$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142981.roa File: AS142981.roa (raw, json) Hash identifier: NqpKGykk7ebEYzWHiLs1l0jMqJ8HOwGIAHHvHXVKXrQ= Subject key identifier: 32:CF:1A:06:0A:58:6C:F3:86:0D:44:7F:D5:8F:B7:30:81:D4:81:49 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 11EFE783A237F9D5FC199E72DD4FE5B8B9DC1C18 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142981.roa Signing time: Wed 04 Mar 2026 06:05:59 +0000 ROA not before: Wed 04 Mar 2026 06:00:59 +0000 ROA not after: Wed 03 Mar 2027 06:05:59 +0000 asID: 142981 IP address blocks: 240a:a14b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:ef:e7:83:a2:37:f9:d5:fc:19:9e:72:dd:4f:e5:b8:b9:dc:1c:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:59 2026 GMT Not After : Mar 3 06:05:59 2027 GMT Subject: CN=32CF1A060A586CF3860D447FD58FB73081D48149 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:4a:8a:da:a5:74:68:90:2b:9c:5b:84:ac:12: 8a:b1:1d:01:ec:f8:ee:32:ef:44:f6:f8:35:e5:5a: 80:79:44:2c:cb:46:dc:77:76:08:42:db:bc:03:f3: ef:45:1c:8d:58:1d:4a:8c:07:20:4a:5d:51:8d:02: 3a:0f:6c:23:57:d9:85:5d:89:7d:26:74:44:44:f1: 5b:0a:0f:ec:23:83:65:dd:0c:00:bc:34:67:53:5f: 59:49:9e:a0:cd:d0:64:e8:91:42:fb:db:d2:a2:ff: d9:67:77:16:10:9c:26:75:dd:f6:01:a7:ed:6d:8c: 99:27:d0:eb:ce:48:2b:55:20:e1:80:a0:63:c4:d4: 8c:5d:a1:61:44:80:9c:94:2a:d5:b6:4b:71:9a:90: ec:6b:c6:73:9a:05:94:f7:f5:c6:c0:bf:68:c4:6d: 6f:47:96:bd:55:c3:67:74:91:25:74:5e:dd:a3:ef: 0d:11:4c:67:51:e5:40:49:ad:fb:5d:63:77:85:0f: d5:9c:6d:08:99:19:16:0a:4e:a6:a9:35:79:b4:68: 4a:a1:c3:4e:7c:2e:d5:c6:60:86:81:bd:13:27:90: 55:fe:97:02:00:57:20:27:28:2f:86:3e:1b:46:42: 42:63:93:af:1e:38:12:47:0e:a7:4c:52:93:97:37: 55:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:CF:1A:06:0A:58:6C:F3:86:0D:44:7F:D5:8F:B7:30:81:D4:81:49 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142981.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a14b::/32 Signature Algorithm: sha256WithRSAEncryption 7d:cb:fa:58:bb:3b:b8:88:60:57:dd:95:60:13:45:9a:1f:21: 97:7c:3d:d3:70:75:64:0f:73:d6:54:93:55:3c:a9:06:9e:11: 88:fe:47:0d:e9:9d:a9:ee:86:68:39:71:a4:4c:1c:89:e4:ed: f6:3b:a7:02:09:07:3b:98:4f:4d:6a:fe:26:7e:22:a2:77:65: 91:19:ae:98:44:3b:8d:21:e4:bb:37:d9:74:59:90:e0:ea:95: 33:aa:36:00:99:95:cc:15:1a:54:fc:66:b1:f4:99:75:6f:e6: 0f:ec:30:3a:47:da:a8:94:06:65:21:e6:38:53:e9:e6:c2:dc: a1:81:99:57:da:1e:55:cf:7d:ca:4f:75:42:4c:e1:db:01:e6: 6b:77:8e:51:b2:b3:61:87:ef:7e:2f:36:4a:1b:8d:53:fd:84: f2:13:fb:70:bc:27:9e:ef:ed:24:6a:5b:fe:e0:93:47:4e:fd: 70:c4:00:95:46:8e:bc:17:c5:cc:0c:79:78:62:5f:0d:0f:01: 7c:4c:d1:5d:e3:56:23:39:e1:74:dd:3a:f6:b8:70:2e:08:17: 12:e9:62:fc:4e:f6:bc:75:58:02:28:f3:9a:84:a2:67:4b:55: 11:60:ba:a0:ca:a2:34:b7:b1:47:89:50:39:ca:d0:db:39:e6: 02:cb:0b:33 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUEe/ng6I3+dX8GZ5y3U/luLncHBgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA1OVoX DTI3MDMwMzA2MDU1OVowMzExMC8GA1UEAxMoMzJDRjFBMDYwQTU4NkNGMzg2MEQ0 NDdGRDU4RkI3MzA4MUQ0ODE0OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMBKitqldGiQK5xbhKwSirEdAez47jLvRPb4NeVagHlELMtG3Hd2CELbvAPz 70UcjVgdSowHIEpdUY0COg9sI1fZhV2JfSZ0RETxWwoP7CODZd0MALw0Z1NfWUme oM3QZOiRQvvb0qL/2Wd3FhCcJnXd9gGn7W2MmSfQ685IK1Ug4YCgY8TUjF2hYUSA nJQq1bZLcZqQ7GvGc5oFlPf1xsC/aMRtb0eWvVXDZ3SRJXRe3aPvDRFMZ1HlQEmt +11jd4UP1ZxtCJkZFgpOpqk1ebRoSqHDTnwu1cZghoG9EyeQVf6XAgBXICcoL4Y+ G0ZCQmOTrx44EkcOp0xSk5c3VRsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQyzxoG Clhs84YNRH/Vj7cwgdSBSTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjk4MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oUswDQYJKoZIhvcNAQELBQADggEBAH3L+li7O7iIYFfdlWATRZofIZd8PdNwdWQP c9ZUk1U8qQaeEYj+Rw3pnanuhmg5caRMHInk7fY7pwIJBzuYT01q/iZ+IqJ3ZZEZ rphEO40h5Ls32XRZkODqlTOqNgCZlcwVGlT8ZrH0mXVv5g/sMDpH2qiUBmUh5jhT 6ebC3KGBmVfaHlXPfcpPdUJM4dsB5mt3jlGys2GH734vNkobjVP9hPIT+3C8J57v 7SRqW/7gk0dO/XDEAJVGjrwXxcwMeXhiXw0PAXxM0V3jViM54XTdOva4cC4IFxLp YvxO9rx1WAIo85qEomdLVRFguqDKojS3sUeJUDnK0Ns55gLLCzM= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:29 2026 by rpki-client