gv XLjUIbqPuGiebdOyqRc4gD1YJ4nvO0DkW0dk8Jo/w8rT0sMViUq5BjoozNNcsoln OObvIfqcTxG8fPdiluVwzpMUKPx/Rz1uvWiNan0ZMve3RGSOIyE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:45 2026 by rpki-client