$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142894.roa File: AS142894.roa (raw, json) Hash identifier: IXHsu0vYFNN9sjHaNnVzZ9nrKCHyz/uZCb8B1Y6p/Xk= Subject key identifier: 64:14:12:4D:43:4A:47:AF:5E:E9:73:BE:13:62:36:BF:81:F5:34:FE Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 170ABF863BA676CD3E1208E0AC95321FF0B3D5FE Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142894.roa Signing time: Wed 04 Mar 2026 06:07:52 +0000 ROA not before: Wed 04 Mar 2026 06:02:52 +0000 ROA not after: Wed 03 Mar 2027 06:07:52 +0000 asID: 142894 IP address blocks: 240a:a0f4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:0a:bf:86:3b:a6:76:cd:3e:12:08:e0:ac:95:32:1f:f0:b3:d5:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:52 2026 GMT Not After : Mar 3 06:07:52 2027 GMT Subject: CN=6414124D434A47AF5EE973BE136236BF81F534FE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:e1:57:6a:a4:dc:74:2a:4b:57:49:f4:7c:81: c9:2c:95:18:fa:aa:ef:cf:9d:c9:ef:8d:4d:32:eb: 24:71:8d:99:84:fe:5d:4a:d4:79:d5:92:12:4d:9b: 56:04:b0:b0:fa:83:f9:d9:f8:54:17:93:d3:36:14: 95:f8:fc:22:b1:ee:85:4c:da:94:10:8e:d1:08:80: b3:34:a8:59:95:9e:3b:08:db:65:75:3a:e1:fa:6a: 4f:e1:b0:08:40:7e:02:84:be:14:98:80:fd:ab:f2: 34:78:a3:bd:8a:f9:de:3d:85:8b:97:7a:49:c5:02: e3:97:ce:d3:d9:c9:fb:b2:de:b7:f0:dd:0a:3a:04: 40:a7:ab:f1:8c:5a:72:23:22:eb:cf:3d:7d:35:6a: 3a:e9:6d:ce:5d:67:f0:c9:92:d8:52:b7:a4:9f:cb: ee:68:be:1f:a9:09:d3:21:df:39:0f:dd:fc:00:f2: 9b:99:c6:13:65:21:ee:18:b2:33:3e:be:af:3e:e3: 3c:4e:bb:a8:24:57:fa:5c:a9:83:73:40:6b:4c:ed: f8:cf:69:5d:04:90:ac:c5:10:3f:06:af:f3:f2:3d: b0:88:dd:43:58:c4:ec:84:eb:1f:87:84:b0:8d:0b: 09:f6:7a:3b:89:91:20:72:34:f2:08:5a:63:59:4c: 16:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:14:12:4D:43:4A:47:AF:5E:E9:73:BE:13:62:36:BF:81:F5:34:FE X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142894.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0f4::/32 Signature Algorithm: sha256WithRSAEncryption b0:2a:89:a9:86:40:51:b4:aa:15:f4:3e:66:55:d8:72:0c:0a: da:29:31:1e:3b:ae:a3:c1:71:92:c1:b6:67:fe:b3:da:c2:ef: eb:1b:2b:36:fc:c8:f2:cf:b7:f6:d9:60:6f:6c:47:9f:51:16: 84:81:dc:9f:6f:f0:e0:89:86:53:53:47:ab:56:30:bd:66:50: f1:8e:33:3d:35:cf:2e:c4:d3:8f:f7:bc:47:e8:29:65:5a:4e: c7:00:fb:6a:12:64:a2:76:cd:2e:93:b7:2e:af:2b:c5:0c:e0: d4:3f:5a:cd:b5:69:26:35:f1:03:18:86:3e:18:b5:a8:f4:b4: 53:56:57:7c:87:8a:2a:95:54:c0:35:e4:0d:ca:e6:f2:4a:08: a5:02:98:af:b6:c5:93:f9:cc:a9:09:7a:61:60:4d:67:61:c4: 62:c2:8a:68:19:4a:d4:2a:67:45:57:ee:9a:35:2d:ab:2d:e9: d4:da:de:28:0c:4d:ca:33:65:e6:63:6f:f5:1d:56:bc:c3:95: a5:c6:c6:10:9a:87:7f:b5:83:e8:e8:a3:06:23:7e:7a:14:4f: dd:81:b5:5d:26:42:97:aa:8e:6d:6b:dc:92:c8:d7:23:5a:61: b7:b5:63:73:91:5d:a6:58:b6:75:16:ee:94:a4:80:d9:b7:70: 57:e6:cd:9b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFwq/hjumds0+EgjgrJUyH/Cz1f4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI1MloX DTI3MDMwMzA2MDc1MlowMzExMC8GA1UEAxMoNjQxNDEyNEQ0MzRBNDdBRjVFRTk3 M0JFMTM2MjM2QkY4MUY1MzRGRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANPhV2qk3HQqS1dJ9HyBySyVGPqq78+dye+NTTLrJHGNmYT+XUrUedWSEk2b VgSwsPqD+dn4VBeT0zYUlfj8IrHuhUzalBCO0QiAszSoWZWeOwjbZXU64fpqT+Gw CEB+AoS+FJiA/avyNHijvYr53j2Fi5d6ScUC45fO09nJ+7Let/DdCjoEQKer8Yxa ciMi6889fTVqOultzl1n8MmS2FK3pJ/L7mi+H6kJ0yHfOQ/d/ADym5nGE2Uh7hiy Mz6+rz7jPE67qCRX+lypg3NAa0zt+M9pXQSQrMUQPwav8/I9sIjdQ1jE7ITrH4eE sI0LCfZ6O4mRIHI08ghaY1lMFsMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRkFBJN Q0pHr17pc74TYja/gfU0/jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjg5NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oPQwDQYJKoZIhvcNAQELBQADggEBALAqiamGQFG0qhX0PmZV2HIMCtopMR47rqPB cZLBtmf+s9rC7+sbKzb8yPLPt/bZYG9sR59RFoSB3J9v8OCJhlNTR6tWML1mUPGO Mz01zy7E04/3vEfoKWVaTscA+2oSZKJ2zS6Tty6vK8UM4NQ/Ws21aSY18QMYhj4Y taj0tFNWV3yHiiqVVMA15A3K5vJKCKUCmK+2xZP5zKkJemFgTWdhxGLCimgZStQq Z0VX7po1Last6dTa3igMTcozZeZjb/UdVrzDlaXGxhCah3+1g+joowYjfnoUT92B tV0mQpeqjm1r3JLI1yNaYbe1Y3ORXaZYtnUW7pSkgNm3cFfmzZs= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:48 2026 by rpki-client