$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142873.roa File: AS142873.roa (raw, json) Hash identifier: +APSzsbehdsZcs2obml7SNUuf6J9E70DKk50lfSbB8E= Subject key identifier: 11:59:33:17:77:2B:47:9D:DF:26:FB:FA:CC:CC:DD:ED:6C:9D:32:FF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 24173F18443BAA231DFC33E67E1DB7422434ECD3 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142873.roa Signing time: Wed 04 Mar 2026 06:05:22 +0000 ROA not before: Wed 04 Mar 2026 06:00:22 +0000 ROA not after: Wed 03 Mar 2027 06:05:22 +0000 asID: 142873 IP address blocks: 240a:a0df::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:17:3f:18:44:3b:aa:23:1d:fc:33:e6:7e:1d:b7:42:24:34:ec:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:22 2026 GMT Not After : Mar 3 06:05:22 2027 GMT Subject: CN=11593317772B479DDF26FBFACCCCDDED6C9D32FF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:ea:fa:cd:23:d5:30:97:fd:d5:a7:53:bc:ad: fa:ea:d9:80:38:5c:a2:f0:28:91:c0:ef:9e:69:41: 44:ad:fc:1d:97:e4:d2:46:eb:cf:ee:93:a9:5c:87: 61:a5:c8:ca:7f:96:21:21:0d:fc:2e:30:7c:00:7d: 56:9f:18:a0:f2:bc:ac:39:a2:bc:c9:15:ff:54:08: cc:de:ba:45:fc:77:59:ce:49:eb:92:8a:85:c9:12: 07:b3:8a:c6:b3:a3:fb:6a:88:73:78:4e:03:d7:31: d5:10:ee:cd:17:45:47:3c:8f:b9:9b:8c:fb:a5:05: c3:c7:ef:a1:9d:f4:71:2a:36:29:7a:9a:ba:7b:57: 23:0f:69:b6:a5:8c:27:ce:0c:01:2d:98:cd:aa:6e: 7c:bd:d3:24:83:c5:ea:d1:50:d0:2e:a6:86:31:9d: 80:5f:f0:88:04:57:9f:6b:a3:ce:a2:d4:93:d1:24: dc:f5:bf:62:f5:23:dc:b4:a4:25:50:14:93:b7:3d: 77:4f:c9:e2:82:89:38:8c:c7:6e:90:02:1e:55:33: 23:22:70:5c:c3:38:8d:62:0e:1c:ae:8c:5e:b6:39: 6f:8f:e7:df:42:6e:2b:e5:5f:1f:31:1b:1f:c7:f1: b1:2e:18:69:ef:39:bf:2c:e4:b7:7d:f3:46:6a:40: ef:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:59:33:17:77:2B:47:9D:DF:26:FB:FA:CC:CC:DD:ED:6C:9D:32:FF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142873.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0df::/32 Signature Algorithm: sha256WithRSAEncryption 7d:9a:2a:d5:ec:58:e6:f9:9a:c8:e1:3a:0b:ac:14:37:c9:76: bf:60:f8:81:7d:97:3e:61:66:78:28:f1:cb:d6:49:c1:fb:cd: ca:26:e7:ff:ac:83:e7:76:ce:74:0a:55:12:f1:03:7a:35:a1: 09:e5:8d:33:b7:c4:d1:ec:32:d5:b0:19:c5:67:cb:c5:45:84: 9e:3e:73:c1:bd:42:33:f9:31:3e:26:1a:2d:4c:11:c9:c3:3d: dc:24:84:6a:95:47:7f:26:0b:0c:d7:13:d4:76:36:b7:4c:96: 91:37:3d:9e:e2:f4:08:05:bb:57:98:1e:ea:a0:c8:99:61:eb: 4a:fb:71:e9:82:cf:5f:00:f0:8e:eb:a9:b7:ec:8d:6e:ef:b7: 4b:1b:73:4b:b8:78:23:58:22:1e:42:8e:d5:49:74:83:fc:ef: 2e:b4:b6:2a:aa:38:4d:bf:bc:d8:c2:d4:ac:6c:f9:e0:08:69: b1:c0:3c:9c:80:83:82:20:1f:bf:87:82:ab:9a:96:04:55:b2: f2:67:e0:3a:44:b2:9c:fc:65:c3:99:9b:35:6a:2b:d7:83:c5: 87:e8:9c:aa:cc:c3:b3:ce:f8:67:24:14:f2:71:53:6a:6b:f0: 23:30:b8:97:ed:17:cc:40:c8:ea:b9:34:41:ad:0b:e0:35:11: 9d:fb:b3:16 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJBc/GEQ7qiMd/DPmfh23QiQ07NMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAyMloX DTI3MDMwMzA2MDUyMlowMzExMC8GA1UEAxMoMTE1OTMzMTc3NzJCNDc5RERGMjZG QkZBQ0NDQ0RERUQ2QzlEMzJGRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALjq+s0j1TCX/dWnU7yt+urZgDhcovAokcDvnmlBRK38HZfk0kbrz+6TqVyH YaXIyn+WISEN/C4wfAB9Vp8YoPK8rDmivMkV/1QIzN66Rfx3Wc5J65KKhckSB7OK xrOj+2qIc3hOA9cx1RDuzRdFRzyPuZuM+6UFw8fvoZ30cSo2KXqauntXIw9ptqWM J84MAS2YzapufL3TJIPF6tFQ0C6mhjGdgF/wiARXn2ujzqLUk9Ek3PW/YvUj3LSk JVAUk7c9d0/J4oKJOIzHbpACHlUzIyJwXMM4jWIOHK6MXrY5b4/n30JuK+VfHzEb H8fxsS4Yae85vyzkt33zRmpA778CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQRWTMX dytHnd8m+/rMzN3tbJ0y/zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjg3My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oN8wDQYJKoZIhvcNAQELBQADggEBAH2aKtXsWOb5msjhOgusFDfJdr9g+IF9lz5h Zngo8cvWScH7zcom5/+sg+d2znQKVRLxA3o1oQnljTO3xNHsMtWwGcVny8VFhJ4+ c8G9QjP5MT4mGi1MEcnDPdwkhGqVR38mCwzXE9R2NrdMlpE3PZ7i9AgFu1eYHuqg yJlh60r7cemCz18A8I7rqbfsjW7vt0sbc0u4eCNYIh5CjtVJdIP87y60tiqqOE2/ vNjC1Kxs+eAIabHAPJyAg4IgH7+HgqualgRVsvJn4DpEspz8ZcOZmzVqK9eDxYfo nKrMw7PO+GckFPJxU2pr8CMwuJftF8xAyOq5NEGtC+A1EZ37sxY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:45 2026 by rpki-client