$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142900.roa File: AS142900.roa (raw, json) Hash identifier: LKnjpsRXcFC2im+VGONnOsyf8wNn4s8DGx8LlSAZ2aw= Subject key identifier: C9:29:6C:0F:58:00:4A:AD:4E:F5:6B:6C:11:C7:42:C1:A4:D4:E3:3A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 177FB7D629A0D51C8A0188A01BE616DB93B93339 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142900.roa Signing time: Wed 04 Mar 2026 06:07:13 +0000 ROA not before: Wed 04 Mar 2026 06:02:13 +0000 ROA not after: Wed 03 Mar 2027 06:07:13 +0000 asID: 142900 IP address blocks: 240a:a0fa::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:7f:b7:d6:29:a0:d5:1c:8a:01:88:a0:1b:e6:16:db:93:b9:33:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:13 2026 GMT Not After : Mar 3 06:07:13 2027 GMT Subject: CN=C9296C0F58004AAD4EF56B6C11C742C1A4D4E33A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:75:e2:cf:19:b2:eb:bd:27:98:e5:53:d5:fb: bd:86:52:fc:88:47:4b:f0:bb:16:21:2d:ec:cf:68: b5:e9:a5:f6:07:de:a9:4b:e1:42:38:97:f9:c5:49: 17:3f:fb:96:08:99:80:d1:98:e9:6e:27:b2:2f:aa: 8a:43:37:94:7e:7f:ab:15:f3:83:8c:dd:be:09:cc: 55:25:9d:94:7b:3c:75:77:d7:6e:2d:8e:74:15:cb: fd:58:2d:c5:33:e6:c0:7c:4a:bc:4c:1b:91:fb:d1: 3c:11:44:30:c7:51:be:d7:b4:f3:e2:3e:e3:17:9b: 6f:ae:cb:9a:ac:0d:2a:df:7f:af:dd:de:77:fa:14: 8a:ed:45:d4:8a:49:f7:e3:77:66:6f:a1:ed:9f:71: 3f:d4:0c:13:5f:23:d3:67:39:b0:0a:7b:47:a5:90: ae:aa:a1:82:d5:9a:b7:30:c7:a4:96:db:5c:bb:de: a2:99:0f:95:9e:c3:9a:90:34:9b:2c:b6:a4:06:29: 19:07:dc:ca:b4:7d:df:50:bf:8c:06:90:4b:d2:e9: 3c:d7:fd:a6:78:19:49:da:c0:ac:17:ac:d4:c8:c3: 3b:b3:5c:1d:6e:3a:23:9e:7d:25:23:c5:7a:84:bb: 53:9e:af:a1:40:fc:5d:54:af:03:01:0a:9e:f7:e1: 04:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:29:6C:0F:58:00:4A:AD:4E:F5:6B:6C:11:C7:42:C1:A4:D4:E3:3A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142900.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0fa::/32 Signature Algorithm: sha256WithRSAEncryption 66:44:05:8f:d8:a5:02:28:d4:9f:a8:6a:4e:06:e4:de:29:c9: b7:28:6b:70:7b:0f:71:87:95:9f:08:2a:5d:3d:b5:6d:32:3e: 71:24:f5:ac:ad:5c:63:d7:7e:bc:21:1e:69:b6:7d:38:b9:68: 25:a1:ec:3a:5c:45:56:6d:9f:7b:6b:a5:2f:75:56:30:7d:53: 95:8b:1d:06:ac:18:62:73:76:76:7d:63:5d:1f:eb:14:61:a4: 5f:bd:f6:bf:fc:12:85:97:46:fb:ab:af:2c:b3:5e:78:15:be: b8:7b:ff:44:f0:9e:30:5a:dd:13:83:60:f0:5c:8c:57:58:9f: ab:18:32:ab:c6:fc:07:6b:cc:1b:e7:17:b3:11:0d:39:4b:cf: cc:8f:40:df:34:1e:c1:a8:0f:45:af:5b:a8:62:a6:c2:10:1c: 55:d0:f1:03:27:a8:86:63:57:fe:cf:92:16:84:57:e0:e3:23: b0:9d:75:8c:b9:65:c3:21:30:40:79:64:29:94:57:4b:d7:fe: d5:20:3f:93:6b:45:40:6d:a5:a1:ba:94:95:d8:d6:83:77:a7: 8e:04:47:cf:54:71:64:59:ac:6c:a2:6a:58:3a:c8:d7:d3:72: 3f:88:9a:99:d8:f8:1f:3a:8a:b7:c2:3c:e4:27:f7:c7:90:22: 8f:85:d4:7d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUF3+31img1RyKAYigG+YW25O5MzkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIxM1oX DTI3MDMwMzA2MDcxM1owMzExMC8GA1UEAxMoQzkyOTZDMEY1ODAwNEFBRDRFRjU2 QjZDMTFDNzQyQzFBNEQ0RTMzQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPZ14s8Zsuu9J5jlU9X7vYZS/IhHS/C7FiEt7M9oteml9gfeqUvhQjiX+cVJ Fz/7lgiZgNGY6W4nsi+qikM3lH5/qxXzg4zdvgnMVSWdlHs8dXfXbi2OdBXL/Vgt xTPmwHxKvEwbkfvRPBFEMMdRvte08+I+4xebb67LmqwNKt9/r93ed/oUiu1F1IpJ 9+N3Zm+h7Z9xP9QME18j02c5sAp7R6WQrqqhgtWatzDHpJbbXLveopkPlZ7DmpA0 myy2pAYpGQfcyrR931C/jAaQS9LpPNf9pngZSdrArBes1MjDO7NcHW46I559JSPF eoS7U56voUD8XVSvAwEKnvfhBCsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTJKWwP WABKrU71a2wRx0LBpNTjOjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjkwMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oPowDQYJKoZIhvcNAQELBQADggEBAGZEBY/YpQIo1J+oak4G5N4pybcoa3B7D3GH lZ8IKl09tW0yPnEk9aytXGPXfrwhHmm2fTi5aCWh7DpcRVZtn3trpS91VjB9U5WL HQasGGJzdnZ9Y10f6xRhpF+99r/8EoWXRvurryyzXngVvrh7/0TwnjBa3RODYPBc jFdYn6sYMqvG/AdrzBvnF7MRDTlLz8yPQN80HsGoD0WvW6hipsIQHFXQ8QMnqIZj V/7PkhaEV+DjI7CddYy5ZcMhMEB5ZCmUV0vX/tUgP5NrRUBtpaG6lJXY1oN3p44E R89UcWRZrGyialg6yNfTcj+ImpnY+B86irfCPOQn98eQIo+F1H0= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:35 2026 by rpki-client