$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143000.roa File: AS143000.roa (raw, json) Hash identifier: 4II/pB0Em4iEN+IabKg1ZxFR44LnU5DXMcJFISCEpEM= Subject key identifier: 8B:C5:28:B2:D3:9A:05:8F:5C:13:24:F0:DA:5F:5E:57:18:A1:47:DF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 04F04F6F173360C6FDA0017DB97F103F9AB21DD8 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143000.roa Signing time: Wed 04 Mar 2026 06:06:49 +0000 ROA not before: Wed 04 Mar 2026 06:01:49 +0000 ROA not after: Wed 03 Mar 2027 06:06:49 +0000 asID: 143000 IP address blocks: 240a:a15e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:f0:4f:6f:17:33:60:c6:fd:a0:01:7d:b9:7f:10:3f:9a:b2:1d:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:49 2026 GMT Not After : Mar 3 06:06:49 2027 GMT Subject: CN=8BC528B2D39A058F5C1324F0DA5F5E5718A147DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:94:c7:83:b9:11:4a:1f:bb:33:08:7a:e3:8b: d5:bb:08:ae:4d:38:d4:9e:a0:3c:85:4d:14:a5:b1: 77:22:58:2a:69:83:07:b1:18:a6:8b:70:6c:5c:0e: 9c:21:21:0d:37:73:a7:9e:a9:a7:68:ca:95:9c:58: e7:94:12:1e:77:d7:c7:40:12:c2:f2:d4:ab:64:07: a4:02:3d:1b:1c:70:48:66:a6:ef:b0:cf:2b:d6:1a: 73:2f:14:6d:5a:d8:54:d6:e2:6c:a0:82:4e:b5:a3: b7:88:e3:04:bf:0c:25:7d:a3:02:54:c0:95:02:35: d4:17:d6:3d:99:df:7d:20:07:4f:98:5c:9c:3a:94: 49:73:7b:f7:16:e0:77:9f:cd:af:95:68:e4:f8:61: 68:1b:26:63:a6:6b:13:2d:7c:c7:fb:78:a3:ca:a2: 79:c4:4a:9c:ff:47:8f:31:8c:3a:d3:ea:1b:9b:3e: 8e:13:b1:12:6e:0e:30:08:1a:76:16:bf:82:55:2f: a2:9b:17:a2:61:32:5b:ff:31:c5:ca:cb:1d:fc:e3: 34:b1:bc:d5:f1:5c:12:28:35:56:ad:a8:77:ea:ca: b4:1e:03:ea:b3:91:37:f2:9b:9f:26:55:44:45:b2: a7:ca:37:f7:66:40:6c:f9:20:5c:27:d2:4a:d6:a2: 48:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:C5:28:B2:D3:9A:05:8F:5C:13:24:F0:DA:5F:5E:57:18:A1:47:DF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143000.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a15e::/32 Signature Algorithm: sha256WithRSAEncryption 9c:93:a8:68:80:af:0b:e5:b5:41:00:e9:66:35:50:e0:dd:57: 85:e5:a5:b4:77:68:3a:2d:68:f8:b0:f8:27:ba:43:dc:f3:71: c4:b0:8f:ba:1c:26:f8:5f:92:98:c9:f1:b7:a3:a8:e1:8f:be: 92:41:38:b0:20:e3:47:e2:62:af:4b:27:53:b3:7e:a8:39:8b: 1f:51:c2:03:b6:2d:31:24:8c:60:02:f8:9f:63:fd:51:7d:dd: 7b:af:09:8a:f6:1e:77:69:c5:b9:ab:b4:01:ab:5c:98:f3:cd: ed:35:af:80:ae:57:40:a2:4d:7f:17:14:7e:04:73:6d:a1:3e: fd:eb:d5:0e:52:e6:c4:34:51:d2:ee:df:ce:09:03:6a:19:ce: fa:06:78:28:5c:b4:bc:0e:ea:ec:f7:a4:64:9b:be:18:22:4e: 2b:34:4d:b3:3c:05:1e:d4:2b:e7:a5:84:10:0d:33:2b:fc:90: 27:7b:98:96:67:51:8a:4c:79:9a:85:32:df:c1:01:9c:25:cf: 81:a6:f6:3c:3d:21:0e:96:19:6d:94:6b:d4:3c:b0:31:ef:5c: af:d0:d5:58:9a:82:95:79:11:7e:97:a7:ee:36:31:5f:bf:b9: 91:7d:59:71:a8:15:97:4e:d1:31:f7:02:51:39:ea:20:33:49: d7:ff:e1:78 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBPBPbxczYMb9oAF9uX8QP5qyHdgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE0OVoX DTI3MDMwMzA2MDY0OVowMzExMC8GA1UEAxMoOEJDNTI4QjJEMzlBMDU4RjVDMTMy NEYwREE1RjVFNTcxOEExNDdERjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKGUx4O5EUofuzMIeuOL1bsIrk041J6gPIVNFKWxdyJYKmmDB7EYpotwbFwO nCEhDTdzp56pp2jKlZxY55QSHnfXx0ASwvLUq2QHpAI9GxxwSGam77DPK9Yacy8U bVrYVNbibKCCTrWjt4jjBL8MJX2jAlTAlQI11BfWPZnffSAHT5hcnDqUSXN79xbg d5/Nr5Vo5PhhaBsmY6ZrEy18x/t4o8qiecRKnP9HjzGMOtPqG5s+jhOxEm4OMAga dha/glUvopsXomEyW/8xxcrLHfzjNLG81fFcEig1Vq2od+rKtB4D6rORN/KbnyZV REWyp8o392ZAbPkgXCfSStaiSLcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSLxSiy 05oFj1wTJPDaX15XGKFH3zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzAwMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oV4wDQYJKoZIhvcNAQELBQADggEBAJyTqGiArwvltUEA6WY1UODdV4XlpbR3aDot aPiw+Ce6Q9zzccSwj7ocJvhfkpjJ8bejqOGPvpJBOLAg40fiYq9LJ1Ozfqg5ix9R wgO2LTEkjGAC+J9j/VF93XuvCYr2HndpxbmrtAGrXJjzze01r4CuV0CiTX8XFH4E c22hPv3r1Q5S5sQ0UdLu384JA2oZzvoGeChctLwO6uz3pGSbvhgiTis0TbM8BR7U K+elhBANMyv8kCd7mJZnUYpMeZqFMt/BAZwlz4Gm9jw9IQ6WGW2Ua9Q8sDHvXK/Q 1ViagpV5EX6Xp+42MV+/uZF9WXGoFZdO0TH3AlE56iAzSdf/4Xg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:49 2026 by rpki-client