$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143026.roa File: AS143026.roa (raw, json) Hash identifier: cUeboYtVCExx4+lTv3nGcB9c9wtrRPG2J49Kw+G2D0g= Subject key identifier: 3E:AF:AB:AD:98:F7:FD:9E:6E:7B:3D:C1:C9:50:84:2A:6E:FE:63:90 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 393DAAE692E5707A154789D18BCE1171AE536454 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143026.roa Signing time: Wed 04 Mar 2026 06:06:28 +0000 ROA not before: Wed 04 Mar 2026 06:01:28 +0000 ROA not after: Wed 03 Mar 2027 06:06:28 +0000 asID: 143026 IP address blocks: 240a:a178::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:3d:aa:e6:92:e5:70:7a:15:47:89:d1:8b:ce:11:71:ae:53:64:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:28 2026 GMT Not After : Mar 3 06:06:28 2027 GMT Subject: CN=3EAFABAD98F7FD9E6E7B3DC1C950842A6EFE6390 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:a5:65:ab:e8:b1:27:c9:54:88:82:9f:ec:88: bd:f0:04:02:51:12:af:5e:01:4a:a6:55:5d:a8:c4: b6:1f:e3:a7:e0:88:65:26:ff:a4:bb:e1:75:88:5d: ca:57:c0:e5:11:05:3e:67:75:f9:87:c2:3e:17:e3: 97:33:d5:6f:1f:6f:a3:8f:66:08:1a:25:4f:80:ca: 12:bc:0b:73:c5:91:3a:f7:e6:f5:35:30:b1:12:d9: 4b:7f:81:2d:c1:dc:99:8b:c2:62:31:fe:f2:28:e3: 7a:11:06:0a:d8:89:e3:e4:a9:79:b4:2f:d9:67:cb: 66:24:f9:39:eb:bc:3d:35:9b:16:62:e6:fa:e8:38: a6:2f:a8:e3:6b:1c:6a:95:90:ef:8e:61:f1:3c:be: 15:91:b3:38:4d:9d:7d:e9:cb:2f:c4:a9:1a:65:97: 5f:41:56:f7:a6:d9:27:05:17:f6:14:cd:14:94:7f: f2:c2:d5:0c:12:d8:21:46:3a:01:7f:68:e7:e4:d0: c6:33:bc:26:54:1c:02:c7:82:4f:df:cc:8e:a0:c4: ed:4b:b3:1c:3b:f0:11:c9:91:c4:5f:89:1b:43:53: 27:1f:cf:3e:24:6d:36:c0:1e:17:d6:7f:4c:db:4a: e0:c6:28:c9:40:24:a3:e2:26:46:69:8a:fb:e9:b3: 58:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:AF:AB:AD:98:F7:FD:9E:6E:7B:3D:C1:C9:50:84:2A:6E:FE:63:90 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143026.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a178::/32 Signature Algorithm: sha256WithRSAEncryption 85:41:8d:3c:35:d7:5b:f8:a8:ec:13:bd:c1:ba:8f:be:b3:86: a3:ac:60:5c:d3:ba:3c:f8:55:c3:a1:f6:f3:04:78:5e:59:1d: b7:9c:c6:f0:ef:cd:c3:b5:3b:1a:03:f3:87:03:02:34:58:df: ed:eb:00:78:e4:1d:61:b4:db:1a:86:a9:90:75:06:49:19:08: 0b:64:7a:6c:08:5d:30:28:8e:30:5f:44:80:e4:84:1e:15:42: 12:b3:55:01:f8:e0:a1:09:1e:61:93:89:ca:b9:51:66:55:b6: 8a:51:41:6e:4c:fe:57:47:c4:b0:b6:72:20:09:11:c7:a0:43: 77:2d:90:46:01:d2:03:cf:9b:18:4d:a2:d5:1f:9d:7e:55:1c: ac:81:1a:e5:65:7c:34:d2:82:2d:a4:e6:cb:96:30:e2:52:22: b3:b9:ca:ad:e3:b6:b3:58:a3:08:67:fb:a4:a9:d6:e1:44:7a: 2a:e0:80:eb:06:22:a8:5c:a3:2e:57:0d:ad:d4:0e:83:e8:4b: 13:d2:df:f9:05:8c:9f:27:6f:b5:2c:c3:31:e7:0c:84:46:06: 34:23:eb:5a:28:ce:ff:da:e5:85:60:7e:7e:22:3e:b2:d7:80: 0d:72:22:1a:7d:05:d5:12:a9:aa:46:e6:ba:a2:20:22:3d:2f: 4b:e2:26:90 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUOT2q5pLlcHoVR4nRi84Rca5TZFQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEyOFoX DTI3MDMwMzA2MDYyOFowMzExMC8GA1UEAxMoM0VBRkFCQUQ5OEY3RkQ5RTZFN0Iz REMxQzk1MDg0MkE2RUZFNjM5MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMClZavosSfJVIiCn+yIvfAEAlESr14BSqZVXajEth/jp+CIZSb/pLvhdYhd ylfA5REFPmd1+YfCPhfjlzPVbx9vo49mCBolT4DKErwLc8WROvfm9TUwsRLZS3+B LcHcmYvCYjH+8ijjehEGCtiJ4+SpebQv2WfLZiT5Oeu8PTWbFmLm+ug4pi+o42sc apWQ745h8Ty+FZGzOE2dfenLL8SpGmWXX0FW96bZJwUX9hTNFJR/8sLVDBLYIUY6 AX9o5+TQxjO8JlQcAseCT9/MjqDE7UuzHDvwEcmRxF+JG0NTJx/PPiRtNsAeF9Z/ TNtK4MYoyUAko+ImRmmK++mzWPMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ+r6ut mPf9nm57PcHJUIQqbv5jkDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzAyNi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oXgwDQYJKoZIhvcNAQELBQADggEBAIVBjTw111v4qOwTvcG6j76zhqOsYFzTujz4 VcOh9vMEeF5ZHbecxvDvzcO1OxoD84cDAjRY3+3rAHjkHWG02xqGqZB1BkkZCAtk emwIXTAojjBfRIDkhB4VQhKzVQH44KEJHmGTicq5UWZVtopRQW5M/ldHxLC2ciAJ EcegQ3ctkEYB0gPPmxhNotUfnX5VHKyBGuVlfDTSgi2k5suWMOJSIrO5yq3jtrNY owhn+6Sp1uFEeirggOsGIqhcoy5XDa3UDoPoSxPS3/kFjJ8nb7UswzHnDIRGBjQj 61oozv/a5YVgfn4iPrLXgA1yIhp9BdUSqapG5rqiICI9L0viJpA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:37 2026 by rpki-client