$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS142990.roa File: AS142990.roa (raw, json) Hash identifier: B4MEwaCeGuNZjkC/kku0jtrmGmo+RjenxZ4+Dx5ttuk= Subject key identifier: 84:8C:A6:C3:06:BE:42:E9:20:E0:D5:EC:13:42:65:21:5D:74:C8:7C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3E874E1DC3176B9CBE06C8B666DA3BEB16DF4348 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS142990.roa Signing time: Wed 04 Mar 2026 06:07:20 +0000 ROA not before: Wed 04 Mar 2026 06:02:20 +0000 ROA not after: Wed 03 Mar 2027 06:07:20 +0000 asID: 142990 IP address blocks: 240a:a154::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:87:4e:1d:c3:17:6b:9c:be:06:c8:b6:66:da:3b:eb:16:df:43:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:20 2026 GMT Not After : Mar 3 06:07:20 2027 GMT Subject: CN=848CA6C306BE42E920E0D5EC134265215D74C87C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:1a:4e:8a:5c:5f:5f:70:1f:43:5f:5d:56:1c: 09:c8:8f:a2:a8:7f:0a:54:03:21:47:96:5e:27:9e: 7a:66:16:57:bd:5f:6f:69:8e:58:0a:e7:89:84:f0: ea:e3:20:a7:d8:e8:b4:e5:06:c5:3f:35:9c:f2:45: ff:ae:2f:07:49:40:11:7a:d1:89:f8:43:81:dc:9d: f9:c9:67:9f:6f:9b:ee:32:c8:cf:1a:eb:34:db:90: cf:3c:67:c2:70:87:b1:1a:df:af:1b:2d:43:df:8a: 64:41:65:e3:c5:7c:1c:f9:11:31:2b:e7:9f:98:6a: cf:c5:1f:ec:f5:2a:ea:fd:7f:7a:74:0e:ab:bb:71: 9d:8c:57:6e:5c:3e:db:fd:f0:db:0e:a6:51:2b:b6: 1b:5d:4c:83:99:2a:94:b4:d0:e8:03:05:32:fb:0e: 76:d8:68:98:35:2a:04:92:8a:7a:fb:12:2f:28:1f: 2d:11:92:0c:dc:ad:56:83:86:f5:82:ae:50:5f:83: 82:6b:22:93:4c:bd:9e:86:00:a1:b7:89:22:15:b6: 21:37:14:ad:8b:f2:24:b7:80:12:90:46:9a:5e:45: 48:4d:d6:f4:da:ab:52:3f:46:2a:b3:27:d4:a2:8c: bd:8c:10:e9:63:ee:e4:68:90:7b:a4:6e:ad:bc:1c: 4e:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:8C:A6:C3:06:BE:42:E9:20:E0:D5:EC:13:42:65:21:5D:74:C8:7C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS142990.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a154::/32 Signature Algorithm: sha256WithRSAEncryption 9e:ce:64:e8:f7:d4:4d:06:da:0e:3f:52:29:27:47:aa:c1:2f: ec:54:f0:05:b0:f1:8a:f2:bf:aa:ec:0e:36:7e:c0:12:84:89: 1b:f2:05:d5:72:74:56:ba:37:6b:93:b1:98:a8:bb:cf:1e:bb: a7:66:be:b9:b3:0f:a2:b9:46:05:ec:60:20:b0:23:ae:0d:bf: 65:86:e6:e8:35:0c:54:eb:e6:40:ee:19:6d:93:77:09:97:3d: 9f:bc:46:d6:5b:e1:8c:3c:f2:d7:90:69:a3:99:11:cc:14:4b: fb:5e:06:46:45:e3:af:68:ec:31:c3:29:c6:6b:51:74:e0:eb: e2:a0:0c:44:29:e2:6d:94:fb:3c:b7:1e:87:c2:7e:4c:ad:13: 6d:ef:e3:f9:94:c2:1e:28:f2:97:91:b6:d9:76:f3:87:01:3f: 88:6b:2a:52:48:77:fc:88:a0:c8:94:bc:b0:90:79:11:9f:d8: d0:5f:e3:c1:29:6d:df:6d:8c:cb:d3:fc:ce:3c:a2:95:ac:af: cb:60:aa:f4:6a:99:1f:78:d4:57:d3:9d:24:dd:0d:01:f2:ac: e2:7b:fa:2c:20:9a:b5:dd:35:e6:41:d6:dd:80:77:e9:aa:bd: 5e:86:d5:e9:2d:14:87:f1:8a:51:a3:90:ba:e7:d8:e3:96:f1: 5b:2a:95:d4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPodOHcMXa5y+Bsi2Zto76xbfQ0gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIyMFoX DTI3MDMwMzA2MDcyMFowMzExMC8GA1UEAxMoODQ4Q0E2QzMwNkJFNDJFOTIwRTBE NUVDMTM0MjY1MjE1RDc0Qzg3QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKQaTopcX19wH0NfXVYcCciPoqh/ClQDIUeWXieeemYWV71fb2mOWArniYTw 6uMgp9jotOUGxT81nPJF/64vB0lAEXrRifhDgdyd+clnn2+b7jLIzxrrNNuQzzxn wnCHsRrfrxstQ9+KZEFl48V8HPkRMSvnn5hqz8Uf7PUq6v1/enQOq7txnYxXblw+ 2/3w2w6mUSu2G11Mg5kqlLTQ6AMFMvsOdthomDUqBJKKevsSLygfLRGSDNytVoOG 9YKuUF+Dgmsik0y9noYAobeJIhW2ITcUrYvyJLeAEpBGml5FSE3W9NqrUj9GKrMn 1KKMvYwQ6WPu5GiQe6RurbwcTk8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSEjKbD Br5C6SDg1ewTQmUhXXTIfDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mjk5MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oVQwDQYJKoZIhvcNAQELBQADggEBAJ7OZOj31E0G2g4/UiknR6rBL+xU8AWw8Yry v6rsDjZ+wBKEiRvyBdVydFa6N2uTsZiou88eu6dmvrmzD6K5RgXsYCCwI64Nv2WG 5ug1DFTr5kDuGW2TdwmXPZ+8RtZb4Yw88teQaaOZEcwUS/teBkZF469o7DHDKcZr UXTg6+KgDEQp4m2U+zy3HofCfkytE23v4/mUwh4o8peRttl284cBP4hrKlJId/yI oMiUvLCQeRGf2NBf48Epbd9tjMvT/M48opWsr8tgqvRqmR941FfTnSTdDQHyrOJ7 +iwgmrXdNeZB1t2Ad+mqvV6G1ektFIfxilGjkLrn2OOW8VsqldQ= -----END CERTIFICATE-----Generated at Sat Mar 28 13:14:18 2026 by rpki-client