$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142889.roa File: AS142889.roa (raw, json) Hash identifier: 3pBnqhs/6d0VbJiZLbVJp602UMcCdeG/EuuqnlZQ3Pc= Subject key identifier: A9:BE:F0:D6:7B:51:35:FA:7A:B1:0A:EC:13:C1:98:C1:D1:96:6A:BC Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 51D0BB0D972B7BF75A228BA9415CB06D542D9AEA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142889.roa Signing time: Wed 04 Mar 2026 06:07:02 +0000 ROA not before: Wed 04 Mar 2026 06:02:02 +0000 ROA not after: Wed 03 Mar 2027 06:07:02 +0000 asID: 142889 IP address blocks: 240a:a0ef::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:d0:bb:0d:97:2b:7b:f7:5a:22:8b:a9:41:5c:b0:6d:54:2d:9a:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:02 2026 GMT Not After : Mar 3 06:07:02 2027 GMT Subject: CN=A9BEF0D67B5135FA7AB10AEC13C198C1D1966ABC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:0e:01:0b:a8:f1:b4:d0:22:8e:0b:58:a7:9e: 1d:b1:b3:66:4c:f2:06:89:bc:fb:88:39:98:34:27: 72:66:d0:00:8a:80:38:e1:f5:83:33:28:bc:9c:f1: d6:89:93:19:4a:c5:1a:b1:cb:12:24:85:9e:98:75: 2a:55:aa:94:93:15:00:79:a4:b9:ab:78:9c:cb:0a: d3:9b:a4:ca:99:88:9d:20:63:76:3e:c3:be:7f:45: d6:84:2f:46:2a:8f:ad:34:51:6f:43:3d:1d:5b:58: ad:60:5e:31:af:d0:3b:05:ef:81:29:ce:31:b6:3e: ea:cd:64:0d:37:dd:be:0d:0e:9b:50:a8:c2:34:36: 21:08:2c:52:4c:38:20:0d:c4:2d:8b:2f:07:64:a9: 6e:36:01:68:87:bf:31:2d:af:42:f9:87:3d:ce:b5: 76:77:5f:95:39:b6:8b:db:67:dc:48:f4:ca:a9:40: bc:76:4b:ad:e5:17:37:46:44:d4:ef:d0:ac:cd:f4: be:e8:78:ba:e0:49:a1:0e:b3:25:07:63:f2:ad:71: 38:4e:a4:97:6e:c4:16:86:36:cf:2b:d7:3d:5b:fb: 17:74:ec:ae:12:4c:f1:70:54:72:19:8f:f5:ef:4c: 3d:82:82:e1:06:79:0f:b9:37:39:fa:7f:9a:66:31: 7f:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:BE:F0:D6:7B:51:35:FA:7A:B1:0A:EC:13:C1:98:C1:D1:96:6A:BC X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142889.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0ef::/32 Signature Algorithm: sha256WithRSAEncryption 2d:20:28:1d:ca:cc:3c:27:f1:90:48:96:bd:ee:19:40:eb:cc: 31:c8:26:13:b5:6c:31:fb:c1:d6:39:ce:68:69:39:79:04:1c: fa:6c:4e:f4:e5:d6:39:55:fd:b0:6f:b5:d7:be:81:1c:42:08: 97:c3:4d:08:68:b6:ee:0e:64:ac:a3:00:64:ad:37:b0:11:d4: d6:74:d6:05:15:d6:d3:4a:e5:e7:bb:9f:14:b1:29:35:d0:77: 4f:f3:02:58:91:42:2a:79:3e:20:20:65:ee:38:68:f3:9d:24: 70:12:00:1c:60:fb:30:bb:87:9d:1c:34:b0:73:1c:8b:72:7d: 75:bc:6f:ec:6a:82:9c:65:22:5b:9b:76:9e:61:4d:33:31:4d: 12:2d:98:65:2a:4c:6d:90:57:c9:04:21:3c:de:ef:10:37:43: 13:09:4c:ea:b3:c2:50:36:6f:f8:06:dc:0d:91:09:bc:19:1d: 95:e8:cd:70:6a:84:2a:67:a0:36:72:5e:1f:8c:9e:37:cd:88: 89:15:cf:f6:21:14:5d:1c:5f:b6:c2:2a:2d:9e:8e:f0:81:e7: 67:a1:7f:a1:cb:1b:78:c9:fc:e5:e3:88:22:87:cd:25:1a:f3: 8b:ae:7a:39:0a:27:57:f5:02:d6:64:ed:1d:b8:87:f4:c2:34: 61:b0:52:ce -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUUdC7DZcre/daIoupQVywbVQtmuowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIwMloX DTI3MDMwMzA2MDcwMlowMzExMC8GA1UEAxMoQTlCRUYwRDY3QjUxMzVGQTdBQjEw QUVDMTNDMTk4QzFEMTk2NkFCQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOgOAQuo8bTQIo4LWKeeHbGzZkzyBom8+4g5mDQncmbQAIqAOOH1gzMovJzx 1omTGUrFGrHLEiSFnph1KlWqlJMVAHmkuat4nMsK05ukypmInSBjdj7Dvn9F1oQv RiqPrTRRb0M9HVtYrWBeMa/QOwXvgSnOMbY+6s1kDTfdvg0Om1CowjQ2IQgsUkw4 IA3ELYsvB2SpbjYBaIe/MS2vQvmHPc61dndflTm2i9tn3Ej0yqlAvHZLreUXN0ZE 1O/QrM30vuh4uuBJoQ6zJQdj8q1xOE6kl27EFoY2zyvXPVv7F3TsrhJM8XBUchmP 9e9MPYKC4QZ5D7k3Ofp/mmYxf4sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSpvvDW e1E1+nqxCuwTwZjB0ZZqvDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjg4OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oO8wDQYJKoZIhvcNAQELBQADggEBAC0gKB3KzDwn8ZBIlr3uGUDrzDHIJhO1bDH7 wdY5zmhpOXkEHPpsTvTl1jlV/bBvtde+gRxCCJfDTQhotu4OZKyjAGStN7AR1NZ0 1gUV1tNK5ee7nxSxKTXQd0/zAliRQip5PiAgZe44aPOdJHASABxg+zC7h50cNLBz HItyfXW8b+xqgpxlIlubdp5hTTMxTRItmGUqTG2QV8kEITze7xA3QxMJTOqzwlA2 b/gG3A2RCbwZHZXozXBqhCpnoDZyXh+MnjfNiIkVz/YhFF0cX7bCKi2ejvCB52eh f6HLG3jJ/OXjiCKHzSUa84uuejkKJ1f1AtZk7R24h/TCNGGwUs4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:09 2026 by rpki-client