$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142923.roa File: AS142923.roa (raw, json) Hash identifier: p9nOIFfZgQkHhkJoRuHUo7FpFGJmAV+JATDyqB4psYI= Subject key identifier: 57:0F:28:EF:A9:BA:E5:32:B6:E2:C4:3C:F6:24:37:60:D7:1E:35:D1 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 057B4D37B1E362F1C728F6C5FE4D4F518C19A236 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142923.roa Signing time: Wed 04 Mar 2026 06:07:50 +0000 ROA not before: Wed 04 Mar 2026 06:02:50 +0000 ROA not after: Wed 03 Mar 2027 06:07:50 +0000 asID: 142923 IP address blocks: 240a:a111::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:7b:4d:37:b1:e3:62:f1:c7:28:f6:c5:fe:4d:4f:51:8c:19:a2:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:50 2026 GMT Not After : Mar 3 06:07:50 2027 GMT Subject: CN=570F28EFA9BAE532B6E2C43CF6243760D71E35D1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:1e:eb:eb:a0:c3:52:32:77:76:a6:24:85:86: 3a:7d:8e:72:95:5e:f7:a2:95:72:bf:75:12:2a:79: 0b:99:db:07:62:2f:e3:29:90:c1:0b:3f:57:49:a4: 0c:ba:b0:26:2c:4d:4e:08:d0:75:64:9d:55:6d:3f: ac:9d:0a:8e:69:f2:04:c5:f3:19:96:b0:80:8e:8f: 26:68:15:88:96:69:89:35:7f:70:c1:95:74:81:d0: 6a:9a:44:ff:06:c2:5e:af:8a:a5:35:e9:ef:e4:bc: 05:79:8c:8c:f8:60:28:24:bd:be:da:41:a7:eb:25: eb:32:1a:09:98:5b:02:e8:cf:fa:0e:f7:be:fb:0d: 43:35:db:1b:df:3a:ee:3b:62:5a:17:7a:19:e6:23: 1b:83:1b:a5:82:91:fd:bd:32:db:9c:b2:c0:98:7b: 8e:1c:f6:34:1b:39:18:82:94:b4:a4:8d:cb:5f:03: 11:d8:f6:41:05:a7:e4:b0:2d:34:64:cc:cb:e4:3d: cc:db:85:81:83:f0:72:12:c1:0c:bd:11:b1:c4:f8: 16:5f:03:68:69:3c:6f:5a:d4:42:92:c2:d4:c9:9e: 3e:1f:ec:0e:51:ca:d3:40:75:0c:d8:ba:f2:26:5b: 60:f0:1c:4b:28:79:ba:06:98:da:bf:d9:05:bb:31: 2e:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:0F:28:EF:A9:BA:E5:32:B6:E2:C4:3C:F6:24:37:60:D7:1E:35:D1 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142923.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a111::/32 Signature Algorithm: sha256WithRSAEncryption dd:66:e4:cc:41:51:f5:f8:4e:6c:71:ea:43:92:d2:27:0a:8c: d2:a6:a3:2f:e0:80:08:72:46:9a:d2:ed:6b:ab:2b:2b:3b:70: be:a1:ca:36:53:5f:83:15:df:42:27:2b:af:b7:13:6c:ad:20: f6:ce:c4:c7:92:98:d6:6a:76:0f:2f:62:46:21:3c:fa:ee:ab: 22:ff:a8:24:40:f7:07:83:74:78:36:b8:43:12:eb:ae:29:05: a4:8e:d7:46:3b:f5:df:28:07:08:00:e2:71:5d:50:9c:ee:40: 15:ff:2c:cd:ac:b7:00:9b:fd:7e:53:29:f8:c8:59:c4:1a:40: 80:8f:53:60:a9:7a:09:d6:2d:a2:32:e5:c5:7f:10:d3:4f:4c: b5:52:13:a8:0a:95:2f:8e:40:07:f6:24:e7:e7:f7:ec:ca:aa: 93:9f:ca:d3:5f:21:b7:55:fb:50:9b:eb:d4:a6:be:d8:e6:25: f1:4c:e5:0a:b8:b8:02:bf:82:90:f0:91:63:e0:ab:ae:6a:58: ef:ae:13:42:2a:19:f1:11:c4:0a:69:23:f3:12:b9:f2:e6:ff: 0b:16:fc:1a:7f:e7:c1:d2:4a:b6:b3:11:1e:b2:af:37:d9:ac: cf:ae:9e:5f:57:30:24:58:56:99:c4:e9:01:59:68:bd:fd:f9: 1b:87:c9:0c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBXtNN7HjYvHHKPbF/k1PUYwZojYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI1MFoX DTI3MDMwMzA2MDc1MFowMzExMC8GA1UEAxMoNTcwRjI4RUZBOUJBRTUzMkI2RTJD NDNDRjYyNDM3NjBENzFFMzVEMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIse6+ugw1Iyd3amJIWGOn2OcpVe96KVcr91Eip5C5nbB2Iv4ymQwQs/V0mk DLqwJixNTgjQdWSdVW0/rJ0KjmnyBMXzGZawgI6PJmgViJZpiTV/cMGVdIHQappE /wbCXq+KpTXp7+S8BXmMjPhgKCS9vtpBp+sl6zIaCZhbAujP+g73vvsNQzXbG986 7jtiWhd6GeYjG4MbpYKR/b0y25yywJh7jhz2NBs5GIKUtKSNy18DEdj2QQWn5LAt NGTMy+Q9zNuFgYPwchLBDL0RscT4Fl8DaGk8b1rUQpLC1MmePh/sDlHK00B1DNi6 8iZbYPAcSyh5ugaY2r/ZBbsxLhMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRXDyjv qbrlMrbixDz2JDdg1x410TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjkyMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oREwDQYJKoZIhvcNAQELBQADggEBAN1m5MxBUfX4Tmxx6kOS0icKjNKmoy/ggAhy RprS7WurKys7cL6hyjZTX4MV30InK6+3E2ytIPbOxMeSmNZqdg8vYkYhPPruqyL/ qCRA9weDdHg2uEMS664pBaSO10Y79d8oBwgA4nFdUJzuQBX/LM2stwCb/X5TKfjI WcQaQICPU2CpegnWLaIy5cV/ENNPTLVSE6gKlS+OQAf2JOfn9+zKqpOfytNfIbdV +1Cb69SmvtjmJfFM5Qq4uAK/gpDwkWPgq65qWO+uE0IqGfERxAppI/MSufLm/wsW /Bp/58HSSrazER6yrzfZrM+unl9XMCRYVpnE6QFZaL39+RuHyQw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:07 2026 by rpki-client