$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143011.roa File: AS143011.roa (raw, json) Hash identifier: 3G6E/6iCvxw//tqTIQpN01L9TsVaUFIOPHXFgFR4O9I= Subject key identifier: E9:73:9C:9F:AF:18:88:39:6E:C2:FD:4E:D8:32:B5:DC:1E:92:56:7F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4EDAE6449F69A8E1A0CB74212990310E54834F1C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143011.roa Signing time: Wed 04 Mar 2026 06:06:45 +0000 ROA not before: Wed 04 Mar 2026 06:01:45 +0000 ROA not after: Wed 03 Mar 2027 06:06:45 +0000 asID: 143011 IP address blocks: 240a:a169::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:da:e6:44:9f:69:a8:e1:a0:cb:74:21:29:90:31:0e:54:83:4f:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:45 2026 GMT Not After : Mar 3 06:06:45 2027 GMT Subject: CN=E9739C9FAF1888396EC2FD4ED832B5DC1E92567F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:1b:db:76:d2:eb:18:cc:6d:91:3a:5b:b2:3a: 05:77:e2:4e:da:9a:5b:d7:a4:8b:0b:5a:c8:96:74: 3f:db:62:cc:84:ea:c2:43:79:d8:9b:fe:9e:db:90: 1c:37:14:76:b7:db:36:c4:96:ae:cd:70:df:38:37: 85:4c:8a:f4:47:06:62:f6:a4:83:99:4c:76:33:75: 9f:ba:02:44:14:e3:4d:91:4a:3d:69:53:4c:e7:68: a9:3f:20:0e:d6:6e:dd:02:41:29:6b:21:01:f6:94: 1e:23:7a:b0:e7:20:85:0d:ba:60:23:d1:57:ed:0c: d6:19:9d:a0:7b:16:97:36:91:c6:ff:8b:a5:0a:66: 66:5f:c2:31:c1:9a:1d:b3:38:4c:db:ea:1a:90:23: ac:8e:69:58:06:82:49:e6:e1:e6:82:bd:e7:fe:0d: e6:1b:66:4d:e9:f7:5a:93:68:75:20:e3:0d:e3:14: c6:f8:e7:b9:ab:cf:6f:ee:25:66:f5:60:ad:9c:8b: 24:21:9f:3e:ae:da:cf:52:09:76:1e:b8:c3:10:e1: c5:c5:e4:df:2c:f4:73:b3:5a:93:d0:86:d2:eb:c1: 44:57:5f:dc:02:31:c3:c6:e6:b3:83:4e:38:c5:44: 91:64:b7:54:ce:e5:b2:d5:d0:c8:a3:ac:39:89:c2: 0b:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:73:9C:9F:AF:18:88:39:6E:C2:FD:4E:D8:32:B5:DC:1E:92:56:7F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143011.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a169::/32 Signature Algorithm: sha256WithRSAEncryption 14:cc:49:87:1e:c9:05:47:3d:5e:91:61:14:42:ca:08:49:e7: f9:81:2b:6d:8b:0d:c1:17:32:13:fc:50:ba:6e:ed:49:5c:52: 2c:bb:3d:8e:2a:17:2c:17:7b:4b:0e:c9:b1:92:6a:ea:25:3a: 89:a3:68:f2:6c:38:77:b5:0d:f9:10:39:f6:d3:0d:17:13:ae: e4:0f:57:af:b3:6f:a7:67:b4:cc:f8:56:77:4b:23:c3:7f:09: 02:83:24:23:a0:3c:35:ba:10:67:b0:58:99:dd:3d:40:41:22: 55:ee:af:cf:8a:8c:f8:60:7f:da:e9:ef:04:3a:0f:5c:e5:bf: a0:3c:47:7c:9d:19:5d:39:64:3a:6e:04:e1:56:98:d0:91:ef: 9f:0c:6b:34:25:8f:e5:50:c1:30:56:85:37:fb:7a:e5:6b:a0: f8:94:28:61:34:da:bd:b4:32:96:e7:20:b4:8f:d7:6d:41:d5: bb:d1:25:66:f0:df:06:a5:b6:07:86:b7:9a:c2:ac:f0:e1:b6: 59:68:16:29:51:f0:4b:54:35:90:6c:22:30:98:92:0e:98:28: 0f:16:99:09:cc:5d:b9:0a:c2:82:55:09:cd:8a:0c:ee:b7:65: 48:99:67:a8:2b:f7:2b:26:71:0c:3e:c8:7e:f0:8a:c7:d6:ad: c7:a9:25:55 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTtrmRJ9pqOGgy3QhKZAxDlSDTxwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE0NVoX DTI3MDMwMzA2MDY0NVowMzExMC8GA1UEAxMoRTk3MzlDOUZBRjE4ODgzOTZFQzJG RDRFRDgzMkI1REMxRTkyNTY3RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMQb23bS6xjMbZE6W7I6BXfiTtqaW9ekiwtayJZ0P9tizITqwkN52Jv+ntuQ HDcUdrfbNsSWrs1w3zg3hUyK9EcGYvakg5lMdjN1n7oCRBTjTZFKPWlTTOdoqT8g DtZu3QJBKWshAfaUHiN6sOcghQ26YCPRV+0M1hmdoHsWlzaRxv+LpQpmZl/CMcGa HbM4TNvqGpAjrI5pWAaCSebh5oK95/4N5htmTen3WpNodSDjDeMUxvjnuavPb+4l ZvVgrZyLJCGfPq7az1IJdh64wxDhxcXk3yz0c7Nak9CG0uvBRFdf3AIxw8bms4NO OMVEkWS3VM7lstXQyKOsOYnCC4MCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTpc5yf rxiIOW7C/U7YMrXcHpJWfzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzAxMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oWkwDQYJKoZIhvcNAQELBQADggEBABTMSYceyQVHPV6RYRRCyghJ5/mBK22LDcEX MhP8ULpu7UlcUiy7PY4qFywXe0sOybGSauolOomjaPJsOHe1DfkQOfbTDRcTruQP V6+zb6dntMz4VndLI8N/CQKDJCOgPDW6EGewWJndPUBBIlXur8+KjPhgf9rp7wQ6 D1zlv6A8R3ydGV05ZDpuBOFWmNCR758MazQlj+VQwTBWhTf7euVroPiUKGE02r20 MpbnILSP121B1bvRJWbw3waltgeGt5rCrPDhtlloFilR8EtUNZBsIjCYkg6YKA8W mQnMXbkKwoJVCc2KDO63ZUiZZ6gr9ysmcQw+yH7wisfWrcepJVU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:04 2026 by rpki-client