$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142971.roa File: AS142971.roa (raw, json) Hash identifier: c4pn3kPMSCgH8rH10IirAAf/gEsjxy64t3TV5LK+XT8= Subject key identifier: FF:81:E3:23:56:B3:15:F4:7C:EC:BC:CF:0B:D7:15:84:E0:3E:2E:8A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 08930074DE2F07971215E51EF03039CB4576CC02 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142971.roa Signing time: Wed 04 Mar 2026 06:06:30 +0000 ROA not before: Wed 04 Mar 2026 06:01:30 +0000 ROA not after: Wed 03 Mar 2027 06:06:30 +0000 asID: 142971 IP address blocks: 240a:a141::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:93:00:74:de:2f:07:97:12:15:e5:1e:f0:30:39:cb:45:76:cc:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:30 2026 GMT Not After : Mar 3 06:06:30 2027 GMT Subject: CN=FF81E32356B315F47CECBCCF0BD71584E03E2E8A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:de:c2:33:2d:f5:a6:54:c8:e0:3a:56:c8:ac: 51:f0:09:63:4c:3a:91:94:48:75:4a:79:4b:34:cd: d9:b2:5c:a0:54:24:d7:fb:5c:3f:29:c0:3e:2d:31: 99:ee:9f:17:e2:75:8f:c3:d3:73:db:4b:68:b7:5c: 58:4c:91:95:45:82:db:10:37:4e:6b:98:e6:57:c6: 67:6d:ae:cd:8a:11:c8:bd:e2:db:97:2a:b9:43:de: d2:2b:21:ed:75:5e:6c:4f:66:8a:78:34:5f:30:cb: 63:b6:01:ee:3d:54:12:6d:c3:7d:be:31:41:68:a6: 58:8c:f9:66:76:b5:a3:89:67:57:32:ad:6c:3f:9d: 25:8c:87:fe:ec:58:e3:0c:96:6c:30:b2:a5:f8:ce: 55:1e:e0:0b:bf:33:ff:7e:93:fd:b0:f0:ab:f1:9b: 72:ce:1d:12:66:99:c1:b9:b0:83:c3:f2:0a:5a:21: ee:2a:c6:8c:eb:81:30:8c:2e:aa:2a:4c:a3:b0:80: 4f:55:4d:ed:06:de:4d:cb:0b:74:c8:8e:fe:f8:e8: e3:d7:75:22:8f:fa:69:39:85:8c:0a:8c:54:ce:5d: eb:3a:a1:f5:97:b7:86:06:44:57:bf:01:12:82:4a: 83:33:31:12:8c:c9:c0:d8:58:8c:e0:bb:66:8d:5c: 93:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:81:E3:23:56:B3:15:F4:7C:EC:BC:CF:0B:D7:15:84:E0:3E:2E:8A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142971.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a141::/32 Signature Algorithm: sha256WithRSAEncryption 31:e2:40:c6:81:76:ca:97:fd:37:33:6a:37:d8:30:3f:26:18: 46:a5:d8:dc:4e:13:1e:5f:78:86:9b:0a:3d:14:6d:b4:df:ab: 87:4c:63:dc:d5:1a:8a:81:3e:90:f0:49:7c:61:6c:ee:55:6a: d2:ba:2e:4c:8a:f6:80:c0:b7:81:f5:a6:ad:e3:14:5f:75:6d: fc:96:d0:97:90:ba:79:b1:cd:db:82:07:9d:a4:69:29:54:f2: 3e:c1:f8:9d:de:13:e4:ba:5e:0f:26:6d:e3:bd:7d:71:fb:0e: a8:6f:91:75:88:5e:e7:fe:2d:13:ce:96:ed:7d:74:1d:cf:50: 7d:70:0c:93:01:ed:a1:48:d8:98:0d:39:93:57:b0:64:b7:6f: 35:a2:b0:3e:58:bf:03:ac:fe:7d:88:d3:0d:71:20:28:85:e7: 1c:ae:68:fe:e1:3c:de:15:b6:6f:47:74:eb:30:cf:83:18:db: 5c:7d:91:82:95:b9:54:ee:97:68:86:50:04:2d:6b:14:94:f8: 6a:60:09:2b:a7:41:2d:09:aa:f8:2b:e4:58:34:9a:cf:7c:5b: e9:cb:82:3b:0c:26:66:9b:7a:bb:4f:fe:e4:51:63:fd:eb:a1: be:0d:18:be:ad:71:fa:4b:3b:18:2b:0f:9c:c5:ff:61:04:5b: 1e:2a:e6:37 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUCJMAdN4vB5cSFeUe8DA5y0V2zAIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEzMFoX DTI3MDMwMzA2MDYzMFowMzExMC8GA1UEAxMoRkY4MUUzMjM1NkIzMTVGNDdDRUNC Q0NGMEJENzE1ODRFMDNFMkU4QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKbewjMt9aZUyOA6VsisUfAJY0w6kZRIdUp5SzTN2bJcoFQk1/tcPynAPi0x me6fF+J1j8PTc9tLaLdcWEyRlUWC2xA3TmuY5lfGZ22uzYoRyL3i25cquUPe0ish 7XVebE9ming0XzDLY7YB7j1UEm3Dfb4xQWimWIz5Zna1o4lnVzKtbD+dJYyH/uxY 4wyWbDCypfjOVR7gC78z/36T/bDwq/Gbcs4dEmaZwbmwg8PyCloh7irGjOuBMIwu qipMo7CAT1VN7QbeTcsLdMiO/vjo49d1Io/6aTmFjAqMVM5d6zqh9Ze3hgZEV78B EoJKgzMxEozJwNhYjOC7Zo1ckykCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT/geMj VrMV9HzsvM8L1xWE4D4uijAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjk3MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oUEwDQYJKoZIhvcNAQELBQADggEBADHiQMaBdsqX/TczajfYMD8mGEal2NxOEx5f eIabCj0UbbTfq4dMY9zVGoqBPpDwSXxhbO5VatK6LkyK9oDAt4H1pq3jFF91bfyW 0JeQunmxzduCB52kaSlU8j7B+J3eE+S6Xg8mbeO9fXH7DqhvkXWIXuf+LRPOlu19 dB3PUH1wDJMB7aFI2JgNOZNXsGS3bzWisD5YvwOs/n2I0w1xICiF5xyuaP7hPN4V tm9HdOswz4MY21x9kYKVuVTul2iGUAQtaxSU+GpgCSunQS0Jqvgr5Fg0ms98W+nL gjsMJmabertP/uRRY/3rob4NGL6tcfpLOxgrD5zF/2EEWx4q5jc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:22 2026 by rpki-client