$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143005.roa File: AS143005.roa (raw, json) Hash identifier: YQvr52aLxjtsiWrtcmFRj4UlJWGK7ZTHBsdM/66iFxw= Subject key identifier: 4E:E3:D0:41:DC:48:B9:A8:69:DE:C7:4F:95:58:5C:8C:85:EA:8E:39 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 250C30AAE9A4032C166CFA4B29960C4663FE9325 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143005.roa Signing time: Wed 04 Mar 2026 06:06:48 +0000 ROA not before: Wed 04 Mar 2026 06:01:48 +0000 ROA not after: Wed 03 Mar 2027 06:06:48 +0000 asID: 143005 IP address blocks: 240a:a163::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:0c:30:aa:e9:a4:03:2c:16:6c:fa:4b:29:96:0c:46:63:fe:93:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:48 2026 GMT Not After : Mar 3 06:06:48 2027 GMT Subject: CN=4EE3D041DC48B9A869DEC74F95585C8C85EA8E39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:30:3d:bf:2d:97:f8:37:bd:a0:61:91:72:e6: b7:ae:17:b8:e1:aa:28:05:f1:a6:5b:a4:3d:8c:6a: 4d:85:7e:08:50:57:d8:2e:ab:a1:55:13:f1:19:14: 6b:99:1a:31:46:9d:5a:5b:ad:39:5c:a9:d5:46:38: 91:ae:62:e2:08:f2:65:6c:cb:72:ef:20:24:e7:ae: 92:bb:86:2d:87:3c:41:4c:65:14:1a:9b:64:10:20: d0:b7:0e:d4:45:7c:dd:67:42:c4:96:91:43:32:ca: 97:29:84:76:02:35:8b:6f:1a:41:aa:04:1e:79:42: 01:88:d7:4d:97:ee:57:ba:93:47:4d:06:e3:62:85: cc:25:cc:c6:b2:de:54:dc:bd:1d:3a:56:8b:12:07: d3:1a:a2:56:a1:f4:a0:79:5c:0d:37:29:61:5e:58: 85:20:85:54:c4:73:7b:93:46:89:32:25:04:b1:57: ed:70:23:43:59:7b:33:eb:93:e9:26:f2:d5:33:46: 7f:27:39:90:28:96:e1:01:94:83:2c:86:bd:35:b8: bb:e3:9d:a2:28:4d:ad:a2:bb:da:db:83:dc:4e:83: dd:a3:1b:0c:e3:7f:f3:a7:a2:49:10:be:5b:60:85: dc:2c:de:7b:9b:a0:a7:29:9a:b7:ca:ab:46:f9:e3: 24:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:E3:D0:41:DC:48:B9:A8:69:DE:C7:4F:95:58:5C:8C:85:EA:8E:39 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143005.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a163::/32 Signature Algorithm: sha256WithRSAEncryption 48:04:76:d6:90:23:0d:03:5e:7d:89:79:e8:8c:cf:6b:ec:80: 7d:57:b4:1c:63:b5:86:d5:6b:9d:94:02:49:9d:f9:44:4a:96: d6:fc:2a:75:d0:7d:61:24:76:7f:2a:3a:0e:ef:00:62:ec:79: f7:ec:6b:89:67:4b:e4:e2:51:af:5a:95:53:92:37:c1:2d:f2: dd:51:f6:19:11:7b:f1:62:d0:e9:59:30:c5:3e:18:29:19:0f: 8d:a1:22:e9:43:c1:b9:5d:f8:9e:d7:61:0d:22:bd:3a:8a:ac: 73:5c:e1:ec:32:54:37:d2:53:c1:06:cb:18:d5:dc:05:f4:c1: f2:36:3d:fe:5d:a1:cd:b1:98:46:64:25:c8:91:8e:ee:71:57: 0d:d0:37:74:9e:72:5b:98:b3:d3:c4:a1:17:b8:0e:5c:36:8f: ad:53:fb:50:b1:59:c5:15:36:08:c8:b7:f5:04:54:5a:37:df: 8b:f4:81:c2:6e:66:3e:51:c6:c4:21:7c:c1:0d:8b:5f:f1:d0: a1:66:1a:bd:82:57:74:56:c6:23:92:98:a6:2e:9f:e6:64:d9: 7a:a3:34:c3:49:3c:c1:43:4d:84:59:55:a4:22:2d:7c:5e:c7: 6b:38:91:25:96:89:08:36:67:18:04:ce:7b:18:c5:fa:e7:03: 75:a4:15:05 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJQwwqumkAywWbPpLKZYMRmP+kyUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE0OFoX DTI3MDMwMzA2MDY0OFowMzExMC8GA1UEAxMoNEVFM0QwNDFEQzQ4QjlBODY5REVD NzRGOTU1ODVDOEM4NUVBOEUzOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMwwPb8tl/g3vaBhkXLmt64XuOGqKAXxplukPYxqTYV+CFBX2C6roVUT8RkU a5kaMUadWlutOVyp1UY4ka5i4gjyZWzLcu8gJOeukruGLYc8QUxlFBqbZBAg0LcO 1EV83WdCxJaRQzLKlymEdgI1i28aQaoEHnlCAYjXTZfuV7qTR00G42KFzCXMxrLe VNy9HTpWixIH0xqiVqH0oHlcDTcpYV5YhSCFVMRze5NGiTIlBLFX7XAjQ1l7M+uT 6Sby1TNGfyc5kCiW4QGUgyyGvTW4u+OdoihNraK72tuD3E6D3aMbDON/86eiSRC+ W2CF3Czee5ugpymat8qrRvnjJF0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRO49BB 3Ei5qGnex0+VWFyMheqOOTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzAwNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oWMwDQYJKoZIhvcNAQELBQADggEBAEgEdtaQIw0DXn2JeeiMz2vsgH1XtBxjtYbV a52UAkmd+URKltb8KnXQfWEkdn8qOg7vAGLseffsa4lnS+TiUa9alVOSN8Et8t1R 9hkRe/Fi0OlZMMU+GCkZD42hIulDwbld+J7XYQ0ivTqKrHNc4ewyVDfSU8EGyxjV 3AX0wfI2Pf5doc2xmEZkJciRju5xVw3QN3SecluYs9PEoRe4Dlw2j61T+1CxWcUV NgjIt/UEVFo334v0gcJuZj5RxsQhfMENi1/x0KFmGr2CV3RWxiOSmKYun+Zk2Xqj NMNJPMFDTYRZVaQiLXxex2s4kSWWiQg2ZxgEznsYxfrnA3WkFQU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:45 2026 by rpki-client