$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143021.roa File: AS143021.roa (raw, json) Hash identifier: 7JCCo9b8MJLv3olm5eFP25alG0GzMU5ss3lBC/1HPi8= Subject key identifier: 3C:E2:2C:B7:90:06:8F:B2:B7:99:0F:F1:9F:1E:3B:C4:3E:CC:C7:55 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4C2DFD1EBEC23AFAB21C17C94619A1AB31B0A1C0 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143021.roa Signing time: Wed 04 Mar 2026 06:07:27 +0000 ROA not before: Wed 04 Mar 2026 06:02:27 +0000 ROA not after: Wed 03 Mar 2027 06:07:27 +0000 asID: 143021 IP address blocks: 240a:a173::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:2d:fd:1e:be:c2:3a:fa:b2:1c:17:c9:46:19:a1:ab:31:b0:a1:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:27 2026 GMT Not After : Mar 3 06:07:27 2027 GMT Subject: CN=3CE22CB790068FB2B7990FF19F1E3BC43ECCC755 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:06:cf:3a:fd:03:ce:3d:7f:7f:4c:d6:23:30: 9c:56:5e:c2:c7:8f:27:e3:74:ed:1c:c2:bd:b4:02: c5:d7:7b:59:d1:f6:39:cc:be:8f:7d:1c:6e:d3:f6: d4:cd:b8:a4:28:42:1b:bd:f5:c9:62:eb:9e:ae:d8: ec:63:d2:a9:94:15:fd:70:38:a0:30:8e:98:02:fa: 4f:aa:c3:c4:00:61:b0:73:e9:7f:6c:ec:09:30:e0: 82:74:1f:cb:32:a7:db:58:30:62:22:11:82:5f:17: cd:c6:fd:bd:74:5c:2e:87:3e:e9:a1:be:cf:e1:af: 8d:29:fe:b9:3f:73:9f:56:a2:04:e8:3e:b8:6b:fb: 27:cd:49:41:9e:f3:c5:7b:fd:e4:bc:97:43:40:f9: a8:7b:f3:88:98:48:4a:c7:12:d1:72:2b:f8:1d:d0: 36:15:48:ee:15:a8:db:de:7d:4a:8e:aa:0e:88:6d: 13:c7:a0:6c:7a:2e:12:25:32:7b:d6:49:82:a6:37: 0f:20:fa:2e:00:99:86:74:d9:87:f3:7c:44:38:a8: be:65:ba:c6:1e:68:7e:ce:1e:a7:ba:52:cb:70:e0: 08:6f:3a:6f:65:77:39:81:e9:ca:4f:de:a7:6b:bc: 3c:25:d3:0f:2d:25:17:2c:d8:ef:7f:2a:fe:cc:67: 42:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:E2:2C:B7:90:06:8F:B2:B7:99:0F:F1:9F:1E:3B:C4:3E:CC:C7:55 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143021.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a173::/32 Signature Algorithm: sha256WithRSAEncryption 41:57:2a:e5:71:99:e5:78:0c:ff:de:06:78:d2:20:a7:06:15: 87:77:24:96:4a:cf:e4:f4:7d:81:a4:2d:03:44:78:9e:5f:3b: dc:b1:ce:59:14:c2:5f:cf:a5:21:70:81:02:0e:8a:b4:a5:db: c0:ff:b1:dd:72:a8:f5:c0:8b:aa:48:9f:01:fc:23:32:62:13: a1:ef:93:fa:5d:70:e4:79:ec:69:4d:05:3c:9c:95:04:ad:2e: 8f:ed:ff:37:87:0d:47:ee:d6:fa:a9:e9:d9:b4:14:f0:5f:2f: 85:da:73:8f:e0:dd:99:2b:96:02:80:c9:fa:c6:92:77:bb:d2: cd:09:ae:ad:95:ba:2d:5a:89:aa:a4:34:96:48:4b:90:c3:49: f3:f7:84:67:57:d4:5a:dc:ac:ef:6a:93:ad:a6:bb:42:bc:af: dc:c6:5a:6f:f6:62:cf:37:98:0e:8e:06:c7:f7:75:ba:d5:7c: 1f:08:1b:83:7c:11:a7:0a:91:fb:a0:4d:0a:ab:5d:89:1e:14: e6:04:dd:17:3a:90:fc:3e:64:f2:85:e0:76:b3:18:f8:54:a1: cf:65:ec:9d:1e:ed:3e:db:55:27:bc:e4:80:10:64:85:0f:3d: 04:6e:29:97:a2:0d:c2:44:ca:e8:8a:82:3c:e1:f5:df:f2:24: 6d:7e:11:92 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTC39Hr7COvqyHBfJRhmhqzGwocAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIyN1oX DTI3MDMwMzA2MDcyN1owMzExMC8GA1UEAxMoM0NFMjJDQjc5MDA2OEZCMkI3OTkw RkYxOUYxRTNCQzQzRUNDQzc1NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ8Gzzr9A849f39M1iMwnFZewsePJ+N07RzCvbQCxdd7WdH2Ocy+j30cbtP2 1M24pChCG731yWLrnq7Y7GPSqZQV/XA4oDCOmAL6T6rDxABhsHPpf2zsCTDggnQf yzKn21gwYiIRgl8Xzcb9vXRcLoc+6aG+z+GvjSn+uT9zn1aiBOg+uGv7J81JQZ7z xXv95LyXQ0D5qHvziJhISscS0XIr+B3QNhVI7hWo2959So6qDohtE8egbHouEiUy e9ZJgqY3DyD6LgCZhnTZh/N8RDiovmW6xh5ofs4ep7pSy3DgCG86b2V3OYHpyk/e p2u8PCXTDy0lFyzY738q/sxnQvkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ84iy3 kAaPsreZD/GfHjvEPszHVTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzAyMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oXMwDQYJKoZIhvcNAQELBQADggEBAEFXKuVxmeV4DP/eBnjSIKcGFYd3JJZKz+T0 fYGkLQNEeJ5fO9yxzlkUwl/PpSFwgQIOirSl28D/sd1yqPXAi6pInwH8IzJiE6Hv k/pdcOR57GlNBTyclQStLo/t/zeHDUfu1vqp6dm0FPBfL4Xac4/g3ZkrlgKAyfrG kne70s0Jrq2Vui1aiaqkNJZIS5DDSfP3hGdX1FrcrO9qk62mu0K8r9zGWm/2Ys83 mA6OBsf3dbrVfB8IG4N8EacKkfugTQqrXYkeFOYE3Rc6kPw+ZPKF4HazGPhUoc9l 7J0e7T7bVSe85IAQZIUPPQRuKZeiDcJEyuiKgjzh9d/yJG1+EZI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:46 2026 by rpki-client