$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142897.roa File: AS142897.roa (raw, json) Hash identifier: 9a7rN7L3P7ETDu9cxJoqZTmqzoIyyiJcZmx9SkaB8Gc= Subject key identifier: 22:3F:79:23:A1:64:79:1A:63:F3:59:3D:00:B3:2C:7B:2D:E5:C5:0A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1014BDCFB1C3A024530D0A93BFFB2D6C1F021785 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142897.roa Signing time: Wed 04 Mar 2026 06:07:31 +0000 ROA not before: Wed 04 Mar 2026 06:02:31 +0000 ROA not after: Wed 03 Mar 2027 06:07:31 +0000 asID: 142897 IP address blocks: 240a:a0f7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:14:bd:cf:b1:c3:a0:24:53:0d:0a:93:bf:fb:2d:6c:1f:02:17:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:31 2026 GMT Not After : Mar 3 06:07:31 2027 GMT Subject: CN=223F7923A164791A63F3593D00B32C7B2DE5C50A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:a4:cc:df:e6:d4:78:64:7e:ab:53:f8:c4:6e: ab:1f:31:5d:b9:29:47:66:07:83:0d:e3:f2:ab:4d: bb:5f:4e:2a:36:33:56:c0:ef:79:ba:ee:45:7e:c3: 42:77:f4:ea:48:a2:81:17:76:b5:80:65:14:19:f6: 2a:d0:f7:fd:02:3b:78:8f:2c:01:77:f0:db:3b:02: fb:66:99:0c:ee:a8:40:a7:40:8b:a5:db:38:84:25: 60:63:79:56:a9:82:36:40:65:58:bf:64:53:1a:0d: 68:e2:ac:74:be:2d:d2:ef:96:92:62:04:8e:a7:93: 81:ce:ae:af:e5:95:65:98:13:84:d5:b7:e4:4e:33: b6:f0:e7:3e:44:89:f8:44:52:77:5b:70:66:aa:47: 27:82:28:bc:13:63:c6:90:c8:f1:e5:df:b3:16:c5: 5f:8a:b9:b4:8b:fe:d4:03:c4:dc:58:16:ee:b2:6b: ed:75:b8:05:24:ac:53:bd:6f:d9:c7:ad:a9:a4:48: 0f:26:9e:94:3f:3f:ba:a4:6e:80:b5:c7:9f:ee:57: 22:78:bb:5d:78:3f:7a:7f:3a:f2:98:30:70:05:5e: b0:fe:ef:d5:ce:a6:ec:c5:73:26:77:51:03:d3:37: 19:55:50:f4:c5:ee:ba:eb:da:01:a5:32:0f:53:5a: 87:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:3F:79:23:A1:64:79:1A:63:F3:59:3D:00:B3:2C:7B:2D:E5:C5:0A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142897.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0f7::/32 Signature Algorithm: sha256WithRSAEncryption 58:12:56:d9:11:7d:66:3f:8b:33:e0:87:c1:ba:dd:44:5f:d8: de:75:37:9d:a1:40:94:b0:a8:57:bf:84:8a:da:eb:8f:7a:6d: 1e:cd:ea:3b:dd:ba:25:68:ab:d1:03:fa:05:44:7a:90:43:cf: 75:5a:63:3f:16:80:d0:21:e9:41:11:91:11:00:02:8f:39:a9: 55:98:e8:99:10:15:af:94:16:97:7a:89:df:3a:ac:6b:71:13: 11:1c:27:a9:68:74:50:6c:5f:ca:5f:8f:d5:d6:de:62:e4:f7: 5c:a6:ea:75:2b:17:da:70:66:3e:00:26:54:4d:40:06:c5:99: b3:95:d2:33:50:7b:67:39:a3:48:c5:70:71:75:5c:13:ba:94: 0a:17:38:05:c7:ff:b2:85:2c:9a:01:b4:9b:d8:05:2b:ec:24: aa:09:6f:e3:d3:2d:07:12:f0:dd:2d:a8:9e:d0:72:39:50:87: 34:09:a3:37:6d:24:6d:5f:9b:1d:77:41:38:d4:67:a7:23:9e: cc:11:9f:e3:44:28:58:ba:d3:33:27:d7:14:39:ee:9b:2c:71: 19:62:23:2b:5d:c8:0a:78:0d:b7:88:25:4e:6b:b9:49:7e:0c: e8:5d:0a:9e:68:10:01:5a:58:51:17:26:bb:6e:b4:d5:f3:5b: 41:47:8c:5f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUEBS9z7HDoCRTDQqTv/stbB8CF4UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIzMVoX DTI3MDMwMzA2MDczMVowMzExMC8GA1UEAxMoMjIzRjc5MjNBMTY0NzkxQTYzRjM1 OTNEMDBCMzJDN0IyREU1QzUwQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALekzN/m1HhkfqtT+MRuqx8xXbkpR2YHgw3j8qtNu19OKjYzVsDvebruRX7D Qnf06kiigRd2tYBlFBn2KtD3/QI7eI8sAXfw2zsC+2aZDO6oQKdAi6XbOIQlYGN5 VqmCNkBlWL9kUxoNaOKsdL4t0u+WkmIEjqeTgc6ur+WVZZgThNW35E4ztvDnPkSJ +ERSd1twZqpHJ4IovBNjxpDI8eXfsxbFX4q5tIv+1APE3FgW7rJr7XW4BSSsU71v 2cetqaRIDyaelD8/uqRugLXHn+5XIni7XXg/en868pgwcAVesP7v1c6m7MVzJndR A9M3GVVQ9MXuuuvaAaUyD1Nah/UCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQiP3kj oWR5GmPzWT0Asyx7LeXFCjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjg5Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oPcwDQYJKoZIhvcNAQELBQADggEBAFgSVtkRfWY/izPgh8G63URf2N51N52hQJSw qFe/hIra6496bR7N6jvduiVoq9ED+gVEepBDz3VaYz8WgNAh6UERkREAAo85qVWY 6JkQFa+UFpd6id86rGtxExEcJ6lodFBsX8pfj9XW3mLk91ym6nUrF9pwZj4AJlRN QAbFmbOV0jNQe2c5o0jFcHF1XBO6lAoXOAXH/7KFLJoBtJvYBSvsJKoJb+PTLQcS 8N0tqJ7QcjlQhzQJozdtJG1fmx13QTjUZ6cjnswRn+NEKFi60zMn1xQ57psscRli IytdyAp4DbeIJU5ruUl+DOhdCp5oEAFaWFEXJrtutNXzW0FHjF8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:16 2026 by rpki-client