$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143033.roa File: AS143033.roa (raw, json) Hash identifier: hGs6j0Dxh2wmqy2NDdMxvpG/csbydxAwIjzipGcfhq0= Subject key identifier: 58:D4:11:94:B5:98:A3:1A:E7:4C:83:A6:27:91:3D:52:C1:0E:BE:34 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 78B2125398470C266BC0112A76566A49EFA8DBD2 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143033.roa Signing time: Wed 04 Mar 2026 06:07:00 +0000 ROA not before: Wed 04 Mar 2026 06:02:00 +0000 ROA not after: Wed 03 Mar 2027 06:07:00 +0000 asID: 143033 IP address blocks: 240a:a17f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:b2:12:53:98:47:0c:26:6b:c0:11:2a:76:56:6a:49:ef:a8:db:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:00 2026 GMT Not After : Mar 3 06:07:00 2027 GMT Subject: CN=58D41194B598A31AE74C83A627913D52C10EBE34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:bf:98:12:d9:24:68:fc:c5:6c:bc:93:f2:91: cb:0c:56:41:44:40:ef:af:2a:99:74:0e:a0:72:b9: b9:a1:0b:ac:74:f7:de:9c:03:e2:b7:c0:7d:58:91: 1d:51:fc:2f:e9:7c:e6:81:24:01:ba:6e:4c:21:75: 60:76:d1:c5:ce:cc:96:88:43:20:da:79:bb:8c:76: 5d:54:33:29:88:c3:30:2a:05:04:14:29:f1:2b:12: 7b:9d:90:c3:64:5d:ee:63:dd:3f:90:45:eb:df:d5: e0:e4:41:8d:c8:5c:40:6b:48:32:6d:06:c8:99:da: d3:9d:ef:6b:73:b9:3a:3c:cb:08:3b:a0:bf:3c:57: 8f:d5:d7:9a:df:e6:d2:77:14:28:7d:39:fc:a1:cf: 90:e4:53:93:d4:52:70:a5:78:4e:b6:38:af:58:72: a8:dc:0d:41:10:5d:a2:b1:a2:47:c1:7c:e4:ed:be: 32:ae:77:dd:91:82:e1:3a:72:b6:b3:60:5f:c5:3d: 4a:38:ce:ac:5d:a7:c6:de:03:44:86:45:ad:24:e6: b0:f4:0b:9b:3c:2c:77:d1:34:65:c1:bd:d1:01:c7: fe:c0:aa:75:43:54:4b:cd:20:aa:c7:f4:1f:0b:a4: 80:b3:38:03:59:06:a9:9b:97:34:76:a1:a7:1b:a6: bb:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:D4:11:94:B5:98:A3:1A:E7:4C:83:A6:27:91:3D:52:C1:0E:BE:34 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143033.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a17f::/32 Signature Algorithm: sha256WithRSAEncryption c0:fb:a4:f0:1c:7c:c5:36:e4:09:98:87:6a:34:15:de:20:17: 2d:79:1b:9b:15:33:50:53:08:1d:90:b5:fd:99:8c:f9:cb:65: 4d:e7:e0:21:5b:67:e6:42:d2:91:81:0d:f9:3c:80:54:3f:d4: 25:d1:1b:1e:c6:6e:81:73:9d:d6:ec:e9:e2:c0:21:aa:0a:2f: 01:c1:0b:60:63:43:80:d5:03:dd:65:95:fa:5f:60:59:e1:13: 73:61:f0:7e:ea:cf:02:c1:16:58:0c:02:42:44:38:26:d5:2b: 45:6f:54:0e:e0:8a:61:a3:33:e5:25:ad:00:85:87:0c:9d:42: 8a:cb:8f:8d:85:b6:f9:da:dd:80:71:2c:46:c5:56:a7:31:89: 42:7b:96:12:c6:02:f0:e0:b5:78:af:e6:42:c3:1c:46:0d:18: b5:78:9c:0d:25:d4:18:5c:f0:84:66:77:0a:ba:78:cf:22:1a: ec:02:1c:8b:61:bc:9a:fb:8a:f6:4c:6d:c8:f2:6f:80:80:92: 9b:55:9e:1a:12:0d:3d:1b:27:e0:83:eb:62:1f:69:90:14:15: b4:c4:ec:0c:1e:18:5c:c5:fb:f6:65:36:6e:8c:20:d0:f6:cf: fa:1a:d4:53:12:1f:03:49:8b:57:bf:08:c2:35:82:66:cf:d5: 92:e6:2c:7f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUeLISU5hHDCZrwBEqdlZqSe+o29IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIwMFoX DTI3MDMwMzA2MDcwMFowMzExMC8GA1UEAxMoNThENDExOTRCNTk4QTMxQUU3NEM4 M0E2Mjc5MTNENTJDMTBFQkUzNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKy/mBLZJGj8xWy8k/KRywxWQURA768qmXQOoHK5uaELrHT33pwD4rfAfViR HVH8L+l85oEkAbpuTCF1YHbRxc7MlohDINp5u4x2XVQzKYjDMCoFBBQp8SsSe52Q w2Rd7mPdP5BF69/V4ORBjchcQGtIMm0GyJna053va3O5OjzLCDugvzxXj9XXmt/m 0ncUKH05/KHPkORTk9RScKV4TrY4r1hyqNwNQRBdorGiR8F85O2+Mq533ZGC4Tpy trNgX8U9SjjOrF2nxt4DRIZFrSTmsPQLmzwsd9E0ZcG90QHH/sCqdUNUS80gqsf0 HwukgLM4A1kGqZuXNHahpxumu7sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRY1BGU tZijGudMg6YnkT1SwQ6+NDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzAzMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oX8wDQYJKoZIhvcNAQELBQADggEBAMD7pPAcfMU25AmYh2o0Fd4gFy15G5sVM1BT CB2Qtf2ZjPnLZU3n4CFbZ+ZC0pGBDfk8gFQ/1CXRGx7GboFzndbs6eLAIaoKLwHB C2BjQ4DVA91llfpfYFnhE3Nh8H7qzwLBFlgMAkJEOCbVK0VvVA7gimGjM+UlrQCF hwydQorLj42Ftvna3YBxLEbFVqcxiUJ7lhLGAvDgtXiv5kLDHEYNGLV4nA0l1Bhc 8IRmdwq6eM8iGuwCHIthvJr7ivZMbcjyb4CAkptVnhoSDT0bJ+CD62IfaZAUFbTE 7AweGFzF+/ZlNm6MIND2z/oa1FMSHwNJi1e/CMI1gmbP1ZLmLH8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:43 2026 by rpki-client