$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143002.roa File: AS143002.roa (raw, json) Hash identifier: i7xgVfRzGBp5ujYV+EIrrr2cumLdXiFvICq37fUtczM= Subject key identifier: E3:33:10:CA:C8:BB:21:55:E6:A6:24:FE:35:57:66:6D:37:21:51:1A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 520365EBD73EC5E94AD28ACA4C389E1A164CEFF8 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143002.roa Signing time: Wed 04 Mar 2026 06:05:08 +0000 ROA not before: Wed 04 Mar 2026 06:00:08 +0000 ROA not after: Wed 03 Mar 2027 06:05:08 +0000 asID: 143002 IP address blocks: 240a:a160::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:03:65:eb:d7:3e:c5:e9:4a:d2:8a:ca:4c:38:9e:1a:16:4c:ef:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:08 2026 GMT Not After : Mar 3 06:05:08 2027 GMT Subject: CN=E33310CAC8BB2155E6A624FE3557666D3721511A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:fa:57:6c:ef:7a:54:bf:51:74:af:da:90:32: cf:0f:e4:79:f8:35:39:7e:87:30:eb:ee:70:e8:32: cf:99:41:7d:a8:72:a6:8b:c8:90:91:b6:e3:5a:07: 91:ef:c0:cc:da:12:46:9d:6c:17:ad:e2:ef:0b:8a: 42:72:4a:eb:88:4d:8f:21:15:1d:24:b4:b3:92:a9: b5:aa:57:b4:d7:1d:c0:cb:9c:a4:e9:a4:6d:f7:85: 10:30:14:ad:9d:89:26:22:21:21:f6:67:32:22:2b: 05:b0:6a:5f:49:ed:91:f4:2e:56:8e:b6:db:8e:12: 7d:43:43:7c:e5:2b:e6:7a:10:f9:b5:2d:25:8d:07: 79:34:e4:e4:80:a1:ee:ef:8c:88:d5:39:ef:8f:11: 26:e2:75:68:4e:db:f4:6c:0f:46:18:05:5e:f8:cf: ce:12:bf:4b:e2:57:80:85:b5:04:2f:55:30:ef:8b: 85:68:5a:c3:20:0f:09:cd:d4:55:ad:31:56:d8:1b: ca:73:af:70:f4:d9:67:d4:26:09:64:b1:3c:f1:4d: 29:d4:10:71:7a:05:71:5f:3f:23:6f:fa:8e:1c:20: e2:92:55:4b:61:04:ff:43:ec:66:b7:b0:97:90:c7: 54:43:c7:64:57:eb:a8:f5:a0:4f:fc:4c:89:c7:9c: 55:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:33:10:CA:C8:BB:21:55:E6:A6:24:FE:35:57:66:6D:37:21:51:1A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143002.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a160::/32 Signature Algorithm: sha256WithRSAEncryption 7b:e7:0f:d2:1d:d7:74:5a:4d:cb:69:ea:dc:73:29:67:e4:bd: 23:f4:9f:90:dc:6a:78:1a:35:c0:fa:34:de:9e:1f:47:32:b2: 88:ff:85:1d:e0:3c:40:f0:72:95:77:ee:f8:05:80:e7:25:07: 8c:a7:e8:48:57:72:58:f0:b1:9c:13:0e:e9:0d:30:4d:49:ac: fd:e4:fc:75:f8:e2:bc:49:01:11:fa:54:7a:95:d9:d8:87:90: fe:ca:23:3b:6d:45:f5:9e:bc:5e:f2:07:42:6e:ab:e2:70:04: 5c:1c:a9:ef:65:1c:26:ef:c5:a8:99:03:d9:76:00:bb:8d:6d: 81:f6:30:bb:a5:12:40:e3:1a:8d:40:4d:00:31:26:65:55:69: 2a:27:3c:14:ad:6f:e1:87:f4:c2:1e:40:0f:d3:f3:64:26:35: e1:d5:92:5a:fe:0a:58:f2:25:55:57:fb:cc:59:47:fe:00:da: dd:4d:69:ba:f2:ea:73:bc:1a:94:59:e3:f3:03:d6:58:d0:4c: 9e:13:7c:0a:de:70:55:a1:8b:a9:2f:1b:6f:14:eb:c0:0e:d3: 68:f8:4d:c4:81:b6:ea:b3:d6:74:b4:1d:1e:ed:92:d5:72:af: 71:a4:66:61:98:ea:c4:2a:96:0d:e5:a5:63:0d:34:f9:3d:5b: ce:85:84:f4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUUgNl69c+xelK0orKTDieGhZM7/gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAwOFoX DTI3MDMwMzA2MDUwOFowMzExMC8GA1UEAxMoRTMzMzEwQ0FDOEJCMjE1NUU2QTYy NEZFMzU1NzY2NkQzNzIxNTExQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMX6V2zvelS/UXSv2pAyzw/kefg1OX6HMOvucOgyz5lBfahypovIkJG241oH ke/AzNoSRp1sF63i7wuKQnJK64hNjyEVHSS0s5KptapXtNcdwMucpOmkbfeFEDAU rZ2JJiIhIfZnMiIrBbBqX0ntkfQuVo62244SfUNDfOUr5noQ+bUtJY0HeTTk5ICh 7u+MiNU5748RJuJ1aE7b9GwPRhgFXvjPzhK/S+JXgIW1BC9VMO+LhWhawyAPCc3U Va0xVtgbynOvcPTZZ9QmCWSxPPFNKdQQcXoFcV8/I2/6jhwg4pJVS2EE/0PsZrew l5DHVEPHZFfrqPWgT/xMicecVUcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTjMxDK yLshVeamJP41V2ZtNyFRGjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzAwMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oWAwDQYJKoZIhvcNAQELBQADggEBAHvnD9Id13RaTctp6txzKWfkvSP0n5Dcanga NcD6NN6eH0cysoj/hR3gPEDwcpV37vgFgOclB4yn6EhXcljwsZwTDukNME1JrP3k /HX44rxJARH6VHqV2diHkP7KIzttRfWevF7yB0Juq+JwBFwcqe9lHCbvxaiZA9l2 ALuNbYH2MLulEkDjGo1ATQAxJmVVaSonPBStb+GH9MIeQA/T82QmNeHVklr+Cljy JVVX+8xZR/4A2t1Nabry6nO8GpRZ4/MD1ljQTJ4TfArecFWhi6kvG28U68AO02j4 TcSBtuqz1nS0HR7tktVyr3GkZmGY6sQqlg3lpWMNNPk9W86FhPQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:47 2026 by rpki-client