$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142902.roa File: AS142902.roa (raw, json) Hash identifier: ssWQqzQQEgx4NqQ4BbedpKe88XbY3HCJSuPNLXOcbYo= Subject key identifier: CF:28:23:D7:46:22:93:60:16:35:52:57:AC:28:27:94:80:14:82:B4 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1E4775F797F4F0D6F435CE0CE0201DB3AA3D8EAD Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142902.roa Signing time: Wed 04 Mar 2026 06:07:16 +0000 ROA not before: Wed 04 Mar 2026 06:02:16 +0000 ROA not after: Wed 03 Mar 2027 06:07:16 +0000 asID: 142902 IP address blocks: 240a:a0fc::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:47:75:f7:97:f4:f0:d6:f4:35:ce:0c:e0:20:1d:b3:aa:3d:8e:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:16 2026 GMT Not After : Mar 3 06:07:16 2027 GMT Subject: CN=CF2823D74622936016355257AC282794801482B4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:1d:29:8b:bb:2d:f4:53:38:1b:e8:2c:e2:2d: b6:70:8b:26:33:b1:5f:21:c0:24:b7:cb:66:68:58: 75:11:7f:33:9e:c0:68:0b:e4:83:ea:83:8a:e1:fe: 0e:f3:0e:35:e8:80:4f:fb:89:c7:b7:40:20:8c:f2: c2:30:12:03:84:ed:4b:54:71:89:74:f3:f0:88:53: d1:83:29:5c:a5:11:65:b0:c6:06:63:0f:9e:d7:5e: d9:30:ff:99:42:6c:25:27:f9:c1:4d:81:ad:8c:e4: cb:05:f0:52:41:e7:0e:a6:02:73:70:3c:1c:38:5e: 67:87:86:3f:c3:15:d5:94:91:4b:4a:e1:fd:83:1f: d0:4b:1d:62:f1:52:48:d0:1e:0f:83:a1:7a:6a:11: db:a3:75:f0:80:1b:c8:c3:f1:e6:f3:3b:19:d9:6f: d9:b0:58:5d:63:56:e1:7b:7b:22:a7:d1:46:59:a8: 34:aa:55:9a:9e:5b:13:e6:16:3a:37:f6:50:94:00: 26:ec:36:29:70:b7:64:db:3a:cd:7a:d4:32:c5:15: f5:1b:e6:06:61:40:76:30:be:91:18:84:b5:bc:c3: dc:28:6c:d0:80:cf:ca:68:9a:11:83:5b:9f:1e:d1: 5a:58:16:1a:e7:fd:d8:9a:64:72:5f:b7:91:ed:99: 34:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:28:23:D7:46:22:93:60:16:35:52:57:AC:28:27:94:80:14:82:B4 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142902.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0fc::/32 Signature Algorithm: sha256WithRSAEncryption 7b:4a:fa:bb:96:01:6c:7a:12:e8:f0:2e:84:86:0f:5a:72:96: 73:64:52:82:53:a6:23:18:44:2f:ac:2f:7a:01:ad:af:35:df: 6a:15:e5:b0:21:09:2e:f6:25:c4:44:c3:54:6a:3f:fd:03:ba: e6:6a:95:3d:6c:33:c4:7d:8a:5d:25:f4:9e:52:61:75:45:45: 08:04:8d:cf:46:2f:bc:dc:fb:d9:10:20:ba:29:54:77:0a:ec: c1:6e:43:33:c5:ea:2b:04:b3:90:10:97:69:98:c3:76:a5:67: e6:09:64:1b:18:c5:42:66:ab:25:f0:e9:f7:74:58:e1:ee:1d: dd:c5:1a:ba:ad:df:63:b0:61:d7:a3:2d:1c:24:18:34:f6:d5: 87:49:8d:6a:5b:f5:8c:f4:f2:3a:1f:8b:98:14:2b:ec:5e:df: c3:ff:35:2f:8e:7b:a5:35:45:02:e6:9f:fc:02:48:8a:02:77: 72:16:02:8d:7d:71:47:2d:2f:96:9e:31:d8:ae:5a:3a:ca:aa: d6:e9:47:ab:04:16:56:92:93:5c:1f:62:a2:db:e3:35:22:78: 9f:c4:41:df:ce:7d:42:5c:41:d1:4d:30:1e:e2:83:4a:38:1f: 7d:eb:29:f8:98:54:59:d3:cb:6c:f3:5c:2a:0a:58:ab:07:21: 7b:6a:da:9c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUHkd195f08Nb0Nc4M4CAds6o9jq0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIxNloX DTI3MDMwMzA2MDcxNlowMzExMC8GA1UEAxMoQ0YyODIzRDc0NjIyOTM2MDE2MzU1 MjU3QUMyODI3OTQ4MDE0ODJCNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJwdKYu7LfRTOBvoLOIttnCLJjOxXyHAJLfLZmhYdRF/M57AaAvkg+qDiuH+ DvMONeiAT/uJx7dAIIzywjASA4TtS1RxiXTz8IhT0YMpXKURZbDGBmMPntde2TD/ mUJsJSf5wU2BrYzkywXwUkHnDqYCc3A8HDheZ4eGP8MV1ZSRS0rh/YMf0EsdYvFS SNAeD4OhemoR26N18IAbyMPx5vM7Gdlv2bBYXWNW4Xt7IqfRRlmoNKpVmp5bE+YW Ojf2UJQAJuw2KXC3ZNs6zXrUMsUV9RvmBmFAdjC+kRiEtbzD3Chs0IDPymiaEYNb nx7RWlgWGuf92Jpkcl+3ke2ZNOcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTPKCPX RiKTYBY1UlesKCeUgBSCtDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjkwMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oPwwDQYJKoZIhvcNAQELBQADggEBAHtK+ruWAWx6EujwLoSGD1pylnNkUoJTpiMY RC+sL3oBra8132oV5bAhCS72JcREw1RqP/0DuuZqlT1sM8R9il0l9J5SYXVFRQgE jc9GL7zc+9kQILopVHcK7MFuQzPF6isEs5AQl2mYw3alZ+YJZBsYxUJmqyXw6fd0 WOHuHd3FGrqt32OwYdejLRwkGDT21YdJjWpb9Yz08jofi5gUK+xe38P/NS+Oe6U1 RQLmn/wCSIoCd3IWAo19cUctL5aeMdiuWjrKqtbpR6sEFlaSk1wfYqLb4zUieJ/E Qd/OfUJcQdFNMB7ig0o4H33rKfiYVFnTy2zzXCoKWKsHIXtq2pw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:21 2026 by rpki-client