$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143007.roa File: AS143007.roa (raw, json) Hash identifier: AM3PK4o9LJg53al5m8+Gw/+0W8cJCM76f8HMI4mBQoA= Subject key identifier: 53:80:1C:88:B7:07:5B:76:15:10:BE:92:D7:D3:97:7E:23:A7:2D:2D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 02150B7CD3BD4EECCDCE55BDD1E2E5A84ECB0CA0 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143007.roa Signing time: Wed 04 Mar 2026 06:05:46 +0000 ROA not before: Wed 04 Mar 2026 06:00:46 +0000 ROA not after: Wed 03 Mar 2027 06:05:46 +0000 asID: 143007 IP address blocks: 240a:a165::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:15:0b:7c:d3:bd:4e:ec:cd:ce:55:bd:d1:e2:e5:a8:4e:cb:0c:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:46 2026 GMT Not After : Mar 3 06:05:46 2027 GMT Subject: CN=53801C88B7075B761510BE92D7D3977E23A72D2D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:83:bc:69:b0:6c:e5:e0:89:9a:17:cd:5c:16: a4:cb:70:e9:08:75:9a:d1:a8:d6:b6:0e:4b:0e:cc: 06:75:bc:e1:db:cd:e7:7e:85:3d:cd:4f:f6:39:74: 52:24:fc:22:30:53:3a:77:78:84:ff:69:cb:77:3b: ba:87:2b:ff:1e:71:6a:ca:b5:62:91:2b:f3:44:07: 32:da:25:17:f9:7c:f3:02:a1:67:78:c4:05:fe:13: 11:6d:24:e3:5c:f4:04:9b:70:e7:83:a4:8b:f9:91: 2c:0f:02:42:c9:97:6e:04:1e:85:62:80:90:e6:27: 0f:a4:71:6e:8a:99:b3:af:44:83:4b:07:50:9f:3d: 87:8a:13:ea:a4:3b:30:7c:da:f1:23:70:94:7d:d0: 40:b2:a2:3b:3e:ac:fa:b1:08:be:55:89:db:04:5b: 7f:d9:6c:45:9c:40:ad:86:29:03:d3:d0:0d:ed:9a: 6b:67:3a:6d:89:9a:2c:76:c0:e4:fb:fc:23:78:7d: c1:9d:b7:14:e2:fa:5a:72:b4:39:3a:21:48:53:dc: c7:de:90:dc:9c:2e:19:f4:3a:d2:31:97:39:4d:4a: dc:28:a4:29:b6:6e:0a:cf:66:59:c4:b2:10:ae:3b: ed:9c:98:48:1a:61:41:b8:a1:e9:f9:9e:43:2f:7f: 16:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:80:1C:88:B7:07:5B:76:15:10:BE:92:D7:D3:97:7E:23:A7:2D:2D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143007.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a165::/32 Signature Algorithm: sha256WithRSAEncryption 31:50:c0:b9:43:35:1e:a5:55:7d:f4:ae:16:b3:5a:21:a8:a5: c3:ed:53:ac:58:d0:0c:80:17:af:66:3d:bf:1b:a9:03:b3:3f: 17:0d:a7:07:f4:b9:27:e6:67:5f:d4:e2:b1:c0:52:92:05:44: 80:1d:3e:48:00:7d:6f:8d:ec:da:f9:2f:48:81:14:06:d8:be: 63:ca:7c:5f:55:c8:25:c4:ee:24:b3:84:62:4f:ee:97:f4:65: 92:f4:1d:5d:2c:e1:84:2b:b1:4d:93:8b:84:09:26:f1:ed:f5: a1:3c:b7:23:54:a7:68:e4:f5:fe:a5:c2:d6:b0:b7:6d:30:3f: 62:f5:c4:4f:9a:dc:d6:8c:df:15:1c:dd:9f:a9:22:30:8c:fd: ec:ab:0e:64:a5:c8:4b:84:11:d1:71:16:a2:34:07:74:40:c5: 7c:80:57:a5:0a:00:5e:cf:6b:ea:f4:f2:e0:ea:8a:56:87:a7: a1:4c:d5:f5:4e:d5:d4:90:0f:ae:ec:e1:50:64:48:35:03:95: 23:75:0d:07:9b:2b:23:eb:64:7f:5c:c7:44:11:37:86:4b:c2: 46:bd:44:c8:49:7f:29:28:50:59:bf:95:17:ac:67:e0:82:71: 89:1d:3b:21:a9:c9:20:07:65:b8:c2:a0:9e:48:b6:1f:de:ee: 30:9e:85:38 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUAhULfNO9TuzNzlW90eLlqE7LDKAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA0NloX DTI3MDMwMzA2MDU0NlowMzExMC8GA1UEAxMoNTM4MDFDODhCNzA3NUI3NjE1MTBC RTkyRDdEMzk3N0UyM0E3MkQyRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJuDvGmwbOXgiZoXzVwWpMtw6Qh1mtGo1rYOSw7MBnW84dvN536FPc1P9jl0 UiT8IjBTOnd4hP9py3c7uocr/x5xasq1YpEr80QHMtolF/l88wKhZ3jEBf4TEW0k 41z0BJtw54Oki/mRLA8CQsmXbgQehWKAkOYnD6RxboqZs69Eg0sHUJ89h4oT6qQ7 MHza8SNwlH3QQLKiOz6s+rEIvlWJ2wRbf9lsRZxArYYpA9PQDe2aa2c6bYmaLHbA 5Pv8I3h9wZ23FOL6WnK0OTohSFPcx96Q3JwuGfQ60jGXOU1K3CikKbZuCs9mWcSy EK477ZyYSBphQbih6fmeQy9/Fq8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRTgByI twdbdhUQvpLX05d+I6ctLTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzAwNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oWUwDQYJKoZIhvcNAQELBQADggEBADFQwLlDNR6lVX30rhazWiGopcPtU6xY0AyA F69mPb8bqQOzPxcNpwf0uSfmZ1/U4rHAUpIFRIAdPkgAfW+N7Nr5L0iBFAbYvmPK fF9VyCXE7iSzhGJP7pf0ZZL0HV0s4YQrsU2Ti4QJJvHt9aE8tyNUp2jk9f6lwtaw t20wP2L1xE+a3NaM3xUc3Z+pIjCM/eyrDmSlyEuEEdFxFqI0B3RAxXyAV6UKAF7P a+r08uDqilaHp6FM1fVO1dSQD67s4VBkSDUDlSN1DQebKyPrZH9cx0QRN4ZLwka9 RMhJfykoUFm/lResZ+CCcYkdOyGpySAHZbjCoJ5Ith/e7jCehTg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:40 2026 by rpki-client