$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143051.roa File: AS143051.roa (raw, json) Hash identifier: Ws7j6PaKaDUvIyxgs8DkDiF9EKmq525bL2nAxmGiZSk= Subject key identifier: FC:0A:D6:AF:0B:C1:31:F4:55:15:89:F7:7D:2D:BC:4D:8E:7F:7E:AB Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 36F8CBE063E23096FC17233C693FB42968CA7CF9 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143051.roa Signing time: Wed 04 Mar 2026 06:07:20 +0000 ROA not before: Wed 04 Mar 2026 06:02:20 +0000 ROA not after: Wed 03 Mar 2027 06:07:20 +0000 asID: 143051 IP address blocks: 240a:a191::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:f8:cb:e0:63:e2:30:96:fc:17:23:3c:69:3f:b4:29:68:ca:7c:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:20 2026 GMT Not After : Mar 3 06:07:20 2027 GMT Subject: CN=FC0AD6AF0BC131F4551589F77D2DBC4D8E7F7EAB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:1f:88:f5:a7:af:55:0c:04:15:79:ee:c7:9d: 7f:db:f4:ae:00:8a:5d:fe:fa:6e:e0:bb:dc:f6:79: ff:16:39:e1:a5:da:0b:fe:e8:6b:ed:b2:26:e1:31: c1:b5:b3:3b:19:00:f6:bd:53:a2:ce:50:3c:61:b3: c1:3e:54:d8:cf:da:83:8f:49:45:2c:3a:c1:c3:e7: d6:34:96:d8:09:f5:6d:bf:7e:25:7b:8e:5d:75:cd: af:89:3d:45:60:53:0f:be:4e:27:af:9c:11:5b:0d: b1:b0:b3:07:5c:26:cb:c9:23:c2:e0:d4:a4:53:67: 01:3c:fc:f3:12:ee:33:0d:81:9c:66:bb:82:4f:eb: 7c:2f:a7:c0:2a:20:bf:a1:e4:f9:79:db:9d:72:af: 8a:30:ca:b6:c1:86:33:2b:0b:c6:77:0a:16:b4:11: 6a:47:49:8d:e0:20:3d:f5:d5:2f:bf:7d:c8:f5:e4: 4d:88:e3:97:63:2f:7c:c3:1d:ed:87:cf:2b:37:24: 37:bf:72:b4:de:ff:d0:b7:93:98:2b:b7:8e:a5:74: af:24:2f:4a:a7:0b:45:81:e0:5b:f0:8a:9d:41:b3: 00:a8:f7:18:2c:6c:84:8d:4e:dc:ae:ab:70:6a:4d: cc:a3:96:e0:34:52:3e:62:d6:4a:b5:46:86:e5:83: fc:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:0A:D6:AF:0B:C1:31:F4:55:15:89:F7:7D:2D:BC:4D:8E:7F:7E:AB X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143051.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a191::/32 Signature Algorithm: sha256WithRSAEncryption 33:5f:17:25:74:3a:14:ac:79:23:72:b0:5e:fe:bb:85:98:aa: 08:d3:b2:d7:16:a4:21:02:f7:94:99:df:d1:0a:bc:21:29:6d: 45:0c:43:0d:b4:c9:19:71:62:6b:e9:e3:4c:9b:5a:1f:e4:2e: 0d:28:fc:8e:85:b2:05:42:bc:2e:1d:d3:f7:67:b9:64:3a:b1: 9c:f8:8a:cb:9c:6c:81:db:d1:f0:6f:26:13:67:a4:b5:0a:5b: 7f:e5:1e:e8:05:dc:94:98:3a:55:07:ae:ae:c1:c4:76:5b:7d: 1e:f6:72:a5:62:51:0f:32:12:da:7c:b0:b3:6d:92:ed:cd:6c: f0:6d:46:5b:92:2e:42:0a:48:dc:55:27:1a:30:81:c1:2a:df: 8b:31:4b:6c:82:bb:18:27:fd:fc:a1:1d:45:5f:2d:08:08:5c: df:72:f9:fc:a1:a0:69:6b:dd:01:5c:e3:4a:b3:22:a3:55:2a: 04:e7:4e:d1:ee:75:1e:28:ad:d1:f6:5e:b6:f9:2c:ed:f2:a1: 81:0a:50:2c:f6:ea:9d:03:d1:57:03:5c:cc:27:77:27:ef:6e: 91:9c:b1:90:b5:77:18:36:a8:60:d3:87:36:9e:65:35:ce:9d: 10:79:de:93:74:3a:85:c3:0a:e5:44:33:9a:78:57:9e:f3:7b: 86:c7:d1:36 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNvjL4GPiMJb8FyM8aT+0KWjKfPkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIyMFoX DTI3MDMwMzA2MDcyMFowMzExMC8GA1UEAxMoRkMwQUQ2QUYwQkMxMzFGNDU1MTU4 OUY3N0QyREJDNEQ4RTdGN0VBQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMYfiPWnr1UMBBV57sedf9v0rgCKXf76buC73PZ5/xY54aXaC/7oa+2yJuEx wbWzOxkA9r1Tos5QPGGzwT5U2M/ag49JRSw6wcPn1jSW2An1bb9+JXuOXXXNr4k9 RWBTD75OJ6+cEVsNsbCzB1wmy8kjwuDUpFNnATz88xLuMw2BnGa7gk/rfC+nwCog v6Hk+XnbnXKvijDKtsGGMysLxncKFrQRakdJjeAgPfXVL799yPXkTYjjl2MvfMMd 7YfPKzckN79ytN7/0LeTmCu3jqV0ryQvSqcLRYHgW/CKnUGzAKj3GCxshI1O3K6r cGpNzKOW4DRSPmLWSrVGhuWD/GkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT8Ctav C8Ex9FUVifd9LbxNjn9+qzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzA1MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oZEwDQYJKoZIhvcNAQELBQADggEBADNfFyV0OhSseSNysF7+u4WYqgjTstcWpCEC 95SZ39EKvCEpbUUMQw20yRlxYmvp40ybWh/kLg0o/I6FsgVCvC4d0/dnuWQ6sZz4 isucbIHb0fBvJhNnpLUKW3/lHugF3JSYOlUHrq7BxHZbfR72cqViUQ8yEtp8sLNt ku3NbPBtRluSLkIKSNxVJxowgcEq34sxS2yCuxgn/fyhHUVfLQgIXN9y+fyhoGlr 3QFc40qzIqNVKgTnTtHudR4ordH2Xrb5LO3yoYEKUCz26p0D0VcDXMwndyfvbpGc sZC1dxg2qGDThzaeZTXOnRB53pN0OoXDCuVEM5p4V57ze4bH0TY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:29 2026 by rpki-client