$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142931.roa File: AS142931.roa (raw, json) Hash identifier: sxrF54OiJ4Ag98lTS6TBChk2VNz7cRK1ffpG8gWK/sA= Subject key identifier: FB:E1:03:81:04:6E:47:F2:A8:E4:13:69:13:29:0C:A9:28:A0:1B:6F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7034CC51A140A12BFBB05676D12DBC27DFB6B5B9 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142931.roa Signing time: Wed 04 Mar 2026 06:07:23 +0000 ROA not before: Wed 04 Mar 2026 06:02:23 +0000 ROA not after: Wed 03 Mar 2027 06:07:23 +0000 asID: 142931 IP address blocks: 240a:a119::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:34:cc:51:a1:40:a1:2b:fb:b0:56:76:d1:2d:bc:27:df:b6:b5:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:23 2026 GMT Not After : Mar 3 06:07:23 2027 GMT Subject: CN=FBE10381046E47F2A8E4136913290CA928A01B6F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:3f:bb:8b:eb:f5:ce:ba:13:a8:79:6b:cb:c8: eb:42:59:66:a7:0b:f2:38:ea:29:02:31:91:03:cb: dd:e3:54:e5:e3:28:9e:d5:4d:11:94:3a:0f:e2:44: 7e:e3:f9:41:28:a9:61:b1:41:98:3f:7e:ef:7d:bb: d1:75:bf:7f:a6:67:65:96:f6:26:28:b0:6c:47:85: dd:85:82:fd:39:00:6d:ad:10:c7:aa:40:ba:d7:a2: 30:d4:c9:a0:9c:49:a1:0b:b4:02:ec:e8:09:ad:00: 30:2b:4f:d1:23:ba:f9:ec:ee:b6:e3:7d:57:5c:a5: 88:ef:ae:80:44:cf:89:3b:46:36:15:d0:fa:ba:f7: 81:99:d3:f7:50:24:cf:1f:c6:1f:1d:09:6d:e1:ee: 79:0d:38:20:f9:ca:3c:57:a9:13:07:0a:bf:cf:c3: e3:6a:13:c9:68:67:0d:bf:4c:53:0c:26:df:59:4b: e8:99:20:4d:4b:43:69:f5:40:3a:4e:6b:6e:f7:4c: 83:e8:b7:c9:e3:97:0d:58:13:11:5b:2f:6a:6c:b4: 53:f8:71:8c:41:a8:00:34:a9:72:36:9f:1b:ec:3f: 82:d7:38:07:2e:61:90:3e:1b:18:58:0e:20:ec:34: 5f:7a:bd:bb:b7:a5:8c:cf:d2:61:d3:6d:73:80:04: 16:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:E1:03:81:04:6E:47:F2:A8:E4:13:69:13:29:0C:A9:28:A0:1B:6F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142931.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a119::/32 Signature Algorithm: sha256WithRSAEncryption 59:2b:bd:b7:9d:62:d4:c2:cc:4b:54:2b:17:b4:54:e6:e9:3b: 3e:03:d6:0f:f4:ac:94:74:c1:0d:fe:c3:93:68:48:a9:28:c1: d8:c3:22:8e:ec:67:00:37:0d:97:89:0d:dc:46:d6:68:42:07: 40:b4:28:f0:59:74:17:3a:19:7d:74:35:6d:31:ed:5e:5c:49: 2d:ae:97:f7:84:e3:e0:07:30:71:c5:fe:6b:b3:5b:bf:ad:c6: 71:ef:87:d8:9f:d3:ab:4b:95:bf:ae:db:c0:18:95:f0:df:f8: d4:40:c7:28:81:91:79:c8:e5:30:46:3c:55:b5:1c:69:59:8f: c3:24:78:22:6e:a2:38:06:a2:48:64:25:d7:38:19:19:37:0e: 98:db:e0:2b:13:31:65:bc:c1:08:e2:3f:0c:3e:82:4b:b8:ae: aa:46:38:ad:62:04:ce:b9:a6:b8:a5:92:9c:6f:b4:d0:f8:2d: 36:9a:c3:08:e4:c6:df:09:38:ee:cc:6f:19:5b:05:f4:15:b7: 26:66:c1:08:1e:6d:1a:93:0f:4a:5a:f0:74:ad:95:ac:1a:73: 04:6d:a0:a2:59:fd:e7:c2:72:19:75:e3:92:31:15:e5:21:b6: 21:eb:25:3e:ec:6e:fc:b8:05:cf:31:78:0b:4c:45:d2:4d:71: 6f:5c:a8:2a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUcDTMUaFAoSv7sFZ20S28J9+2tbkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIyM1oX DTI3MDMwMzA2MDcyM1owMzExMC8GA1UEAxMoRkJFMTAzODEwNDZFNDdGMkE4RTQx MzY5MTMyOTBDQTkyOEEwMUI2RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL0/u4vr9c66E6h5a8vI60JZZqcL8jjqKQIxkQPL3eNU5eMontVNEZQ6D+JE fuP5QSipYbFBmD9+73270XW/f6ZnZZb2JiiwbEeF3YWC/TkAba0Qx6pAuteiMNTJ oJxJoQu0AuzoCa0AMCtP0SO6+ezutuN9V1yliO+ugETPiTtGNhXQ+rr3gZnT91Ak zx/GHx0JbeHueQ04IPnKPFepEwcKv8/D42oTyWhnDb9MUwwm31lL6JkgTUtDafVA Ok5rbvdMg+i3yeOXDVgTEVsvamy0U/hxjEGoADSpcjafG+w/gtc4By5hkD4bGFgO IOw0X3q9u7eljM/SYdNtc4AEFlkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT74QOB BG5H8qjkE2kTKQypKKAbbzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjkzMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oRkwDQYJKoZIhvcNAQELBQADggEBAFkrvbedYtTCzEtUKxe0VObpOz4D1g/0rJR0 wQ3+w5NoSKkowdjDIo7sZwA3DZeJDdxG1mhCB0C0KPBZdBc6GX10NW0x7V5cSS2u l/eE4+AHMHHF/muzW7+txnHvh9if06tLlb+u28AYlfDf+NRAxyiBkXnI5TBGPFW1 HGlZj8MkeCJuojgGokhkJdc4GRk3Dpjb4CsTMWW8wQjiPww+gku4rqpGOK1iBM65 prilkpxvtND4LTaawwjkxt8JOO7MbxlbBfQVtyZmwQgebRqTD0pa8HStlawacwRt oKJZ/efCchl145IxFeUhtiHrJT7sbvy4Bc8xeAtMRdJNcW9cqCo= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:06 2026 by rpki-client