$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142989.roa File: AS142989.roa (raw, json) Hash identifier: QJGRcrwZdgAFfGhZ3Jl42L4nZP6CrKfDWsIMCSiQSW4= Subject key identifier: 38:F7:03:4F:D5:1E:CA:5E:36:02:A3:BC:9B:76:F4:ED:26:A8:A3:22 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6167ADCFFE4D3E84602DA94DD7F4D47F178F9364 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142989.roa Signing time: Wed 04 Mar 2026 06:05:18 +0000 ROA not before: Wed 04 Mar 2026 06:00:18 +0000 ROA not after: Wed 03 Mar 2027 06:05:18 +0000 asID: 142989 IP address blocks: 240a:a153::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:67:ad:cf:fe:4d:3e:84:60:2d:a9:4d:d7:f4:d4:7f:17:8f:93:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:18 2026 GMT Not After : Mar 3 06:05:18 2027 GMT Subject: CN=38F7034FD51ECA5E3602A3BC9B76F4ED26A8A322 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:94:a9:c7:36:8e:2c:6f:e2:e5:c5:45:79:46: f6:40:b5:87:40:fa:14:42:e0:60:0e:ec:66:9c:6e: b3:5f:1a:7b:7b:ca:37:3e:72:14:53:91:91:2c:b1: 8a:f7:1d:d3:6a:cf:0e:20:c6:23:43:d2:4c:15:f4: bb:64:08:73:0b:aa:2f:15:c5:a0:b7:c3:04:0a:89: 3a:88:0a:ea:78:58:39:20:c1:70:f4:ec:15:1e:66: ad:d0:b3:c5:ea:18:71:ec:ef:85:16:6d:93:9d:2b: cd:98:59:22:6c:d6:b9:c9:2f:07:bc:e5:0d:9e:6a: 03:f9:ee:6f:6a:eb:67:71:6a:4f:67:49:22:23:d5: 13:66:fc:9b:7f:4c:48:a0:06:bc:60:25:57:0a:3d: 57:f3:06:dc:67:61:4b:32:d3:26:36:8c:f1:ac:6d: fd:b7:79:21:3b:a8:16:96:f8:93:68:3e:20:81:f1: 76:28:1c:ef:12:36:1c:4e:97:d3:ee:24:5b:10:28: 90:24:50:43:cd:5b:6e:de:48:ee:b2:72:44:bd:31: 42:81:29:a8:8e:0d:de:c3:6e:04:f0:13:aa:c2:7c: b7:f2:66:76:5c:cc:24:cb:8a:7c:80:ff:f0:5e:61: 9b:d0:7a:08:4e:b1:3c:d3:d0:02:60:9b:a5:95:e1: af:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:F7:03:4F:D5:1E:CA:5E:36:02:A3:BC:9B:76:F4:ED:26:A8:A3:22 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142989.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a153::/32 Signature Algorithm: sha256WithRSAEncryption db:04:3d:ba:63:54:11:c2:4e:38:1d:c7:24:78:60:14:dc:d9: 9f:06:b5:2e:96:99:a8:32:ff:81:d7:38:dc:a4:97:0a:73:ee: 34:5e:ea:08:2f:17:e6:89:2e:0e:b2:18:7b:6f:ec:c3:58:a0: db:c5:d9:90:f1:0b:87:13:2a:14:fb:79:f0:54:92:57:1f:b1: d3:96:56:d2:ac:ee:a9:36:82:87:67:fc:9d:88:be:7f:4f:76: d3:61:85:d6:67:44:e0:8c:f7:0b:a2:4e:e1:2f:e9:d1:a6:ae: 9e:18:bf:08:10:7c:c9:2f:79:7f:c3:74:cc:98:01:b4:78:c3: 51:9e:c2:63:a5:54:d7:06:72:6c:1c:39:e6:51:4a:9b:0d:12: 45:ef:00:2b:83:c3:70:36:20:eb:11:3f:3f:20:36:ef:18:9e: 0d:ba:4c:5f:77:e3:d7:d6:ec:17:93:09:34:06:7b:2f:0a:ab: 5b:14:15:07:00:e3:a3:a5:89:6a:30:4f:55:40:d7:45:c6:0d: 38:70:98:70:79:79:44:ab:3d:b0:fb:ad:eb:08:70:3b:ab:07: 02:74:55:b4:aa:8d:9e:0f:2c:23:6a:a2:40:33:b3:6b:ab:fb: bb:a7:37:5c:9d:d2:48:fd:e2:86:01:74:bd:e2:1c:0c:c9:d1: 52:ff:48:fb -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUYWetz/5NPoRgLalN1/TUfxePk2QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAxOFoX DTI3MDMwMzA2MDUxOFowMzExMC8GA1UEAxMoMzhGNzAzNEZENTFFQ0E1RTM2MDJB M0JDOUI3NkY0RUQyNkE4QTMyMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALCUqcc2jixv4uXFRXlG9kC1h0D6FELgYA7sZpxus18ae3vKNz5yFFORkSyx ivcd02rPDiDGI0PSTBX0u2QIcwuqLxXFoLfDBAqJOogK6nhYOSDBcPTsFR5mrdCz xeoYcezvhRZtk50rzZhZImzWuckvB7zlDZ5qA/nub2rrZ3FqT2dJIiPVE2b8m39M SKAGvGAlVwo9V/MG3GdhSzLTJjaM8axt/bd5ITuoFpb4k2g+IIHxdigc7xI2HE6X 0+4kWxAokCRQQ81bbt5I7rJyRL0xQoEpqI4N3sNuBPATqsJ8t/JmdlzMJMuKfID/ 8F5hm9B6CE6xPNPQAmCbpZXhr90CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ49wNP 1R7KXjYCo7ybdvTtJqijIjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjk4OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oVMwDQYJKoZIhvcNAQELBQADggEBANsEPbpjVBHCTjgdxyR4YBTc2Z8GtS6Wmagy /4HXONyklwpz7jRe6ggvF+aJLg6yGHtv7MNYoNvF2ZDxC4cTKhT7efBUklcfsdOW VtKs7qk2godn/J2Ivn9PdtNhhdZnROCM9wuiTuEv6dGmrp4YvwgQfMkveX/DdMyY AbR4w1GewmOlVNcGcmwcOeZRSpsNEkXvACuDw3A2IOsRPz8gNu8Yng26TF9349fW 7BeTCTQGey8Kq1sUFQcA46OliWowT1VA10XGDThwmHB5eUSrPbD7resIcDurBwJ0 VbSqjZ4PLCNqokAzs2ur+7unN1yd0kj94oYBdL3iHAzJ0VL/SPs= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:34 2026 by rpki-client