$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143049.roa File: AS143049.roa (raw, json) Hash identifier: cWssFW8o4ZO4AnxoZ8tF+Wt07Cg8GJag8fhWyf1Dkws= Subject key identifier: 27:1F:00:D1:F2:77:3F:5F:FB:C9:0C:AF:7E:73:98:11:24:4B:78:37 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 569E4BE14112A7F55FCF4218B03CEDBD4F1411CF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143049.roa Signing time: Wed 04 Mar 2026 06:07:48 +0000 ROA not before: Wed 04 Mar 2026 06:02:48 +0000 ROA not after: Wed 03 Mar 2027 06:07:48 +0000 asID: 143049 IP address blocks: 240a:a18f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:9e:4b:e1:41:12:a7:f5:5f:cf:42:18:b0:3c:ed:bd:4f:14:11:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:48 2026 GMT Not After : Mar 3 06:07:48 2027 GMT Subject: CN=271F00D1F2773F5FFBC90CAF7E739811244B7837 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:c4:e9:0c:5f:8e:9d:c3:1c:22:37:82:87:74: 94:7c:05:ed:da:52:a1:e2:08:4b:01:95:f4:0a:45: 22:ba:98:83:f3:c1:05:a4:27:da:0f:af:56:70:17: fa:26:3c:01:ca:77:25:92:9b:5f:63:66:b6:b0:cb: 4a:84:d9:c2:cc:e2:d1:9b:01:19:bb:7d:7c:75:5e: 79:b5:84:b1:0a:66:fb:63:d0:91:07:86:43:42:bc: 72:2d:93:4a:85:e8:c8:d5:9c:ae:90:7a:27:c9:41: 13:3f:7c:b3:b8:ae:f2:64:ca:d0:bf:bc:e7:c2:30: 71:d8:c2:46:45:b0:b5:bc:0b:aa:eb:a8:d2:e8:a2: 1b:e3:03:b7:9d:43:16:4d:71:7f:a3:18:62:b3:de: 14:8f:c0:e6:c3:c0:d0:43:4e:ab:3a:03:5a:02:af: a9:1c:81:b4:73:5f:9e:c6:ad:7b:0e:64:bc:a4:1e: 31:4a:4b:29:c7:d0:72:d4:bd:9c:5c:88:76:d4:fa: ae:3d:4a:62:44:13:5a:80:d9:b6:c1:fc:45:82:0b: 19:6a:07:a8:b0:6b:b9:3f:fe:f9:8f:09:75:40:6d: e6:b1:b8:45:89:68:80:d6:0f:7c:82:14:8d:50:9d: 1b:10:15:19:0e:30:d9:8a:92:ed:ba:ef:ed:39:95: 8c:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:1F:00:D1:F2:77:3F:5F:FB:C9:0C:AF:7E:73:98:11:24:4B:78:37 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143049.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a18f::/32 Signature Algorithm: sha256WithRSAEncryption b4:4d:2e:2a:c6:dd:cc:72:0d:d5:69:44:c2:81:74:aa:2f:05: 72:6c:1b:e2:51:95:e7:5f:8e:d1:4a:e6:2b:97:b0:10:08:16: 62:b1:fd:ad:40:26:c0:cc:fd:80:dd:ca:d6:a4:c9:b5:7a:ac: 89:40:dd:6a:19:10:22:ab:1d:fb:9c:18:53:1e:29:d0:4c:39: 82:81:b0:3a:8b:50:6d:34:d2:a5:65:cc:11:1b:f3:43:3c:e0: f0:ca:ca:6a:94:21:37:7d:0c:8a:62:42:7c:b2:47:1c:44:1b: b3:2f:c4:45:3a:dd:b7:43:01:c8:e2:96:91:19:1f:cb:8e:e6: 2c:57:b8:ca:85:fa:0e:89:bd:f8:03:c2:0c:23:4f:05:62:77: 44:0e:76:b0:8f:d7:13:cb:2d:89:e2:df:ab:3c:c4:a9:80:66: bc:71:3e:0a:9d:05:9b:fe:33:ed:a4:34:e8:3a:da:bb:09:3d: f0:37:1f:3f:e9:14:e3:d3:84:22:af:94:bf:2f:b2:e3:f5:ee: e8:1a:32:16:73:41:0f:56:15:02:70:63:3b:d6:d8:88:03:1e: 8a:46:f1:86:41:a5:1f:bc:55:55:2f:d5:0d:09:b6:fa:a1:42: b0:53:c2:2c:ad:8a:63:83:4b:b5:ea:a8:bb:b7:fc:31:ca:26: b9:5a:62:d6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVp5L4UESp/Vfz0IYsDztvU8UEc8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI0OFoX DTI3MDMwMzA2MDc0OFowMzExMC8GA1UEAxMoMjcxRjAwRDFGMjc3M0Y1RkZCQzkw Q0FGN0U3Mzk4MTEyNDRCNzgzNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJzE6Qxfjp3DHCI3god0lHwF7dpSoeIISwGV9ApFIrqYg/PBBaQn2g+vVnAX +iY8Acp3JZKbX2NmtrDLSoTZwszi0ZsBGbt9fHVeebWEsQpm+2PQkQeGQ0K8ci2T SoXoyNWcrpB6J8lBEz98s7iu8mTK0L+858IwcdjCRkWwtbwLquuo0uiiG+MDt51D Fk1xf6MYYrPeFI/A5sPA0ENOqzoDWgKvqRyBtHNfnsatew5kvKQeMUpLKcfQctS9 nFyIdtT6rj1KYkQTWoDZtsH8RYILGWoHqLBruT/++Y8JdUBt5rG4RYlogNYPfIIU jVCdGxAVGQ4w2YqS7brv7TmVjPcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQnHwDR 8nc/X/vJDK9+c5gRJEt4NzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzA0OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oY8wDQYJKoZIhvcNAQELBQADggEBALRNLirG3cxyDdVpRMKBdKovBXJsG+JRledf jtFK5iuXsBAIFmKx/a1AJsDM/YDdytakybV6rIlA3WoZECKrHfucGFMeKdBMOYKB sDqLUG000qVlzBEb80M84PDKymqUITd9DIpiQnyyRxxEG7MvxEU63bdDAcjilpEZ H8uO5ixXuMqF+g6JvfgDwgwjTwVid0QOdrCP1xPLLYni36s8xKmAZrxxPgqdBZv+ M+2kNOg62rsJPfA3Hz/pFOPThCKvlL8vsuP17ugaMhZzQQ9WFQJwYzvW2IgDHopG 8YZBpR+8VVUv1Q0JtvqhQrBTwiytimODS7XqqLu3/DHKJrlaYtY= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:16 2026 by rpki-client