$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143003.roa File: AS143003.roa (raw, json) Hash identifier: mXfgPXzy5Dr1unC+2X2mzNixcErjn4acwkbhduM4S/k= Subject key identifier: 15:D0:6B:83:5C:CF:D9:10:D6:E0:EC:FD:E9:E8:B0:89:23:2E:8D:ED Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1239DCDBBCEC67449B187AFC1B90BCBF01C082C8 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143003.roa Signing time: Wed 04 Mar 2026 06:05:16 +0000 ROA not before: Wed 04 Mar 2026 06:00:16 +0000 ROA not after: Wed 03 Mar 2027 06:05:16 +0000 asID: 143003 IP address blocks: 240a:a161::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:39:dc:db:bc:ec:67:44:9b:18:7a:fc:1b:90:bc:bf:01:c0:82:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:16 2026 GMT Not After : Mar 3 06:05:16 2027 GMT Subject: CN=15D06B835CCFD910D6E0ECFDE9E8B089232E8DED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:91:59:b8:6b:79:82:e6:4c:90:98:cf:0f:7b: a2:ba:08:79:82:01:37:70:ca:c0:5a:84:4b:ab:93: 32:aa:80:31:74:5c:de:e8:fe:6b:89:70:a0:84:d8: 13:11:be:63:0e:c5:a1:3e:ae:35:54:8d:f2:4d:91: 21:62:5b:1d:be:79:83:ab:5f:9c:6f:af:7e:6c:24: 3f:54:64:eb:c1:fe:31:1b:fc:91:9d:bb:79:7a:90: 06:23:4f:ae:ff:70:61:55:8e:af:d4:27:47:f1:14: 1a:da:64:4a:c5:6f:09:34:6c:f3:3a:57:3e:84:b2: 65:ab:ac:2e:5e:81:bd:7a:40:c4:e7:47:c0:ef:5a: 7b:a2:1d:0b:ea:37:ff:d8:cd:b8:0b:6e:c3:7d:9b: 37:bb:d5:ad:43:43:f0:e4:41:0c:6a:e8:c0:da:d7: 52:97:43:02:05:de:d1:8b:43:c7:73:a7:f6:54:f6: b6:7d:3c:d6:cc:7d:c6:12:6f:bc:85:26:46:74:0f: 7b:8c:06:6f:d4:8a:67:63:db:4e:27:83:df:cd:e5: 4e:ea:e0:2d:62:15:38:95:79:03:81:f5:aa:f9:e0: 15:d5:26:4a:1f:36:ea:df:16:e3:1c:8f:e5:00:87: c3:e1:98:4c:36:35:c7:c6:28:01:83:cf:05:e8:82: 7d:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:D0:6B:83:5C:CF:D9:10:D6:E0:EC:FD:E9:E8:B0:89:23:2E:8D:ED X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143003.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a161::/32 Signature Algorithm: sha256WithRSAEncryption aa:da:a8:00:ff:4e:f3:ce:97:a8:78:88:ff:19:6d:4b:dc:8d: 50:20:4a:38:0d:ea:75:2c:f8:26:62:05:67:a0:45:f2:ce:1c: 1b:8e:d0:61:24:ed:40:ac:31:c8:02:ff:05:07:0b:fc:79:cc: cf:47:e1:36:29:b6:27:03:d9:33:e2:d5:55:37:5a:7d:37:05: 4a:c3:a9:5f:8d:19:07:e2:43:d3:ca:0e:4b:c1:87:56:a2:1e: d1:7d:16:34:41:3d:c8:d1:c4:ac:c7:fd:d5:90:2d:0b:c3:51: c4:14:5f:b8:d1:bf:7c:84:d4:cf:be:d1:d3:0e:d4:12:78:22: 55:ec:c0:f4:9e:8e:41:92:a1:21:ef:d3:e0:a4:7b:dc:24:6a: 93:08:8d:8f:f8:a3:81:82:e2:d8:e2:6a:e9:1c:21:94:95:39: bf:e8:41:5a:ca:b5:56:b8:62:bf:95:50:58:f5:15:1b:57:d5: 8d:05:10:dd:7c:d9:a7:fc:0f:44:a8:78:16:58:f0:1f:d3:d1: da:53:da:8b:3e:8b:6c:77:86:1a:85:93:dc:aa:fa:73:04:e9: b0:5a:cd:95:25:b1:1d:ce:6e:40:24:4b:98:d8:3e:da:22:1f: 2a:2b:b8:3d:b3:ff:3f:35:c6:ab:4e:8a:0a:84:c6:13:53:70: 94:49:96:8c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUEjnc27zsZ0SbGHr8G5C8vwHAgsgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAxNloX DTI3MDMwMzA2MDUxNlowMzExMC8GA1UEAxMoMTVEMDZCODM1Q0NGRDkxMEQ2RTBF Q0ZERTlFOEIwODkyMzJFOERFRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJGRWbhreYLmTJCYzw97oroIeYIBN3DKwFqES6uTMqqAMXRc3uj+a4lwoITY ExG+Yw7FoT6uNVSN8k2RIWJbHb55g6tfnG+vfmwkP1Rk68H+MRv8kZ27eXqQBiNP rv9wYVWOr9QnR/EUGtpkSsVvCTRs8zpXPoSyZausLl6BvXpAxOdHwO9ae6IdC+o3 /9jNuAtuw32bN7vVrUND8ORBDGrowNrXUpdDAgXe0YtDx3On9lT2tn081sx9xhJv vIUmRnQPe4wGb9SKZ2PbTieD383lTurgLWIVOJV5A4H1qvngFdUmSh826t8W4xyP 5QCHw+GYTDY1x8YoAYPPBeiCfZsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQV0GuD XM/ZENbg7P3p6LCJIy6N7TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzAwMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oWEwDQYJKoZIhvcNAQELBQADggEBAKraqAD/TvPOl6h4iP8ZbUvcjVAgSjgN6nUs +CZiBWegRfLOHBuO0GEk7UCsMcgC/wUHC/x5zM9H4TYpticD2TPi1VU3Wn03BUrD qV+NGQfiQ9PKDkvBh1aiHtF9FjRBPcjRxKzH/dWQLQvDUcQUX7jRv3yE1M++0dMO 1BJ4IlXswPSejkGSoSHv0+Cke9wkapMIjY/4o4GC4tjiaukcIZSVOb/oQVrKtVa4 Yr+VUFj1FRtX1Y0FEN182af8D0SoeBZY8B/T0dpT2os+i2x3hhqFk9yq+nME6bBa zZUlsR3ObkAkS5jYPtoiHyoruD2z/z81xqtOigqExhNTcJRJlow= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:11 2026 by rpki-client