$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142962.roa File: AS142962.roa (raw, json) Hash identifier: ja+DBftmGFycu2zLzVn/k2ov+5AYnyJTkGVCiYRCX6o= Subject key identifier: E9:00:20:F9:E8:04:00:08:42:CD:77:BD:FE:ED:20:9B:5C:63:AE:80 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4D9C50FF561D1FBF507D7EF3B07A826DA9F5BACC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142962.roa Signing time: Wed 04 Mar 2026 06:07:56 +0000 ROA not before: Wed 04 Mar 2026 06:02:56 +0000 ROA not after: Wed 03 Mar 2027 06:07:56 +0000 asID: 142962 IP address blocks: 240a:a138::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:9c:50:ff:56:1d:1f:bf:50:7d:7e:f3:b0:7a:82:6d:a9:f5:ba:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:56 2026 GMT Not After : Mar 3 06:07:56 2027 GMT Subject: CN=E90020F9E804000842CD77BDFEED209B5C63AE80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:c1:2d:13:17:d0:5c:f1:b0:ce:51:69:ce:dd: 56:22:68:23:3d:40:47:a8:f9:8e:bf:39:fd:bb:55: 45:d7:58:34:28:69:73:5f:f8:ea:8e:8c:71:30:33: ab:b2:2b:98:0a:8a:89:ab:7f:4a:c5:17:b9:a4:03: 41:ed:6d:c6:fe:d0:ad:af:8c:42:00:de:8b:cd:b3: 51:38:c7:86:a7:d6:05:c2:6e:ac:e7:48:51:76:9b: 76:6f:38:17:37:3a:90:37:05:c6:49:35:11:f7:4d: 6c:55:9e:25:cb:3e:20:f8:65:ee:fb:ef:f9:01:44: 8b:46:42:c0:cf:e3:b6:98:79:8d:7a:3a:54:a5:c2: 44:b0:b1:8b:cf:6e:42:3f:75:15:86:91:45:3b:a4: 3b:69:03:f6:91:d0:e0:0a:f4:3a:10:11:60:41:03: e9:43:00:ad:90:2b:da:97:43:10:24:16:85:13:2b: 0b:e2:77:73:58:24:92:c9:8f:f8:25:02:53:0f:6a: f4:e2:c9:2b:72:86:23:fa:24:e7:2c:e2:0e:1c:42: f6:4b:42:80:1b:b7:f1:0f:4f:35:28:08:09:89:8f: c3:48:cb:0a:7c:0e:e6:e2:38:b7:13:94:da:17:f1: f9:ec:84:d8:56:5c:5b:3b:fc:c2:79:c1:6a:60:00: 0a:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:00:20:F9:E8:04:00:08:42:CD:77:BD:FE:ED:20:9B:5C:63:AE:80 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142962.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a138::/32 Signature Algorithm: sha256WithRSAEncryption 12:06:21:59:37:bd:28:a3:3b:ea:3c:e6:9b:d7:ed:2b:88:d3: 2b:b4:d8:59:a3:f6:bb:0e:53:31:52:91:e6:5e:8b:17:86:d0: 64:fd:98:66:21:34:47:2e:24:bd:a7:a6:c7:74:7b:ab:5f:d9: 19:e3:67:f3:ac:a7:a1:ec:bf:98:2f:74:27:5b:1d:7b:80:5f: 80:b0:01:9f:06:8f:d4:b7:65:73:17:5e:83:57:77:7a:5e:1d: b1:2d:4b:5e:26:d2:09:c7:9d:6d:4c:b1:f7:15:9a:4a:1d:a5: 0a:53:99:98:49:b6:f0:09:20:04:76:96:43:49:1f:25:57:47: 69:77:37:f5:05:0b:dd:f0:e5:de:2b:4c:2f:cc:cb:76:87:40: 4d:3a:67:d8:5d:64:81:96:df:e2:9f:b7:8c:f8:42:57:b0:af: fc:60:26:0f:eb:26:d0:a5:a4:ae:99:51:03:1b:66:ae:c9:60: dc:87:f8:04:14:73:fc:44:5a:64:3d:f4:b5:f2:df:28:6c:b5: f1:f4:c1:7f:c6:9a:4b:69:e4:b6:94:b9:46:73:67:9c:c0:28: 09:57:f1:02:f8:84:7d:d4:42:ee:ff:aa:35:e0:56:ee:b1:e2: aa:bb:5e:66:29:d7:ca:4f:6c:b0:eb:c8:19:4d:be:5c:bf:9c: ee:d3:f1:0c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTZxQ/1YdH79QfX7zsHqCban1uswwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI1NloX DTI3MDMwMzA2MDc1NlowMzExMC8GA1UEAxMoRTkwMDIwRjlFODA0MDAwODQyQ0Q3 N0JERkVFRDIwOUI1QzYzQUU4MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANHBLRMX0FzxsM5Rac7dViJoIz1AR6j5jr85/btVRddYNChpc1/46o6McTAz q7IrmAqKiat/SsUXuaQDQe1txv7Qra+MQgDei82zUTjHhqfWBcJurOdIUXabdm84 Fzc6kDcFxkk1EfdNbFWeJcs+IPhl7vvv+QFEi0ZCwM/jtph5jXo6VKXCRLCxi89u Qj91FYaRRTukO2kD9pHQ4Ar0OhARYEED6UMArZAr2pdDECQWhRMrC+J3c1gkksmP +CUCUw9q9OLJK3KGI/ok5yziDhxC9ktCgBu38Q9PNSgICYmPw0jLCnwO5uI4txOU 2hfx+eyE2FZcWzv8wnnBamAACg8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTpACD5 6AQACELNd73+7SCbXGOugDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjk2Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oTgwDQYJKoZIhvcNAQELBQADggEBABIGIVk3vSijO+o85pvX7SuI0yu02Fmj9rsO UzFSkeZeixeG0GT9mGYhNEcuJL2npsd0e6tf2RnjZ/Osp6Hsv5gvdCdbHXuAX4Cw AZ8Gj9S3ZXMXXoNXd3peHbEtS14m0gnHnW1MsfcVmkodpQpTmZhJtvAJIAR2lkNJ HyVXR2l3N/UFC93w5d4rTC/My3aHQE06Z9hdZIGW3+Kft4z4Qlewr/xgJg/rJtCl pK6ZUQMbZq7JYNyH+AQUc/xEWmQ99LXy3yhstfH0wX/Gmktp5LaUuUZzZ5zAKAlX 8QL4hH3UQu7/qjXgVu6x4qq7XmYp18pPbLDryBlNvly/nO7T8Qw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:14 2026 by rpki-client