$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142918.roa File: AS142918.roa (raw, json) Hash identifier: 9Sak2F6Lxe5mHYzLyiOm+plycjDmBpCR6sZu6I0hH3k= Subject key identifier: D8:97:90:DC:A0:29:61:A0:AC:1E:B7:8D:64:7D:89:36:6A:94:D7:19 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5A46D838C79E81224ECD1D8B66C2DF1BF9F3EA3D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142918.roa Signing time: Wed 04 Mar 2026 06:07:32 +0000 ROA not before: Wed 04 Mar 2026 06:02:32 +0000 ROA not after: Wed 03 Mar 2027 06:07:32 +0000 asID: 142918 IP address blocks: 240a:a10c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:46:d8:38:c7:9e:81:22:4e:cd:1d:8b:66:c2:df:1b:f9:f3:ea:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:32 2026 GMT Not After : Mar 3 06:07:32 2027 GMT Subject: CN=D89790DCA02961A0AC1EB78D647D89366A94D719 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:0e:76:a3:d4:30:b9:d5:fb:b3:92:51:ea:4c: 6c:ca:cc:50:cd:65:75:71:20:0d:5a:35:50:ba:14: 38:8b:3a:bd:3a:da:4f:1a:d4:d0:33:05:9e:0c:7d: 0f:0e:59:72:ff:17:bb:87:c9:0a:fb:31:5e:3e:dc: 6e:cb:03:7d:76:f5:e3:79:5e:dc:b3:26:f4:fc:be: 1f:dd:4c:ad:52:ca:f1:57:c3:bd:ae:33:e2:46:bf: 3e:af:0a:8e:80:1b:c7:16:72:af:e3:6f:7a:fd:cf: 66:6e:91:44:08:c4:0b:07:60:2b:ee:f9:24:88:ae: e8:61:fe:99:d8:f8:55:42:38:4d:6c:d8:b8:0e:1f: b3:fe:75:f5:b8:38:6b:37:fc:f6:ae:33:a6:44:b6: ca:13:8e:24:7a:f9:68:41:16:fb:03:85:f3:a9:72: cf:97:cb:03:c0:25:1c:85:24:c5:0c:b4:37:0c:25: 31:cb:ba:db:3d:17:e7:73:e3:4f:67:f9:d7:25:5c: 89:ad:40:61:03:b2:6f:2b:14:d5:be:43:d4:fa:51: a9:6f:21:43:87:31:b4:72:6b:3c:60:ef:1d:9b:47: 60:16:1d:7d:d8:42:99:ae:1e:1c:f0:5d:0a:b4:e8: b5:ee:a8:2b:72:b2:da:18:b4:ab:4d:d9:9f:c9:51: c1:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:97:90:DC:A0:29:61:A0:AC:1E:B7:8D:64:7D:89:36:6A:94:D7:19 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142918.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a10c::/32 Signature Algorithm: sha256WithRSAEncryption d9:5f:67:be:36:70:a3:a6:81:70:b2:f4:de:0d:50:a4:88:15: 3b:d9:11:7c:2b:81:a6:ad:2c:b4:63:7f:61:c0:6e:e2:f3:30: 7c:d2:7e:ad:f3:a9:ed:3c:ab:8d:85:76:c8:13:36:9f:b2:6b: c3:ec:d4:b7:f4:6a:a8:28:9a:d7:18:9a:d3:0a:36:e2:1e:6b: 03:11:5b:6c:ff:5b:a9:84:36:30:5f:cd:45:01:b7:de:ad:69: 5a:9f:3c:80:94:88:10:2f:73:52:32:f9:e4:e8:6f:a4:68:57: 05:c7:d3:09:73:18:81:52:9b:be:57:08:40:db:aa:4a:a4:c6: b4:41:aa:ab:d5:48:ae:58:40:0f:63:a1:c4:ad:55:de:f7:63: 3d:23:02:82:43:7d:c7:a8:b4:72:7d:5e:0d:37:c1:96:ea:42: b5:78:69:5f:4c:83:ba:5a:c7:5e:98:64:37:61:29:12:66:c8: c4:56:29:b1:90:b6:2a:b8:fb:78:b7:ca:68:e2:1f:91:c6:2b: 5a:17:7f:af:03:20:2a:6f:9c:af:18:34:94:1a:21:99:5e:45: 41:0b:74:39:09:5f:93:4c:1f:14:a6:54:18:d7:7a:2e:61:36: 81:10:63:82:47:27:b4:96:57:36:3c:69:ef:65:fd:8a:36:a1: 66:17:f9:22 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWkbYOMeegSJOzR2LZsLfG/nz6j0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIzMloX DTI3MDMwMzA2MDczMlowMzExMC8GA1UEAxMoRDg5NzkwRENBMDI5NjFBMEFDMUVC NzhENjQ3RDg5MzY2QTk0RDcxOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL0OdqPUMLnV+7OSUepMbMrMUM1ldXEgDVo1ULoUOIs6vTraTxrU0DMFngx9 Dw5Zcv8Xu4fJCvsxXj7cbssDfXb143le3LMm9Py+H91MrVLK8VfDva4z4ka/Pq8K joAbxxZyr+Nvev3PZm6RRAjECwdgK+75JIiu6GH+mdj4VUI4TWzYuA4fs/519bg4 azf89q4zpkS2yhOOJHr5aEEW+wOF86lyz5fLA8AlHIUkxQy0NwwlMcu62z0X53Pj T2f51yVcia1AYQOybysU1b5D1PpRqW8hQ4cxtHJrPGDvHZtHYBYdfdhCma4eHPBd CrTote6oK3Ky2hi0q03Zn8lRwZ0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTYl5Dc oClhoKwet41kfYk2apTXGTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjkxOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oQwwDQYJKoZIhvcNAQELBQADggEBANlfZ742cKOmgXCy9N4NUKSIFTvZEXwrgaat LLRjf2HAbuLzMHzSfq3zqe08q42FdsgTNp+ya8Ps1Lf0aqgomtcYmtMKNuIeawMR W2z/W6mENjBfzUUBt96taVqfPICUiBAvc1Iy+eTob6RoVwXH0wlzGIFSm75XCEDb qkqkxrRBqqvVSK5YQA9jocStVd73Yz0jAoJDfceotHJ9Xg03wZbqQrV4aV9Mg7pa x16YZDdhKRJmyMRWKbGQtiq4+3i3ymjiH5HGK1oXf68DICpvnK8YNJQaIZleRUEL dDkJX5NMHxSmVBjXei5hNoEQY4JHJ7SWVzY8ae9l/Yo2oWYX+SI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:37 2026 by rpki-client