$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143052.roa File: AS143052.roa (raw, json) Hash identifier: jNNYlsdU3fu+Tkpeye10dk4fBHChTBVgo+OmHd3tCkg= Subject key identifier: C8:4A:75:D3:C9:B9:8D:B4:F9:5F:26:30:9E:C1:A7:21:63:B3:51:07 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 21EA8B1ECDB6BC4A67823BD7BC42D42AA1711C0A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143052.roa Signing time: Wed 04 Mar 2026 06:05:55 +0000 ROA not before: Wed 04 Mar 2026 06:00:55 +0000 ROA not after: Wed 03 Mar 2027 06:05:55 +0000 asID: 143052 IP address blocks: 240a:a192::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:ea:8b:1e:cd:b6:bc:4a:67:82:3b:d7:bc:42:d4:2a:a1:71:1c:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:55 2026 GMT Not After : Mar 3 06:05:55 2027 GMT Subject: CN=C84A75D3C9B98DB4F95F26309EC1A72163B35107 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:43:9e:08:b4:45:30:88:7c:b0:b5:68:e1:cc: b3:d8:e6:8d:a8:8b:be:5c:8f:42:bd:6c:48:82:00: c1:c6:03:62:aa:63:1e:b7:eb:49:b1:2a:0b:cc:94: 52:a7:09:0f:4b:94:a9:ad:bd:2e:ab:65:bb:d5:11: 9f:fe:80:00:1c:37:ca:05:f0:a1:3d:63:5d:73:eb: 25:47:19:fa:1d:07:cb:31:36:2d:02:4a:53:fb:f0: 39:13:05:33:1b:f9:8a:47:04:7b:8e:5f:5a:8e:6a: 18:77:f6:ba:ff:2a:41:5b:59:a3:f8:0f:17:4e:12: da:11:f7:ee:52:75:22:f7:6e:0f:ba:8f:65:17:71: f9:f0:d5:05:1d:79:33:f9:40:11:4e:ea:f5:c9:c0: db:f6:6b:c9:ce:7f:16:c1:cb:93:e5:82:9e:a1:31: 1f:05:ac:38:fb:52:19:ac:5e:df:60:e8:21:54:89: a9:b1:eb:48:c4:32:94:b8:f6:6d:5c:4e:97:9e:75: e4:6c:47:d4:3c:12:a1:2e:10:5c:92:81:3d:11:fa: 9d:77:c7:1c:6e:b5:cb:ef:d7:5d:99:83:b7:f9:9b: 34:a3:35:9f:09:6d:ac:4f:9e:ca:dc:37:9b:eb:f4: 0e:f3:89:ab:a2:bc:92:6f:e1:fd:67:23:9a:98:ac: ec:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:4A:75:D3:C9:B9:8D:B4:F9:5F:26:30:9E:C1:A7:21:63:B3:51:07 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143052.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a192::/32 Signature Algorithm: sha256WithRSAEncryption 0a:7c:4a:47:31:a3:5a:f3:2f:74:ce:65:2f:37:e0:26:99:79: f5:a8:e1:52:ab:eb:86:19:24:9b:90:c6:73:ac:54:b8:72:76: d6:c9:94:1b:b9:5f:a9:12:ab:ee:b1:d5:6c:2a:23:21:bd:76: f3:50:24:0b:8d:de:28:4e:d3:73:32:67:c8:a2:2d:3f:1c:90: d8:a0:06:2c:7e:3b:2b:ba:c4:2c:c0:0f:0a:9a:c9:59:06:17: 45:d9:f7:e4:bd:a7:f1:20:c7:f1:6f:9f:20:e9:4b:97:a3:d4: 97:bf:00:71:6e:cc:3c:f4:68:6c:87:21:e0:e3:f7:65:f1:6c: 35:8a:04:d8:0e:87:f9:2b:29:54:7e:8c:37:f3:ca:79:64:2e: 6a:f5:8e:ce:5e:77:47:58:02:c0:e9:04:7e:33:d8:48:ff:bd: bd:db:f5:b8:4a:00:b9:d7:5a:5d:e5:e1:05:52:d0:f6:0a:31: e4:92:80:53:79:d8:e7:6e:31:20:90:ca:2c:70:bd:bd:ff:43: 0d:15:5f:90:02:41:35:48:1b:d0:ea:2f:ce:af:21:6a:58:9d: 17:bf:c8:b7:59:6a:c5:ec:d3:25:86:1d:f0:6d:bd:1c:ac:54: f3:6b:ff:18:ab:98:2c:a8:19:bf:35:03:a2:77:17:18:de:47: b2:de:74:37 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUIeqLHs22vEpngjvXvELUKqFxHAowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA1NVoX DTI3MDMwMzA2MDU1NVowMzExMC8GA1UEAxMoQzg0QTc1RDNDOUI5OERCNEY5NUYy NjMwOUVDMUE3MjE2M0IzNTEwNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMpDngi0RTCIfLC1aOHMs9jmjaiLvlyPQr1sSIIAwcYDYqpjHrfrSbEqC8yU UqcJD0uUqa29Lqtlu9URn/6AABw3ygXwoT1jXXPrJUcZ+h0HyzE2LQJKU/vwORMF Mxv5ikcEe45fWo5qGHf2uv8qQVtZo/gPF04S2hH37lJ1IvduD7qPZRdx+fDVBR15 M/lAEU7q9cnA2/Zryc5/FsHLk+WCnqExHwWsOPtSGaxe32DoIVSJqbHrSMQylLj2 bVxOl5515GxH1DwSoS4QXJKBPRH6nXfHHG61y+/XXZmDt/mbNKM1nwltrE+eytw3 m+v0DvOJq6K8km/h/Wcjmpis7IkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTISnXT ybmNtPlfJjCewachY7NRBzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzA1Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oZIwDQYJKoZIhvcNAQELBQADggEBAAp8Skcxo1rzL3TOZS834CaZefWo4VKr64YZ JJuQxnOsVLhydtbJlBu5X6kSq+6x1WwqIyG9dvNQJAuN3ihO03MyZ8iiLT8ckNig Bix+Oyu6xCzADwqayVkGF0XZ9+S9p/Egx/FvnyDpS5ej1Je/AHFuzDz0aGyHIeDj 92XxbDWKBNgOh/krKVR+jDfzynlkLmr1js5ed0dYAsDpBH4z2Ej/vb3b9bhKALnX Wl3l4QVS0PYKMeSSgFN52OduMSCQyixwvb3/Qw0VX5ACQTVIG9DqL86vIWpYnRe/ yLdZasXs0yWGHfBtvRysVPNr/xirmCyoGb81A6J3FxjeR7LedDc= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:22 2026 by rpki-client