$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142940.roa File: AS142940.roa (raw, json) Hash identifier: k39JoLi4SaqDlHToMQuFNoL9TYZ3Fxrr0l4/Md8HQZY= Subject key identifier: 85:54:75:10:DE:61:F5:18:C3:AD:D2:ED:FD:DD:D2:BE:94:0D:72:15 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 67289AAF6D091B7697E047834F4A2ED7182075D0 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142940.roa Signing time: Wed 04 Mar 2026 06:07:52 +0000 ROA not before: Wed 04 Mar 2026 06:02:52 +0000 ROA not after: Wed 03 Mar 2027 06:07:52 +0000 asID: 142940 IP address blocks: 240a:a122::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:28:9a:af:6d:09:1b:76:97:e0:47:83:4f:4a:2e:d7:18:20:75:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:52 2026 GMT Not After : Mar 3 06:07:52 2027 GMT Subject: CN=85547510DE61F518C3ADD2EDFDDDD2BE940D7215 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:66:07:ad:4a:f7:38:c7:48:05:d2:40:a7:11: a1:ec:18:6e:21:17:20:4c:ad:fb:b7:e4:56:92:12: 80:e2:26:27:bb:c7:e2:30:b2:1e:be:d1:0d:b5:6f: af:27:0d:03:d9:4f:37:50:33:2e:3e:cb:2e:ce:fa: 29:7a:74:05:3a:f5:3e:1e:90:4a:cd:0b:e6:a5:c7: 91:84:25:60:de:82:4b:4c:9c:38:d8:91:62:89:71: 0b:e8:23:63:c8:bb:eb:b1:96:0a:be:40:f9:18:af: 0d:c0:ce:f5:80:40:ba:49:86:d5:86:dc:b6:52:0b: 15:9d:bc:54:e4:bd:e0:dc:97:de:cd:9c:7c:61:7a: 59:1f:4b:4f:e5:fc:a9:1e:1a:c9:38:a6:93:9f:d6: 3e:47:3a:e3:53:db:30:0d:67:9c:04:be:6b:12:e5: 80:a2:89:23:b7:f5:bf:d9:1b:83:ae:d8:29:09:c0: f5:68:e3:69:c1:64:26:46:aa:42:df:d8:a4:01:3a: 4c:01:ea:ac:92:38:1c:0a:af:a5:fe:d3:f3:1c:7c: 7b:bc:1b:7b:d6:10:8e:af:e0:41:43:78:78:35:9c: 50:89:66:db:a6:0f:9d:67:7e:fa:7a:a9:36:80:71: d0:ea:58:3b:bd:70:e4:37:17:db:b2:78:62:e7:2d: f1:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:54:75:10:DE:61:F5:18:C3:AD:D2:ED:FD:DD:D2:BE:94:0D:72:15 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142940.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a122::/32 Signature Algorithm: sha256WithRSAEncryption cf:35:87:fc:b3:3f:f4:13:3c:42:14:21:c2:39:a9:6c:21:57: 9e:92:20:48:96:8c:c6:f8:06:0e:1e:96:7a:92:5e:c7:35:4d: bf:3e:cd:f7:a9:8e:0b:fc:cd:ea:e9:37:2f:e9:83:3b:04:b0: 4a:29:d0:6b:7a:50:cb:ae:3f:a8:06:48:28:5f:31:75:52:d4: b8:27:4d:37:08:27:51:7f:8b:d0:65:07:21:5f:0c:0a:25:40: 7d:4f:b7:22:5a:b2:fb:f2:bd:0e:71:5d:a9:d4:1a:c5:98:20: 3f:c3:a0:64:66:03:de:6f:01:49:cc:55:c3:bf:a0:5b:e9:e4: 52:2c:39:49:a1:1d:d1:4f:47:28:9d:79:15:17:31:0e:ff:51: a3:d9:32:7a:0e:91:1c:f4:fe:fc:79:18:58:3a:f3:0a:1e:8e: d0:22:ed:15:df:e8:8a:a2:55:05:ce:e5:38:c2:76:65:10:a4: d5:8d:ba:57:8a:4a:60:85:73:3e:b6:35:d9:6f:12:eb:0c:b8: 42:9f:38:32:1c:31:85:2a:ee:90:c8:8e:dd:21:e0:d0:80:a5: f6:a4:b9:92:79:ac:af:ef:35:73:b6:f7:90:d6:72:03:44:5a: 00:1f:90:a9:d6:83:ad:6f:49:31:24:aa:15:59:c2:f7:6f:e8: 4e:ec:dc:92 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZyiar20JG3aX4EeDT0ou1xggddAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI1MloX DTI3MDMwMzA2MDc1MlowMzExMC8GA1UEAxMoODU1NDc1MTBERTYxRjUxOEMzQURE MkVERkREREQyQkU5NDBENzIxNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKVmB61K9zjHSAXSQKcRoewYbiEXIEyt+7fkVpISgOImJ7vH4jCyHr7RDbVv rycNA9lPN1AzLj7LLs76KXp0BTr1Ph6QSs0L5qXHkYQlYN6CS0ycONiRYolxC+gj Y8i767GWCr5A+RivDcDO9YBAukmG1YbctlILFZ28VOS94NyX3s2cfGF6WR9LT+X8 qR4ayTimk5/WPkc641PbMA1nnAS+axLlgKKJI7f1v9kbg67YKQnA9WjjacFkJkaq Qt/YpAE6TAHqrJI4HAqvpf7T8xx8e7wbe9YQjq/gQUN4eDWcUIlm26YPnWd++nqp NoBx0OpYO71w5DcX27J4Yuct8fECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSFVHUQ 3mH1GMOt0u393dK+lA1yFTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjk0MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oSIwDQYJKoZIhvcNAQELBQADggEBAM81h/yzP/QTPEIUIcI5qWwhV56SIEiWjMb4 Bg4elnqSXsc1Tb8+zfepjgv8zerpNy/pgzsEsEop0Gt6UMuuP6gGSChfMXVS1Lgn TTcIJ1F/i9BlByFfDAolQH1PtyJasvvyvQ5xXanUGsWYID/DoGRmA95vAUnMVcO/ oFvp5FIsOUmhHdFPRyideRUXMQ7/UaPZMnoOkRz0/vx5GFg68woejtAi7RXf6Iqi VQXO5TjCdmUQpNWNuleKSmCFcz62NdlvEusMuEKfODIcMYUq7pDIjt0h4NCApfak uZJ5rK/vNXO295DWcgNEWgAfkKnWg61vSTEkqhVZwvdv6E7s3JI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:40 2026 by rpki-client