$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142920.roa File: AS142920.roa (raw, json) Hash identifier: RA9q+DpuA5LX3rwCgym7vLBgm7HdQJ0g2yR1nNQrNUY= Subject key identifier: F8:B7:8F:FF:67:21:3E:73:06:D7:FE:3C:90:D0:CE:8A:22:52:B5:D3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3F081BEE9EB2B0570B9F127173BB7A6969922E9E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142920.roa Signing time: Wed 04 Mar 2026 06:06:46 +0000 ROA not before: Wed 04 Mar 2026 06:01:46 +0000 ROA not after: Wed 03 Mar 2027 06:06:46 +0000 asID: 142920 IP address blocks: 240a:a10e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:08:1b:ee:9e:b2:b0:57:0b:9f:12:71:73:bb:7a:69:69:92:2e:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:46 2026 GMT Not After : Mar 3 06:06:46 2027 GMT Subject: CN=F8B78FFF67213E7306D7FE3C90D0CE8A2252B5D3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:28:c4:d9:18:b8:8f:98:d6:f9:03:7e:5e:61: 7f:6f:74:95:01:c5:a8:25:09:e6:df:5d:f0:f9:52: 68:26:b6:6e:42:ea:78:4f:01:15:80:77:8a:d3:9b: 17:68:dd:32:9c:f8:47:36:2b:fa:6f:18:da:40:08: 12:39:09:da:be:61:80:a1:90:0b:53:a6:49:6f:07: 37:85:7f:07:f0:31:4c:a4:80:94:98:77:08:4c:93: a9:da:5a:21:d6:aa:15:c3:38:1e:4e:4c:33:bb:d2: 0e:76:9e:f7:e7:ed:17:d7:d7:15:2c:1e:09:91:cd: a0:f1:d2:0f:6f:1f:fa:8b:67:9b:e9:46:ea:1d:17: c5:15:fa:b4:4b:6f:13:da:32:9a:7a:93:6e:ff:11: b9:e9:5f:a1:01:f8:51:85:46:52:1f:2c:bf:1d:10: aa:45:db:a5:e7:25:3c:aa:06:ba:76:3f:99:c7:31: d3:82:34:c3:85:54:6c:0c:ad:2f:d2:59:ec:bd:19: a3:37:32:0c:33:8d:2a:aa:6f:11:67:13:bb:46:ad: 5b:1d:d4:0a:12:a1:e8:d3:66:d5:fc:a4:79:f6:01: 81:50:d8:0f:da:60:16:36:30:76:c7:56:81:97:e6: af:e9:88:bf:c2:9f:9d:a2:9b:59:22:f4:0d:f3:59: 18:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:B7:8F:FF:67:21:3E:73:06:D7:FE:3C:90:D0:CE:8A:22:52:B5:D3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142920.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a10e::/32 Signature Algorithm: sha256WithRSAEncryption 22:46:a0:0f:70:6d:14:e9:fe:1d:1b:e7:33:a8:9a:c0:be:d0: 2e:66:ec:30:76:d6:de:84:bb:fb:c9:ba:c1:49:43:59:a2:6e: 7f:08:b7:56:77:7f:bc:81:d7:a5:15:4a:ce:b7:0e:72:57:9a: 0f:74:47:43:8c:dd:e7:c8:bc:de:91:0e:65:4b:49:a0:0c:21: 69:f5:19:4c:37:11:0c:3e:a5:fe:5e:6a:d5:22:27:40:ee:b4: 60:f6:87:c6:15:02:a1:4c:1c:75:a1:03:e1:fe:6e:b5:80:5f: 3c:3f:f0:2f:f1:2c:cc:8e:eb:91:73:71:96:d3:cc:69:f8:18: 51:46:c8:b9:7e:97:7c:86:9e:5e:14:9d:f6:c6:9b:c6:02:a8: 0c:80:79:6f:b2:45:97:c4:87:74:d5:8f:20:2a:30:7a:aa:c3: 36:84:6a:3f:de:62:31:5e:f0:10:14:51:ee:ae:25:ad:0d:ca: bb:59:e7:95:34:1d:72:d4:d7:2c:e7:fd:9c:e8:84:71:91:f4: d6:01:3f:b2:2d:b1:66:73:a5:a3:00:fa:40:c6:f6:8c:02:a5: 7c:60:0c:ae:c8:2b:9b:dc:f1:53:a4:e1:a0:34:ab:ee:6b:39: 30:80:ad:a5:d5:71:65:5e:93:fb:09:5c:0a:71:11:2b:9d:e7: cc:82:5f:c9 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPwgb7p6ysFcLnxJxc7t6aWmSLp4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE0NloX DTI3MDMwMzA2MDY0NlowMzExMC8GA1UEAxMoRjhCNzhGRkY2NzIxM0U3MzA2RDdG RTNDOTBEMENFOEEyMjUyQjVEMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOooxNkYuI+Y1vkDfl5hf290lQHFqCUJ5t9d8PlSaCa2bkLqeE8BFYB3itOb F2jdMpz4RzYr+m8Y2kAIEjkJ2r5hgKGQC1OmSW8HN4V/B/AxTKSAlJh3CEyTqdpa IdaqFcM4Hk5MM7vSDnae9+ftF9fXFSweCZHNoPHSD28f+otnm+lG6h0XxRX6tEtv E9oymnqTbv8RuelfoQH4UYVGUh8svx0QqkXbpeclPKoGunY/mccx04I0w4VUbAyt L9JZ7L0ZozcyDDONKqpvEWcTu0atWx3UChKh6NNm1fykefYBgVDYD9pgFjYwdsdW gZfmr+mIv8KfnaKbWSL0DfNZGDMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT4t4// ZyE+cwbX/jyQ0M6KIlK10zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjkyMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oQ4wDQYJKoZIhvcNAQELBQADggEBACJGoA9wbRTp/h0b5zOomsC+0C5m7DB21t6E u/vJusFJQ1mibn8It1Z3f7yB16UVSs63DnJXmg90R0OM3efIvN6RDmVLSaAMIWn1 GUw3EQw+pf5eatUiJ0DutGD2h8YVAqFMHHWhA+H+brWAXzw/8C/xLMyO65FzcZbT zGn4GFFGyLl+l3yGnl4UnfbGm8YCqAyAeW+yRZfEh3TVjyAqMHqqwzaEaj/eYjFe 8BAUUe6uJa0NyrtZ55U0HXLU1yzn/ZzohHGR9NYBP7ItsWZzpaMA+kDG9owCpXxg DK7IK5vc8VOk4aA0q+5rOTCAraXVcWVek/sJXApxESud58yCX8k= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:49 2026 by rpki-client