$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142903.roa File: AS142903.roa (raw, json) Hash identifier: /880ybNypyX5/M8HKYJYZdVeUaU156U3GHrqPSrtCfs= Subject key identifier: 1C:1E:BD:18:A8:1B:4E:34:EC:22:3A:C7:76:92:00:46:4A:D6:39:0E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5A1B592CEA824695A37D5EAF7CD7E298B9DDC213 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142903.roa Signing time: Wed 04 Mar 2026 06:07:15 +0000 ROA not before: Wed 04 Mar 2026 06:02:15 +0000 ROA not after: Wed 03 Mar 2027 06:07:15 +0000 asID: 142903 IP address blocks: 240a:a0fd::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:1b:59:2c:ea:82:46:95:a3:7d:5e:af:7c:d7:e2:98:b9:dd:c2:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:15 2026 GMT Not After : Mar 3 06:07:15 2027 GMT Subject: CN=1C1EBD18A81B4E34EC223AC7769200464AD6390E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:60:d6:b4:f0:97:d0:e3:80:3d:a6:5b:e1:0c: f2:52:59:43:40:1f:e5:93:6b:7e:df:27:e1:99:fe: ab:52:e0:ce:c2:0d:b1:b5:bd:89:31:ae:ba:ec:6c: 87:5f:28:4c:d5:f2:fa:9a:7c:d7:78:d0:a3:ee:cb: c2:3b:39:ef:22:45:b7:12:9b:24:cb:2c:f0:f8:65: 06:84:e7:74:6b:d0:94:43:90:2d:1e:dc:fd:95:08: d6:6c:cf:72:14:de:64:3d:8d:93:3e:d9:42:78:cf: c6:fe:78:0b:e2:72:64:b5:4b:a3:e1:10:f5:50:08: 21:5f:3f:d8:36:18:f9:8c:a2:0a:0f:f1:9f:af:ad: cc:d6:9b:92:b1:34:81:97:3b:97:b1:26:32:86:90: 5a:ff:27:1b:d1:ae:95:43:cc:5e:a7:67:8a:ae:77: 51:11:d8:68:f6:8c:3c:7e:f9:4e:52:86:32:cb:77: b3:38:11:94:7b:63:9a:c5:77:d4:40:a4:6d:dd:5a: 47:6c:d6:f0:c1:32:2a:ea:8a:5a:a3:3e:da:90:a4: 1b:88:f8:21:7a:5d:e3:51:2e:27:f1:26:a6:5e:8f: 41:b0:fa:39:57:7f:a4:da:be:eb:61:b6:50:84:02: e5:53:55:64:89:32:67:43:20:55:ea:c4:c1:76:46: 0f:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:1E:BD:18:A8:1B:4E:34:EC:22:3A:C7:76:92:00:46:4A:D6:39:0E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142903.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a0fd::/32 Signature Algorithm: sha256WithRSAEncryption 35:9e:84:47:aa:3f:73:e6:c0:2d:17:f2:14:5c:b0:50:0b:cd: 2b:a7:e8:2e:51:b8:fc:96:95:65:d6:2f:b6:87:b9:9b:14:93: 68:4e:09:af:f4:84:8a:9f:a2:55:a7:57:16:bd:13:fa:ef:84: 9e:28:b7:49:74:ec:81:4e:22:a7:31:d2:d0:61:09:08:07:ff: 2a:9a:29:fe:50:c3:d4:96:aa:4a:97:ec:f1:41:0b:eb:85:32: 31:fb:c4:6f:fa:d1:97:d2:a4:aa:c9:26:29:f8:86:e6:83:29: f8:84:e0:2a:47:1e:80:0a:32:19:e0:f0:7a:c5:e5:89:94:da: 33:be:19:7f:8b:83:b1:54:6c:22:66:77:14:c6:84:66:ac:e9: e0:df:78:b8:9c:eb:78:19:06:cc:1e:c2:a1:9d:d1:71:8a:c5: b4:48:7d:1d:16:f5:07:e8:64:cc:f3:32:b0:0d:0c:ac:73:ca: 44:bf:05:0e:dc:92:81:9c:b0:02:79:70:75:f2:a1:05:44:fd: e2:55:8b:4d:1e:4f:ed:c4:c6:cc:28:08:20:bf:3c:a8:3c:0b: c0:6a:5c:db:95:6b:4b:b2:2f:ee:06:78:2f:47:65:ae:cb:58: 2f:58:85:94:fe:19:c3:1b:5e:b2:84:c6:5f:6e:7b:ea:80:97: 7d:c1:14:7e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWhtZLOqCRpWjfV6vfNfimLndwhMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIxNVoX DTI3MDMwMzA2MDcxNVowMzExMC8GA1UEAxMoMUMxRUJEMThBODFCNEUzNEVDMjIz QUM3NzY5MjAwNDY0QUQ2MzkwRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ5g1rTwl9DjgD2mW+EM8lJZQ0Af5ZNrft8n4Zn+q1LgzsINsbW9iTGuuuxs h18oTNXy+pp813jQo+7Lwjs57yJFtxKbJMss8PhlBoTndGvQlEOQLR7c/ZUI1mzP chTeZD2Nkz7ZQnjPxv54C+JyZLVLo+EQ9VAIIV8/2DYY+YyiCg/xn6+tzNabkrE0 gZc7l7EmMoaQWv8nG9GulUPMXqdniq53URHYaPaMPH75TlKGMst3szgRlHtjmsV3 1ECkbd1aR2zW8MEyKuqKWqM+2pCkG4j4IXpd41EuJ/Empl6PQbD6OVd/pNq+62G2 UIQC5VNVZIkyZ0MgVerEwXZGD3ECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQcHr0Y qBtONOwiOsd2kgBGStY5DjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjkwMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oP0wDQYJKoZIhvcNAQELBQADggEBADWehEeqP3PmwC0X8hRcsFALzSun6C5RuPyW lWXWL7aHuZsUk2hOCa/0hIqfolWnVxa9E/rvhJ4ot0l07IFOIqcx0tBhCQgH/yqa Kf5Qw9SWqkqX7PFBC+uFMjH7xG/60ZfSpKrJJin4huaDKfiE4CpHHoAKMhng8HrF 5YmU2jO+GX+Lg7FUbCJmdxTGhGas6eDfeLic63gZBswewqGd0XGKxbRIfR0W9Qfo ZMzzMrANDKxzykS/BQ7ckoGcsAJ5cHXyoQVE/eJVi00eT+3ExswoCCC/PKg8C8Bq XNuVa0uyL+4GeC9HZa7LWC9YhZT+GcMbXrKExl9ue+qAl33BFH4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:11 2026 by rpki-client