$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142950.roa File: AS142950.roa (raw, json) Hash identifier: HuRGMTncxDkVDltz7X/fNDtGzWowWIKwaS+RsXHkST0= Subject key identifier: D3:4D:95:52:F8:8B:B1:FF:C7:C2:E1:42:CE:42:36:CC:5C:8D:96:9B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 74E6A101F08ED15E7981328BEA5F039C0B4958B5 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142950.roa Signing time: Wed 04 Mar 2026 06:07:28 +0000 ROA not before: Wed 04 Mar 2026 06:02:28 +0000 ROA not after: Wed 03 Mar 2027 06:07:28 +0000 asID: 142950 IP address blocks: 240a:a12c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:e6:a1:01:f0:8e:d1:5e:79:81:32:8b:ea:5f:03:9c:0b:49:58:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:28 2026 GMT Not After : Mar 3 06:07:28 2027 GMT Subject: CN=D34D9552F88BB1FFC7C2E142CE4236CC5C8D969B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:93:63:21:ac:75:af:8a:53:c5:cf:89:1c:06: a7:a6:bf:a5:78:4a:69:a9:5d:30:af:5d:92:63:80: 1f:0b:c2:af:b1:74:e4:c7:70:9c:b1:d0:82:8d:05: d3:57:af:a8:f2:86:fc:1f:88:f3:74:37:ca:5e:ed: 9c:55:68:91:ce:66:a7:f3:53:10:1c:53:9f:bb:d6: 4b:20:2a:8a:ea:e3:de:13:cd:af:1a:fa:18:fe:81: 5e:31:53:26:7f:c4:8b:9f:9d:96:91:db:f4:57:5c: 2b:92:6e:dd:ef:96:f4:96:e8:ee:1c:c2:46:b2:29: 5f:2f:ae:54:c3:c3:2f:8b:96:4c:02:fa:32:7e:d9: dd:0b:28:0d:1a:1c:0a:e8:7f:2a:fa:e1:0c:5a:ab: 7c:6d:24:64:34:70:77:c6:2b:00:8a:92:11:9e:22: f1:a3:5b:61:09:8b:7c:86:21:d8:c9:9a:ae:5f:b3: d6:3f:23:c0:3e:5d:68:d2:fe:9b:b3:4b:a7:1d:5d: bd:d4:af:76:6f:38:71:42:e8:25:0c:c8:bf:37:17: 6c:6f:f4:ad:bb:aa:ce:f3:12:8c:3b:43:28:ca:3b: c9:7b:94:5e:da:9e:53:b3:5b:f1:31:ab:ab:38:a1: 60:41:1e:8b:f6:f1:07:1b:04:bc:2a:de:64:c1:97: 00:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:4D:95:52:F8:8B:B1:FF:C7:C2:E1:42:CE:42:36:CC:5C:8D:96:9B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142950.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a12c::/32 Signature Algorithm: sha256WithRSAEncryption ce:54:d8:5f:e2:d4:d5:81:32:55:5d:81:07:1c:33:c1:32:5a: 37:bd:0a:72:ec:1d:7f:79:06:aa:15:fe:76:98:25:9b:90:23: 8d:a6:e4:b9:5e:fe:cb:b0:35:44:34:8a:1c:c1:52:e5:02:49: e2:86:83:1f:5c:d6:7c:e8:60:65:7b:7c:b8:bd:08:6a:5a:d8: c9:ca:57:70:12:18:e1:37:d6:fd:8f:fc:a7:a3:0c:12:8a:5f: 24:f2:fe:5a:78:2b:b6:51:0a:c2:d3:c1:85:2e:c4:ba:8b:0d: f7:25:1a:e9:1e:e9:10:1a:ab:1b:a5:58:44:fc:9f:6b:48:df: 5b:62:b5:dd:fb:d3:6b:c7:4c:a0:a3:25:07:58:88:ff:96:c0: c1:53:7d:17:45:f0:4f:b1:d9:10:3f:de:68:45:a6:5c:e4:32: 17:bc:07:9e:14:d4:ee:0b:7a:7c:fd:af:fd:1a:13:df:3d:10: da:e0:f3:79:ae:2d:f5:01:ba:c9:36:7c:49:6f:bd:cf:eb:d8: b4:39:3d:4e:69:f6:5e:fd:6c:c3:b4:6c:78:4c:2c:ca:ec:7f: 90:c2:90:a0:53:ec:82:2d:f3:a7:db:ef:20:4b:ee:16:a0:a4: 51:3e:a3:b2:9e:a0:ec:c4:9d:f7:fd:70:a3:90:cc:e1:44:bc: ff:5a:9c:6f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUdOahAfCO0V55gTKL6l8DnAtJWLUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIyOFoX DTI3MDMwMzA2MDcyOFowMzExMC8GA1UEAxMoRDM0RDk1NTJGODhCQjFGRkM3QzJF MTQyQ0U0MjM2Q0M1QzhEOTY5QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALaTYyGsda+KU8XPiRwGp6a/pXhKaaldMK9dkmOAHwvCr7F05MdwnLHQgo0F 01evqPKG/B+I83Q3yl7tnFVokc5mp/NTEBxTn7vWSyAqiurj3hPNrxr6GP6BXjFT Jn/Ei5+dlpHb9FdcK5Ju3e+W9Jbo7hzCRrIpXy+uVMPDL4uWTAL6Mn7Z3QsoDRoc Cuh/KvrhDFqrfG0kZDRwd8YrAIqSEZ4i8aNbYQmLfIYh2Mmarl+z1j8jwD5daNL+ m7NLpx1dvdSvdm84cULoJQzIvzcXbG/0rbuqzvMSjDtDKMo7yXuUXtqeU7Nb8TGr qzihYEEei/bxBxsEvCreZMGXABkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTTTZVS +Iux/8fC4ULOQjbMXI2WmzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjk1MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oSwwDQYJKoZIhvcNAQELBQADggEBAM5U2F/i1NWBMlVdgQccM8EyWje9CnLsHX95 BqoV/naYJZuQI42m5Lle/suwNUQ0ihzBUuUCSeKGgx9c1nzoYGV7fLi9CGpa2MnK V3ASGOE31v2P/KejDBKKXyTy/lp4K7ZRCsLTwYUuxLqLDfclGuke6RAaqxulWET8 n2tI31titd3702vHTKCjJQdYiP+WwMFTfRdF8E+x2RA/3mhFplzkMhe8B54U1O4L enz9r/0aE989ENrg83muLfUBusk2fElvvc/r2LQ5PU5p9l79bMO0bHhMLMrsf5DC kKBT7IIt86fb7yBL7hagpFE+o7KeoOzEnff9cKOQzOFEvP9anG8= -----END CERTIFICATE-----Generated at Sat Mar 28 14:26:42 2026 by rpki-client