$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142939.roa File: AS142939.roa (raw, json) Hash identifier: hA44gtkYBa2+I3iSYyGykceQfyZvTLVb3jroEwjPaXg= Subject key identifier: 86:B4:A6:A9:86:E5:9D:AF:88:89:73:5B:ED:5F:8F:92:B7:09:6E:E7 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3FC252A93E9668300D22BBB8988BE1E450A668AA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142939.roa Signing time: Wed 04 Mar 2026 06:06:44 +0000 ROA not before: Wed 04 Mar 2026 06:01:44 +0000 ROA not after: Wed 03 Mar 2027 06:06:44 +0000 asID: 142939 IP address blocks: 240a:a121::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:c2:52:a9:3e:96:68:30:0d:22:bb:b8:98:8b:e1:e4:50:a6:68:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:44 2026 GMT Not After : Mar 3 06:06:44 2027 GMT Subject: CN=86B4A6A986E59DAF8889735BED5F8F92B7096EE7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:a5:23:ce:04:1f:12:0b:8c:7b:62:8c:3a:a7: c2:35:fc:da:2d:98:9e:3e:f2:38:93:4a:7a:06:45: c1:91:9d:11:41:8a:0d:cb:f4:99:3a:e2:9a:69:20: 4b:84:d3:a1:52:b8:c3:7b:b4:85:7f:db:fa:f1:69: 28:78:db:ac:73:43:02:f9:6f:a7:8d:df:42:4f:4e: 11:47:52:a7:5d:61:6d:c9:ec:93:89:ea:80:f5:51: c5:de:f3:13:30:ea:3f:35:08:8e:7f:ef:bc:be:79: a8:75:e8:9a:a3:7b:3a:9a:37:6f:fb:1e:f2:3a:0c: 9f:30:80:fb:d3:ee:61:30:d0:7f:40:d1:64:25:ce: 8c:5c:13:ab:dd:17:f5:45:f1:63:3d:5f:a7:96:c5: 5d:c2:08:06:fa:a1:17:83:f3:0d:73:d9:66:6d:5f: 22:48:4e:83:94:8e:cb:87:a6:95:22:1e:cc:fb:90: ff:aa:0d:93:93:e0:5a:75:2b:53:3e:85:cb:d3:1e: 9d:49:79:54:7e:47:f7:a0:fa:d0:1e:4c:a5:72:51: f5:46:b3:b5:4c:59:1f:e6:ae:df:13:c5:75:38:d2: d8:48:32:89:4c:5e:fb:39:c4:cc:ee:15:9e:f2:7c: eb:3f:c0:61:52:4d:32:be:14:85:0c:38:25:f5:4b: b6:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:B4:A6:A9:86:E5:9D:AF:88:89:73:5B:ED:5F:8F:92:B7:09:6E:E7 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142939.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a121::/32 Signature Algorithm: sha256WithRSAEncryption 5d:6a:79:d5:14:cc:7b:7e:61:1e:0a:0d:a7:a4:a3:bb:09:04: 22:51:43:e8:70:7d:98:ff:55:78:fe:66:ed:96:25:90:ef:c5: 76:e8:84:5a:fc:9d:db:89:02:7e:91:0b:97:84:69:62:ee:49: 38:96:d4:af:6e:a1:48:80:a4:c9:52:a9:d0:b6:59:16:b9:e3: 0b:43:0f:db:82:db:76:14:5b:29:c2:c5:75:6e:56:fa:42:05: 5e:8e:7b:ef:ab:3d:f9:d2:19:bb:7c:4b:68:f7:a9:23:95:d0: de:76:9e:06:ec:b9:7d:00:69:3b:90:34:1a:d1:e9:b8:38:aa: 30:ad:e9:a7:a4:ab:34:38:d1:9c:a2:73:de:af:a5:db:e1:2f: 0f:df:c3:5f:d6:08:67:81:21:4e:60:c3:62:eb:ae:cb:dc:4c: e6:08:95:97:6a:57:51:12:16:c4:95:8c:99:54:bd:f7:21:5d: e3:89:2b:26:b6:63:88:13:6e:f8:9f:8d:84:a7:86:9e:84:65: ca:b0:0c:93:34:f6:74:8d:f5:9a:71:a2:02:c5:7a:25:b2:11: 96:e1:9a:3a:09:d8:9e:82:95:96:93:db:63:bb:75:4b:d1:8c: fc:cd:51:64:5a:7c:49:d0:53:bc:f1:9f:39:5c:88:65:5b:c4: 24:bb:d1:89 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUP8JSqT6WaDANIru4mIvh5FCmaKowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE0NFoX DTI3MDMwMzA2MDY0NFowMzExMC8GA1UEAxMoODZCNEE2QTk4NkU1OURBRjg4ODk3 MzVCRUQ1RjhGOTJCNzA5NkVFNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALClI84EHxILjHtijDqnwjX82i2Ynj7yOJNKegZFwZGdEUGKDcv0mTrimmkg S4TToVK4w3u0hX/b+vFpKHjbrHNDAvlvp43fQk9OEUdSp11hbcnsk4nqgPVRxd7z EzDqPzUIjn/vvL55qHXomqN7Opo3b/se8joMnzCA+9PuYTDQf0DRZCXOjFwTq90X 9UXxYz1fp5bFXcIIBvqhF4PzDXPZZm1fIkhOg5SOy4emlSIezPuQ/6oNk5PgWnUr Uz6Fy9MenUl5VH5H96D60B5MpXJR9UaztUxZH+au3xPFdTjS2EgyiUxe+znEzO4V nvJ86z/AYVJNMr4UhQw4JfVLtokCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSGtKap huWdr4iJc1vtX4+Stwlu5zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MjkzOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oSEwDQYJKoZIhvcNAQELBQADggEBAF1qedUUzHt+YR4KDaeko7sJBCJRQ+hwfZj/ VXj+Zu2WJZDvxXbohFr8nduJAn6RC5eEaWLuSTiW1K9uoUiApMlSqdC2WRa54wtD D9uC23YUWynCxXVuVvpCBV6Oe++rPfnSGbt8S2j3qSOV0N52ngbsuX0AaTuQNBrR 6bg4qjCt6aekqzQ40Zyic96vpdvhLw/fw1/WCGeBIU5gw2LrrsvcTOYIlZdqV1ES FsSVjJlUvfchXeOJKya2Y4gTbvifjYSnhp6EZcqwDJM09nSN9ZpxogLFeiWyEZbh mjoJ2J6ClZaT22O7dUvRjPzNUWRafEnQU7zxnzlciGVbxCS70Yk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:30 2026 by rpki-client