$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142980.roa File: AS142980.roa (raw, json) Hash identifier: H56/FsUGA9nfb8Qtpp0QjLomWC38FcSUOdyarLepYiE= Subject key identifier: A3:99:5A:CF:B4:0C:3B:A2:C6:CB:18:34:49:A3:E3:17:59:91:B7:11 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 08BE2FFA1DDB8B66A54630F9C04BBA8D9B9AC043 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142980.roa Signing time: Wed 04 Mar 2026 06:05:14 +0000 ROA not before: Wed 04 Mar 2026 06:00:14 +0000 ROA not after: Wed 03 Mar 2027 06:05:14 +0000 asID: 142980 IP address blocks: 240a:a14a::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:be:2f:fa:1d:db:8b:66:a5:46:30:f9:c0:4b:ba:8d:9b:9a:c0:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:14 2026 GMT Not After : Mar 3 06:05:14 2027 GMT Subject: CN=A3995ACFB40C3BA2C6CB183449A3E3175991B711 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:1f:56:ad:67:b3:34:2a:f0:46:b2:bb:51:22: 51:eb:fd:dc:a6:f4:24:9f:60:b0:46:f8:77:38:7e: 30:8c:6a:76:44:4d:78:cf:30:a3:29:4c:e0:a2:39: 46:36:18:8d:5f:c2:ea:2e:5c:3f:0c:e2:31:6c:51: ea:9c:f0:4e:3f:63:b8:0d:ad:50:1c:1a:f9:55:5a: 22:b5:c5:4e:b9:b0:11:89:a7:26:50:98:5b:a9:79: 95:49:cd:1a:c2:b9:d1:5c:ed:e7:20:d9:69:98:3c: ca:f0:8e:ee:a1:5d:60:ca:a2:38:15:00:f7:d6:d4: ab:c3:f8:95:1f:7c:f1:f4:7b:8d:2e:bb:58:c5:d4: bd:da:1a:5f:41:82:88:90:a6:b3:8c:ea:2c:20:fd: f5:e2:76:4d:a7:c5:bc:83:d3:a9:27:46:74:d6:26: ee:42:d0:30:d2:40:78:36:b0:9e:f1:76:6d:a4:3e: be:1d:ed:38:f3:59:b9:42:0a:ff:74:79:61:4f:eb: 45:40:2e:68:ec:ac:e3:0a:58:67:ac:4f:16:b3:76: 03:92:83:27:fd:51:90:8e:93:86:33:85:c8:2f:71: e1:79:d3:f6:6b:50:17:a6:95:34:7a:88:9f:38:60: 02:1b:9f:14:af:e1:8a:d7:16:dd:c9:a0:42:70:f2: 49:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:99:5A:CF:B4:0C:3B:A2:C6:CB:18:34:49:A3:E3:17:59:91:B7:11 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142980.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a14a::/32 Signature Algorithm: sha256WithRSAEncryption b3:14:0a:a4:45:07:b9:81:c8:38:52:e4:05:7e:d3:b8:f8:48: 04:b0:07:da:39:03:df:13:47:41:5b:25:34:15:75:be:99:fe: d7:a6:d5:b9:02:78:63:4b:e2:20:ba:16:ab:8f:d4:f0:d5:f3: c7:c0:57:5b:b2:f3:91:09:ce:c9:08:5b:35:43:c3:e8:f7:9c: d5:7b:b0:30:35:0b:1d:0e:c4:51:5e:2a:a3:fe:f9:1b:4a:87: a6:e3:bf:91:cf:84:2c:9b:68:ed:70:0b:4b:06:f6:3b:ed:2f: cb:4e:42:56:53:22:4e:7e:28:0a:32:a5:cb:28:7f:f9:49:3e: 9b:b8:97:b8:ae:9f:fd:0e:bc:81:f1:90:77:2c:52:b9:31:30: 1a:23:d1:45:9b:75:50:3f:ea:b5:b8:8c:d7:38:87:2e:62:a2: 1e:8c:b4:26:7e:ca:7a:b3:59:fb:fa:d9:f2:7f:c6:27:76:84: 99:43:b3:f3:6c:d9:19:84:dd:22:0d:8d:f4:a4:36:3c:f2:ac: 70:9e:bf:42:52:8e:09:20:8a:60:86:64:46:70:cf:35:e6:ac: c5:1a:d2:b6:ce:bc:cb:72:ad:1b:fb:d8:87:bb:43:1f:07:db: 94:36:f4:41:93:76:b3:23:c0:16:98:c2:51:22:12:53:4a:ee: 65:6d:16:d6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUCL4v+h3bi2alRjD5wEu6jZuawEMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAxNFoX DTI3MDMwMzA2MDUxNFowMzExMC8GA1UEAxMoQTM5OTVBQ0ZCNDBDM0JBMkM2Q0Ix ODM0NDlBM0UzMTc1OTkxQjcxMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMofVq1nszQq8Eayu1EiUev93Kb0JJ9gsEb4dzh+MIxqdkRNeM8woylM4KI5 RjYYjV/C6i5cPwziMWxR6pzwTj9juA2tUBwa+VVaIrXFTrmwEYmnJlCYW6l5lUnN GsK50Vzt5yDZaZg8yvCO7qFdYMqiOBUA99bUq8P4lR988fR7jS67WMXUvdoaX0GC iJCms4zqLCD99eJ2TafFvIPTqSdGdNYm7kLQMNJAeDawnvF2baQ+vh3tOPNZuUIK /3R5YU/rRUAuaOys4wpYZ6xPFrN2A5KDJ/1RkI6ThjOFyC9x4XnT9mtQF6aVNHqI nzhgAhufFK/hitcW3cmgQnDySQkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSjmVrP tAw7osbLGDRJo+MXWZG3ETAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjk4MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oUowDQYJKoZIhvcNAQELBQADggEBALMUCqRFB7mByDhS5AV+07j4SASwB9o5A98T R0FbJTQVdb6Z/tem1bkCeGNL4iC6FquP1PDV88fAV1uy85EJzskIWzVDw+j3nNV7 sDA1Cx0OxFFeKqP++RtKh6bjv5HPhCybaO1wC0sG9jvtL8tOQlZTIk5+KAoypcso f/lJPpu4l7iun/0OvIHxkHcsUrkxMBoj0UWbdVA/6rW4jNc4hy5ioh6MtCZ+ynqz Wfv62fJ/xid2hJlDs/Ns2RmE3SINjfSkNjzyrHCev0JSjgkgimCGZEZwzzXmrMUa 0rbOvMtyrRv72Ie7Qx8H25Q29EGTdrMjwBaYwlEiElNK7mVtFtY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:40 2026 by rpki-client