$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143023.roa File: AS143023.roa (raw, json) Hash identifier: HT+t88UQjBXITGuMnnPYXXgE9BIg15jMnAGo7T/Sq9c= Subject key identifier: D7:F1:FB:59:10:0D:23:A0:EC:3D:5C:8E:F1:D7:06:F2:52:F3:EC:A4 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 13CDFDB40F9DF070D1342F92D3E5117D573108B8 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143023.roa Signing time: Wed 04 Mar 2026 06:06:38 +0000 ROA not before: Wed 04 Mar 2026 06:01:38 +0000 ROA not after: Wed 03 Mar 2027 06:06:38 +0000 asID: 143023 IP address blocks: 240a:a175::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:cd:fd:b4:0f:9d:f0:70:d1:34:2f:92:d3:e5:11:7d:57:31:08:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:38 2026 GMT Not After : Mar 3 06:06:38 2027 GMT Subject: CN=D7F1FB59100D23A0EC3D5C8EF1D706F252F3ECA4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:ef:7a:24:a5:2e:82:5b:e4:f9:80:43:ec:53: 00:8a:bb:f8:33:e5:b2:bf:a3:36:2a:85:bf:0c:63: 7b:2e:d5:7d:09:ba:71:06:75:8a:36:25:e7:ab:46: 65:d7:63:dc:96:27:37:24:1e:a4:27:b0:ee:e4:3e: 83:b4:1e:b3:fe:8e:42:97:6f:44:4e:a1:76:52:a5: 9b:53:fa:d1:c0:c6:20:0a:4c:d8:16:0f:ae:48:dd: 7c:f5:76:eb:38:48:20:36:69:a8:7b:8c:db:5b:25: be:16:c6:25:05:3e:ee:08:7c:ab:89:82:40:d4:1f: 56:ab:2e:a9:8b:77:e3:65:1b:52:90:85:48:b1:da: 2a:eb:28:27:84:a8:5b:9e:c3:bf:3d:2a:cf:31:70: 3b:b3:65:c1:2c:12:55:15:61:bf:9e:29:4f:1c:b0: 82:b9:ee:8f:fa:99:39:8b:e6:da:b1:ca:36:a9:c1: 2c:f2:36:e5:13:11:1a:ab:91:ad:6a:d1:d9:63:cb: ad:09:54:1e:a6:32:b6:9e:bb:da:76:f8:b2:11:39: 48:e8:54:17:7d:36:f6:f7:e0:35:ac:67:59:59:a6: 0a:1d:69:b6:ba:77:a6:d8:ec:84:6c:c7:45:4c:cf: fe:51:57:46:74:2f:d2:ff:9c:77:b4:8c:c0:24:57: ba:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:F1:FB:59:10:0D:23:A0:EC:3D:5C:8E:F1:D7:06:F2:52:F3:EC:A4 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143023.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a175::/32 Signature Algorithm: sha256WithRSAEncryption 73:a4:31:52:31:c8:9d:d1:29:3b:76:06:34:32:9e:f5:58:7a: 6e:c8:30:6d:9d:9a:7b:59:0f:3c:4a:c7:68:8c:b9:4b:3f:d1: cc:b6:29:33:92:0f:a8:f4:df:0d:7c:c1:0a:52:4f:a9:c4:2d: 2d:7d:0c:4d:66:aa:3f:1b:8f:f2:08:73:ae:7a:e0:f9:11:69: ec:4b:74:51:a0:f7:85:f0:1d:2d:47:92:00:e8:c0:9d:b9:f4: 55:88:6b:1c:8f:0d:5f:55:9e:64:26:57:da:e7:4e:d1:4e:f7: 7b:f3:ab:3a:17:c0:f6:aa:54:e3:2f:6b:66:e2:f7:c6:f6:80: 18:26:fa:a5:f8:1e:4f:d3:68:ae:24:65:58:39:18:8b:50:00: b5:65:06:c0:d8:b8:37:ee:73:ec:bb:c5:9c:cc:3a:86:55:99: 0f:da:a3:22:38:cb:8f:2b:27:40:e1:83:87:8c:0c:ce:3d:83: df:e5:00:c2:f7:77:5b:40:78:13:73:88:bd:28:4d:bc:1c:0a: a0:b1:14:61:6c:bd:48:59:a4:32:09:48:13:fd:10:cc:2b:9e: 1c:78:2f:dd:63:c6:c4:6b:54:bf:fa:44:77:b4:d3:d2:09:0e: 35:37:56:c9:ae:17:24:33:8c:07:3f:ee:21:1d:dc:8e:09:af: df:2b:3c:aa -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUE839tA+d8HDRNC+S0+URfVcxCLgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEzOFoX DTI3MDMwMzA2MDYzOFowMzExMC8GA1UEAxMoRDdGMUZCNTkxMDBEMjNBMEVDM0Q1 QzhFRjFENzA2RjI1MkYzRUNBNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMzveiSlLoJb5PmAQ+xTAIq7+DPlsr+jNiqFvwxjey7VfQm6cQZ1ijYl56tG Zddj3JYnNyQepCew7uQ+g7Qes/6OQpdvRE6hdlKlm1P60cDGIApM2BYPrkjdfPV2 6zhIIDZpqHuM21slvhbGJQU+7gh8q4mCQNQfVqsuqYt342UbUpCFSLHaKusoJ4So W57Dvz0qzzFwO7NlwSwSVRVhv54pTxywgrnuj/qZOYvm2rHKNqnBLPI25RMRGquR rWrR2WPLrQlUHqYytp672nb4shE5SOhUF3029vfgNaxnWVmmCh1ptrp3ptjshGzH RUzP/lFXRnQv0v+cd7SMwCRXugkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTX8ftZ EA0joOw9XI7x1wbyUvPspDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzAyMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oXUwDQYJKoZIhvcNAQELBQADggEBAHOkMVIxyJ3RKTt2BjQynvVYem7IMG2dmntZ DzxKx2iMuUs/0cy2KTOSD6j03w18wQpST6nELS19DE1mqj8bj/IIc6564PkRaexL dFGg94XwHS1HkgDowJ259FWIaxyPDV9VnmQmV9rnTtFO93vzqzoXwPaqVOMva2bi 98b2gBgm+qX4Hk/TaK4kZVg5GItQALVlBsDYuDfuc+y7xZzMOoZVmQ/aoyI4y48r J0Dhg4eMDM49g9/lAML3d1tAeBNziL0oTbwcCqCxFGFsvUhZpDIJSBP9EMwrnhx4 L91jxsRrVL/6RHe009IJDjU3VsmuFyQzjAc/7iEd3I4Jr98rPKo= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:48 2026 by rpki-client