$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142919.roa File: AS142919.roa (raw, json) Hash identifier: f/FxPb12I0PzTBW+WwhboaN3z2uzqMGKE86l/6LXcjA= Subject key identifier: C0:5E:26:6D:90:D3:15:C3:EE:71:C6:2E:51:FF:0E:A7:F9:67:D2:8C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 15CC9325C5A656E59A9D0E5C204BDCA03A7455EF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142919.roa Signing time: Wed 04 Mar 2026 06:07:36 +0000 ROA not before: Wed 04 Mar 2026 06:02:36 +0000 ROA not after: Wed 03 Mar 2027 06:07:36 +0000 asID: 142919 IP address blocks: 240a:a10d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:cc:93:25:c5:a6:56:e5:9a:9d:0e:5c:20:4b:dc:a0:3a:74:55:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:36 2026 GMT Not After : Mar 3 06:07:36 2027 GMT Subject: CN=C05E266D90D315C3EE71C62E51FF0EA7F967D28C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:c4:9a:4f:6b:84:f0:c7:2d:bf:46:a2:f4:19: 33:66:8b:0b:d5:24:70:dc:db:79:ee:ca:69:96:e0: cf:f2:1c:0b:8b:be:3f:07:0c:d4:ae:e8:d7:85:bf: 3a:fc:33:a4:f8:d6:bb:54:e1:21:58:7a:59:8b:66: c7:a6:83:53:d1:32:98:5c:31:f2:c5:f4:64:75:06: a9:c6:e2:95:f8:60:65:9c:9d:ff:df:65:60:1a:98: 40:96:4f:fa:83:ba:72:69:f8:5f:3f:08:48:3c:2c: 0c:17:24:8b:63:bb:16:ec:f8:f1:d6:d0:0a:87:2c: b9:e3:81:f5:13:cc:1f:41:5b:6c:1a:ed:48:6c:5a: 06:23:08:9e:10:13:3b:38:1c:00:0d:76:50:c9:90: e1:51:ce:c4:e5:7e:c5:44:c1:57:29:b4:69:63:f3: b2:31:f9:cd:3d:99:f4:1a:e8:b9:21:82:27:84:fc: f9:d4:f4:cf:f2:67:a0:5d:65:49:01:b6:3a:e8:9b: e3:29:fa:53:1f:45:fd:e0:00:ac:20:54:9b:9a:ff: 10:6d:6a:cc:27:9c:2a:fd:37:bb:97:89:58:70:fd: 35:80:da:8f:d1:eb:04:76:74:2f:0e:d8:de:02:50: 2b:76:8f:73:6d:f1:7f:0b:98:68:23:ee:d3:2c:cc: a7:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:5E:26:6D:90:D3:15:C3:EE:71:C6:2E:51:FF:0E:A7:F9:67:D2:8C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142919.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a10d::/32 Signature Algorithm: sha256WithRSAEncryption 73:49:88:6f:b4:31:e8:78:f0:4c:78:3f:c0:44:e4:01:90:20: 43:c3:07:c5:10:b3:6d:96:aa:5a:0e:e6:de:41:03:eb:5c:f4: b3:1f:e6:e7:10:71:60:3d:6d:f0:bc:9c:47:1f:bc:ce:66:96: 88:37:8b:8d:c1:c1:4a:40:ad:91:94:4e:cf:be:e1:46:de:7e: 85:d5:5e:a0:14:48:bd:08:e0:c2:70:09:27:f9:e2:a1:d3:09: c8:cc:c9:ab:7d:c9:52:b1:c1:78:07:a7:d6:f6:ee:86:13:26: 96:5e:10:1b:ad:d0:45:16:95:5a:b4:f0:7d:3f:96:66:cd:0e: b1:81:84:fa:5d:5c:bd:9f:92:4f:da:9c:8e:fd:bb:6a:c9:78: 11:07:03:84:e2:11:54:de:f7:25:1f:3c:ca:12:7e:a4:0c:c5: 00:4c:fe:fc:6c:11:65:c9:1f:d8:44:3e:22:05:73:26:df:89: 8a:e0:d6:ac:e6:8d:da:d8:c5:57:7f:9b:52:73:b7:a9:b7:0a: 22:0e:ad:eb:30:bc:b7:fb:73:7c:31:65:9d:f2:59:0e:69:9d: ca:d5:ad:69:22:ac:3f:38:98:47:3a:e9:6a:70:0e:22:11:a9: 65:4a:ce:18:fe:dd:b4:22:9c:90:62:82:23:0d:52:d1:50:41: 54:0c:cc:a8 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFcyTJcWmVuWanQ5cIEvcoDp0Ve8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIzNloX DTI3MDMwMzA2MDczNlowMzExMC8GA1UEAxMoQzA1RTI2NkQ5MEQzMTVDM0VFNzFD NjJFNTFGRjBFQTdGOTY3RDI4QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKnEmk9rhPDHLb9GovQZM2aLC9UkcNzbee7KaZbgz/IcC4u+PwcM1K7o14W/ OvwzpPjWu1ThIVh6WYtmx6aDU9EymFwx8sX0ZHUGqcbilfhgZZyd/99lYBqYQJZP +oO6cmn4Xz8ISDwsDBcki2O7Fuz48dbQCocsueOB9RPMH0FbbBrtSGxaBiMInhAT OzgcAA12UMmQ4VHOxOV+xUTBVym0aWPzsjH5zT2Z9BrouSGCJ4T8+dT0z/JnoF1l SQG2Ouib4yn6Ux9F/eAArCBUm5r/EG1qzCecKv03u5eJWHD9NYDaj9HrBHZ0Lw7Y 3gJQK3aPc23xfwuYaCPu0yzMp1sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTAXiZt kNMVw+5xxi5R/w6n+WfSjDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjkxOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oQ0wDQYJKoZIhvcNAQELBQADggEBAHNJiG+0Meh48Ex4P8BE5AGQIEPDB8UQs22W qloO5t5BA+tc9LMf5ucQcWA9bfC8nEcfvM5mlog3i43BwUpArZGUTs++4UbefoXV XqAUSL0I4MJwCSf54qHTCcjMyat9yVKxwXgHp9b27oYTJpZeEBut0EUWlVq08H0/ lmbNDrGBhPpdXL2fkk/anI79u2rJeBEHA4TiEVTe9yUfPMoSfqQMxQBM/vxsEWXJ H9hEPiIFcybfiYrg1qzmjdrYxVd/m1Jzt6m3CiIOreswvLf7c3wxZZ3yWQ5pncrV rWkirD84mEc66WpwDiIRqWVKzhj+3bQinJBigiMNUtFQQVQMzKg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:54 2026 by rpki-client