$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142970.roa File: AS142970.roa (raw, json) Hash identifier: KAUm8kD/aZnnkG5uEfIfAV1E+c0kgaLHXj4us9banOA= Subject key identifier: EF:12:65:0A:94:27:EA:5C:66:5F:08:E1:55:B0:08:FC:39:68:72:FF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0D6702EBBE5D52003528AACA79AF9C120430E656 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142970.roa Signing time: Wed 04 Mar 2026 06:07:29 +0000 ROA not before: Wed 04 Mar 2026 06:02:29 +0000 ROA not after: Wed 03 Mar 2027 06:07:29 +0000 asID: 142970 IP address blocks: 240a:a140::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:67:02:eb:be:5d:52:00:35:28:aa:ca:79:af:9c:12:04:30:e6:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:29 2026 GMT Not After : Mar 3 06:07:29 2027 GMT Subject: CN=EF12650A9427EA5C665F08E155B008FC396872FF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:7a:8b:85:1e:af:09:db:4b:b7:ec:d5:8a:3b: 1d:37:a0:24:08:49:74:6e:88:2c:b9:51:72:47:70: d0:7b:e6:5a:49:0b:04:bf:30:4a:8d:61:89:17:48: ce:0d:9c:42:ba:65:e1:cb:00:fc:0a:00:f1:08:6d: 43:bd:13:da:55:8a:f8:a1:1b:df:bd:3c:82:ef:d5: 95:ac:57:d6:62:be:7f:f0:c5:79:5e:94:ed:c7:0e: b6:21:0d:28:6a:d6:df:1d:45:a7:bf:4a:95:6c:65: d5:85:d2:ff:db:aa:9b:8b:5d:4a:fd:97:f5:b7:c8: fb:08:14:8c:9d:91:fc:ad:77:ba:62:10:03:c1:f0: 9a:00:83:bb:15:6e:72:eb:e6:1e:9f:cf:f1:08:89: 3c:fa:70:60:f4:7d:a4:7f:58:44:8a:b3:d0:d2:4c: 78:07:b8:80:31:b9:bd:d7:b5:95:16:cf:6b:23:16: 13:c1:7a:a1:e3:62:74:18:a0:af:af:70:f8:cd:be: bb:08:54:f2:70:d7:31:33:16:b5:64:b9:c1:1e:00: 5c:2c:c5:d9:21:d8:8f:5f:0d:2c:17:6a:1a:6c:0e: 72:ac:f6:27:67:24:05:3d:8e:bd:10:56:ca:87:b0: 98:7a:76:0b:9b:d8:87:ea:b2:bd:96:5c:04:82:1e: 0a:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:12:65:0A:94:27:EA:5C:66:5F:08:E1:55:B0:08:FC:39:68:72:FF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142970.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a140::/32 Signature Algorithm: sha256WithRSAEncryption 52:15:7a:69:78:33:7b:15:91:21:46:83:93:4d:cc:33:83:dc: a0:4e:a5:3f:43:57:7c:80:e2:82:d8:38:32:53:72:5a:f4:ef: 30:85:f3:2a:c2:ac:5f:a7:5e:bd:9c:37:36:2a:92:fd:90:21: 29:27:1e:9c:52:16:f7:5f:24:3c:c3:04:34:1b:98:00:9d:56: 57:22:13:b1:1b:80:dc:65:b0:65:63:58:ef:99:57:f5:c1:c8: e7:3a:20:56:63:5c:82:b0:cf:c0:c8:8f:da:be:46:02:9b:76: 66:14:13:03:70:05:06:20:66:0a:44:d0:ab:fa:9d:13:c9:b6: 03:16:5b:c8:1f:a8:cb:eb:00:9a:52:4b:70:8a:7b:0a:a4:43: 91:13:98:88:9d:c5:f3:01:83:94:92:4f:e8:8a:b4:52:86:6b: a3:48:7d:d2:ee:fb:a0:6d:6f:b7:97:72:16:c9:f2:08:67:70: bd:0d:b6:4e:50:c2:ab:44:df:17:74:a0:b0:d5:ca:71:0c:99: 72:2b:c7:8a:ab:a4:d3:70:fc:5d:8d:dd:b1:b0:42:74:09:19: 63:2a:4c:14:42:01:f9:1f:15:7d:83:56:75:7b:ab:4c:88:e1: 09:c7:14:b9:63:97:94:b9:a3:29:db:32:8f:72:74:6f:15:05: 05:8b:67:44 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDWcC675dUgA1KKrKea+cEgQw5lYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIyOVoX DTI3MDMwMzA2MDcyOVowMzExMC8GA1UEAxMoRUYxMjY1MEE5NDI3RUE1QzY2NUYw OEUxNTVCMDA4RkMzOTY4NzJGRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALF6i4UerwnbS7fs1Yo7HTegJAhJdG6ILLlRckdw0HvmWkkLBL8wSo1hiRdI zg2cQrpl4csA/AoA8QhtQ70T2lWK+KEb3708gu/VlaxX1mK+f/DFeV6U7ccOtiEN KGrW3x1Fp79KlWxl1YXS/9uqm4tdSv2X9bfI+wgUjJ2R/K13umIQA8HwmgCDuxVu cuvmHp/P8QiJPPpwYPR9pH9YRIqz0NJMeAe4gDG5vde1lRbPayMWE8F6oeNidBig r69w+M2+uwhU8nDXMTMWtWS5wR4AXCzF2SHYj18NLBdqGmwOcqz2J2ckBT2OvRBW yoewmHp2C5vYh+qyvZZcBIIeCncCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTvEmUK lCfqXGZfCOFVsAj8OWhy/zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjk3MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oUAwDQYJKoZIhvcNAQELBQADggEBAFIVeml4M3sVkSFGg5NNzDOD3KBOpT9DV3yA 4oLYODJTclr07zCF8yrCrF+nXr2cNzYqkv2QISknHpxSFvdfJDzDBDQbmACdVlci E7EbgNxlsGVjWO+ZV/XByOc6IFZjXIKwz8DIj9q+RgKbdmYUEwNwBQYgZgpE0Kv6 nRPJtgMWW8gfqMvrAJpSS3CKewqkQ5ETmIidxfMBg5SST+iKtFKGa6NIfdLu+6Bt b7eXchbJ8ghncL0Ntk5QwqtE3xd0oLDVynEMmXIrx4qrpNNw/F2N3bGwQnQJGWMq TBRCAfkfFX2DVnV7q0yI4QnHFLljl5S5oynbMo9ydG8VBQWLZ0Q= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:48 2026 by rpki-client