$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142876.roa File: AS142876.roa (raw, json) Hash identifier: fAGswykpr/A0RjISzaEdOmsZHh3PB88WEWud6O3rg7I= Subject key identifier: 25:A6:F7:8D:18:35:FE:6E:AB:15:4E:BB:7E:1C:31:01:CB:48:FA:C6 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3A7EB4C8F726DCE6B05E52237624482BA2109602 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142876.roa Signing time: Wed 04 Mar 2026 06:07:55 +0000 ROA not before: Wed 04 Mar 2026 06:02:55 +0000 ROA not after: Wed 03 Mar 2027 06:07:55 +0000 asID: 142876 IP address blocks: 240a:a0e2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:7e:b4:c8:f7:26:dc:e6:b0:5e:52:23:76:24:48:2b:a2:10:96:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:55 2026 GMT Not After : Mar 3 06:07:55 2027 GMT Subject: CN=25A6F78D1835FE6EAB154EBB7E1C3101CB48FAC6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:2d:4f:e1:a8:68:51:54:b0:d1:30:ce:09:1a: ca:be:93:46:2d:3a:39:c8:04:ee:21:a2:ec:97:d1: 81:b8:1b:50:d2:bc:a7:b8:4c:fa:ee:69:5a:f2:3f: 30:3e:de:42:e6:50:76:f6:d0:ef:c9:78:2e:25:a3: a0:15:17:d3:9c:30:1d:79:3e:4b:4b:21:8e:cc:8f: 50:b6:a3:f4:a3:54:65:c6:3c:a9:30:15:ee:af:5d: a1:04:ef:a9:2a:4a:10:ed:f5:da:8f:38:f0:b3:0c: 22:42:b9:a3:25:d6:dd:a9:11:bc:3c:e0:5c:60:c0: 05:14:26:30:8d:3f:9b:70:4e:60:07:d9:5e:12:42: b3:46:ee:22:02:39:b1:92:87:27:5c:0e:f4:dc:a6: 81:45:3d:fb:57:bc:22:d6:59:52:46:01:6d:5b:d7: 44:7b:03:8e:3b:e8:4c:ea:4e:66:e2:c2:3c:17:a0: d4:02:e6:69:a1:56:aa:c4:9d:94:88:46:f7:a5:19: 71:a8:78:f1:da:ef:58:e9:3f:e8:b0:47:e6:fb:ea: 3c:e7:4b:8a:dd:10:c6:24:13:0e:58:91:2b:c1:83: 0d:26:5b:60:20:9a:f5:83:64:a4:2f:e8:c2:36:b9: bc:01:f7:1a:47:83:3f:e2:c9:94:14:31:ab:87:39: 94:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:A6:F7:8D:18:35:FE:6E:AB:15:4E:BB:7E:1C:31:01:CB:48:FA:C6 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142876.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0e2::/32 Signature Algorithm: sha256WithRSAEncryption a2:36:bd:09:25:3e:41:c6:4b:e3:8c:eb:bc:2a:f8:e1:04:14: e3:ed:b6:bd:69:27:75:4b:7e:a9:7f:40:44:5f:8e:81:60:61: 9f:73:e1:a3:3a:81:e9:47:b7:0e:a9:4b:75:98:8a:08:c5:8a: e8:a3:57:f8:2f:0c:5a:be:a7:34:44:fe:87:55:1c:30:f0:26: 96:d2:45:47:eb:05:33:bb:6f:6c:e2:a4:fc:96:f4:92:40:2c: 89:65:d1:d4:68:c0:9c:c8:25:79:97:bf:83:ee:bc:e1:08:ab: b5:9e:47:7a:3c:a8:52:ed:b8:aa:e6:0b:e9:23:79:71:73:78: c8:54:bd:39:57:22:8d:87:db:bc:5d:5a:d0:04:0f:ad:70:5d: b8:59:88:cb:9c:47:70:6e:70:13:9c:5f:a3:9b:d7:a7:ea:4b: 77:a2:3a:d7:d3:a7:37:60:fe:15:28:46:cd:11:96:d6:96:e7: 53:06:6a:7e:d1:61:9b:01:b8:dd:ea:02:e8:0c:3b:a6:33:c7: 87:9b:a6:1b:59:97:cc:af:da:13:f5:d6:25:ce:ea:cc:b7:b0: 0a:cf:31:13:5b:a1:c8:c5:ba:0f:c8:77:8a:fb:28:89:d1:b1: 1e:27:c5:f3:86:23:71:b1:64:82:30:3a:b2:6c:8e:58:1e:ca: 90:22:18:c4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUOn60yPcm3OawXlIjdiRIK6IQlgIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI1NVoX DTI3MDMwMzA2MDc1NVowMzExMC8GA1UEAxMoMjVBNkY3OEQxODM1RkU2RUFCMTU0 RUJCN0UxQzMxMDFDQjQ4RkFDNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL4tT+GoaFFUsNEwzgkayr6TRi06OcgE7iGi7JfRgbgbUNK8p7hM+u5pWvI/ MD7eQuZQdvbQ78l4LiWjoBUX05wwHXk+S0shjsyPULaj9KNUZcY8qTAV7q9doQTv qSpKEO312o848LMMIkK5oyXW3akRvDzgXGDABRQmMI0/m3BOYAfZXhJCs0buIgI5 sZKHJ1wO9NymgUU9+1e8ItZZUkYBbVvXRHsDjjvoTOpOZuLCPBeg1ALmaaFWqsSd lIhG96UZcah48drvWOk/6LBH5vvqPOdLit0QxiQTDliRK8GDDSZbYCCa9YNkpC/o wja5vAH3GkeDP+LJlBQxq4c5lKECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQlpveN GDX+bqsVTrt+HDEBy0j6xjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjg3Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oOIwDQYJKoZIhvcNAQELBQADggEBAKI2vQklPkHGS+OM67wq+OEEFOPttr1pJ3VL fql/QERfjoFgYZ9z4aM6gelHtw6pS3WYigjFiuijV/gvDFq+pzRE/odVHDDwJpbS RUfrBTO7b2zipPyW9JJALIll0dRowJzIJXmXv4PuvOEIq7WeR3o8qFLtuKrmC+kj eXFzeMhUvTlXIo2H27xdWtAED61wXbhZiMucR3BucBOcX6Ob16fqS3eiOtfTpzdg /hUoRs0RltaW51MGan7RYZsBuN3qAugMO6Yzx4ebphtZl8yv2hP11iXO6sy3sArP MRNbocjFug/Id4r7KInRsR4nxfOGI3GxZIIwOrJsjlgeypAiGMQ= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:59 2026 by rpki-client