$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142893.roa File: AS142893.roa (raw, json) Hash identifier: FJaXWFeg267meYdkq0LCEySE6jk0t8Vp83ag8CkSA/k= Subject key identifier: 2E:76:D3:11:B7:6F:8D:C3:25:07:5E:72:4B:D2:AF:AB:59:11:E2:4F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0BFD87E41497985CE328C2B6858D8DD54966C801 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142893.roa Signing time: Wed 04 Mar 2026 06:05:20 +0000 ROA not before: Wed 04 Mar 2026 06:00:20 +0000 ROA not after: Wed 03 Mar 2027 06:05:20 +0000 asID: 142893 IP address blocks: 240a:a0f3::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:fd:87:e4:14:97:98:5c:e3:28:c2:b6:85:8d:8d:d5:49:66:c8:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:20 2026 GMT Not After : Mar 3 06:05:20 2027 GMT Subject: CN=2E76D311B76F8DC325075E724BD2AFAB5911E24F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:26:33:fd:bd:7c:9a:ab:60:8c:7e:af:a6:33: f6:0d:67:5e:54:68:23:c8:22:73:c4:42:a9:8c:30: 49:64:dd:1a:96:a1:3b:ff:c7:8f:c0:5c:02:39:0c: 7e:fc:07:57:8d:50:23:82:35:4a:f3:73:02:de:f7: 24:fe:f3:0a:f6:95:83:c0:17:14:e2:f7:22:75:4c: f1:9c:03:ad:5c:74:43:7a:72:7b:09:05:fd:e3:6b: 86:f0:c5:95:c4:f6:2e:ee:eb:57:9e:ad:71:9d:69: cf:77:5b:47:ce:4e:38:80:57:41:86:c6:5f:aa:68: 68:8a:76:c9:f8:6d:96:4a:cf:8d:0a:d2:de:ed:3b: e1:f6:fd:0d:09:c0:c0:fe:1b:f0:ff:64:a1:f0:85: da:9f:22:e8:2a:aa:9e:d8:79:27:f0:30:e2:a8:d5: c9:67:ca:35:e3:ae:77:85:83:56:14:0e:36:c7:0f: 4e:b9:66:01:df:ed:e4:08:0a:b3:2f:e9:69:bd:00: 62:e8:fe:1d:11:76:31:4a:9d:2d:b1:e4:c9:0e:e9: 6f:44:15:e6:39:93:7d:3e:f9:ca:88:0f:49:c0:f4: 5b:1d:86:94:80:31:ff:1f:9c:5f:50:9b:2f:d2:d2: 45:9f:4f:5a:c8:50:88:d0:fd:d5:71:f9:12:71:eb: be:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:76:D3:11:B7:6F:8D:C3:25:07:5E:72:4B:D2:AF:AB:59:11:E2:4F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142893.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0f3::/32 Signature Algorithm: sha256WithRSAEncryption 9e:c4:7a:21:66:ff:54:0b:d0:81:d2:83:4c:f9:11:be:3d:b0: d9:4f:cd:de:cc:c4:8e:13:77:b0:bb:89:02:a8:4d:70:6d:ea: 68:df:45:ad:e7:a0:4d:64:67:e0:a8:0b:95:c7:8b:22:29:7e: 7b:0d:4b:86:28:af:02:8b:66:52:af:ef:74:52:4d:92:a5:ca: 12:99:9d:5a:19:df:9b:35:68:5e:6e:8e:74:f1:94:95:a1:13: fe:f0:ba:47:94:73:77:ec:ea:9e:17:76:0d:7e:89:ef:3a:29: 54:cc:92:97:7f:b0:7a:33:89:80:77:5e:e0:c0:e8:36:cc:c0: d4:eb:df:0f:33:0f:94:24:d2:e6:26:f5:44:86:67:6b:41:4d: 3e:8a:92:a8:ce:50:f3:c4:8f:2b:fe:74:ad:5f:ec:92:35:2a: 80:9e:26:c3:76:a7:1b:94:8c:ce:4a:4d:7c:76:1e:bf:8a:24: d3:56:50:71:c9:44:e4:cb:9e:a5:6f:68:f4:0c:6e:ad:75:e2: 38:29:2d:ab:27:9b:34:31:c8:e6:3c:4a:42:0e:98:85:84:4e: 53:bc:ac:d1:70:2b:7c:c7:5a:ea:5a:f5:ba:dd:bd:e1:87:e0: 7d:d4:90:0b:db:c6:6a:9d:6e:c4:f6:90:13:1a:be:ae:3a:33: 62:16:80:ba -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUC/2H5BSXmFzjKMK2hY2N1UlmyAEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAyMFoX DTI3MDMwMzA2MDUyMFowMzExMC8GA1UEAxMoMkU3NkQzMTFCNzZGOERDMzI1MDc1 RTcyNEJEMkFGQUI1OTExRTI0RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN4mM/29fJqrYIx+r6Yz9g1nXlRoI8gic8RCqYwwSWTdGpahO//Hj8BcAjkM fvwHV41QI4I1SvNzAt73JP7zCvaVg8AXFOL3InVM8ZwDrVx0Q3pyewkF/eNrhvDF lcT2Lu7rV56tcZ1pz3dbR85OOIBXQYbGX6poaIp2yfhtlkrPjQrS3u074fb9DQnA wP4b8P9kofCF2p8i6Cqqnth5J/Aw4qjVyWfKNeOud4WDVhQONscPTrlmAd/t5AgK sy/pab0AYuj+HRF2MUqdLbHkyQ7pb0QV5jmTfT75yogPScD0Wx2GlIAx/x+cX1Cb L9LSRZ9PWshQiND91XH5EnHrvnMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQudtMR t2+NwyUHXnJL0q+rWRHiTzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjg5My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oPMwDQYJKoZIhvcNAQELBQADggEBAJ7EeiFm/1QL0IHSg0z5Eb49sNlPzd7MxI4T d7C7iQKoTXBt6mjfRa3noE1kZ+CoC5XHiyIpfnsNS4YorwKLZlKv73RSTZKlyhKZ nVoZ35s1aF5ujnTxlJWhE/7wukeUc3fs6p4Xdg1+ie86KVTMkpd/sHoziYB3XuDA 6DbMwNTr3w8zD5Qk0uYm9USGZ2tBTT6KkqjOUPPEjyv+dK1f7JI1KoCeJsN2pxuU jM5KTXx2Hr+KJNNWUHHJROTLnqVvaPQMbq114jgpLasnmzQxyOY8SkIOmIWETlO8 rNFwK3zHWupa9brdveGH4H3UkAvbxmqdbsT2kBMavq46M2IWgLo= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:06 2026 by rpki-client