$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143054.roa File: AS143054.roa (raw, json) Hash identifier: clbgdHq50A+Csi6iOqFV8ED2c48g6L2Zpt/TqDTXXDw= Subject key identifier: 5F:1E:4F:26:C9:D5:E4:BD:23:95:BD:61:77:0B:C9:C8:69:FF:6D:B1 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5871FFA9EC4BFBA18D348E7921D9CC0BB6D1BE27 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143054.roa Signing time: Wed 04 Mar 2026 06:06:05 +0000 ROA not before: Wed 04 Mar 2026 06:01:05 +0000 ROA not after: Wed 03 Mar 2027 06:06:05 +0000 asID: 143054 IP address blocks: 240a:a194::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:71:ff:a9:ec:4b:fb:a1:8d:34:8e:79:21:d9:cc:0b:b6:d1:be:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:05 2026 GMT Not After : Mar 3 06:06:05 2027 GMT Subject: CN=5F1E4F26C9D5E4BD2395BD61770BC9C869FF6DB1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:d7:8b:eb:77:9b:da:56:a2:50:ef:32:d5:57: ae:9f:fd:ac:d1:89:28:e8:1f:8e:b8:41:27:ee:c4: 92:ba:36:d3:a3:73:7f:6c:79:43:4f:d6:34:50:7c: a2:0d:b9:35:aa:20:b1:2b:9d:f5:0d:bd:1c:31:a7: c9:61:de:00:50:13:9c:d2:35:28:7d:02:fd:e4:67: a9:d5:c7:66:fb:54:e3:39:9c:34:d7:bd:0b:99:4d: 4b:01:4d:68:e7:6f:18:7e:67:74:2e:50:0c:9d:01: 5b:31:ba:c8:5d:7c:09:d0:3c:66:1c:5d:88:56:89: c3:cf:24:80:93:c6:67:90:1e:92:4a:5c:b1:b4:46: fe:57:4a:92:df:5c:3a:35:6f:6b:7c:c5:1f:f4:ef: 7c:3b:43:ea:b1:64:99:21:31:aa:18:7f:25:66:e9: 2c:8c:00:22:6a:12:34:40:b8:f7:b5:e0:2e:ef:1d: 5b:14:d6:d8:c0:1d:dd:db:e2:18:96:77:59:fe:e3: 5b:88:97:3f:5b:3b:38:04:84:16:63:d8:b8:36:8f: fb:5b:8c:0e:7e:55:7f:e8:dd:7a:15:a6:be:80:6b: f5:55:04:e2:08:c3:f6:27:91:e4:45:7f:56:c8:a0: d6:23:ab:1b:1f:42:ff:44:4d:cc:46:18:e5:03:a3: b9:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:1E:4F:26:C9:D5:E4:BD:23:95:BD:61:77:0B:C9:C8:69:FF:6D:B1 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143054.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a194::/32 Signature Algorithm: sha256WithRSAEncryption 24:20:26:d7:c9:1e:b8:d7:8f:2a:3f:c6:9e:ef:af:8f:23:17: 5c:ed:53:7c:c7:83:7c:02:a7:ff:a8:30:d3:ec:7b:8e:71:96: 74:18:bd:a2:3c:a5:71:78:3e:4b:44:01:53:8d:b6:e7:b9:58: 43:2a:15:17:12:05:13:48:21:84:a5:54:dd:90:37:9b:80:5a: 0b:cc:61:92:51:ed:75:65:52:1c:a3:98:16:d1:59:10:82:8f: 9b:7b:33:d0:0b:72:05:e9:b7:f9:c6:6a:96:32:8e:1f:13:fc: 8a:95:7b:8f:65:4c:7f:d0:12:67:19:28:95:45:2c:c1:b1:8c: 23:1d:f6:4d:30:f7:90:e4:f8:f0:25:0f:10:da:c6:e0:3e:43: d8:f1:1e:4c:1a:5e:25:d9:c0:23:e4:12:73:5e:3e:70:f3:3f: bc:42:4a:50:90:c8:e8:a5:31:73:cc:9d:13:58:64:4f:d9:b9: f3:e5:7e:62:72:ce:9a:36:9a:93:ad:cd:c3:c9:a2:74:ee:bd: 74:80:0e:19:a0:d4:f7:d7:cd:1a:89:c3:d8:f7:17:fc:87:45: dc:97:e4:40:6f:d6:c9:99:eb:d0:0c:73:89:f9:93:f5:54:64: da:d5:ce:ba:7c:cf:71:36:e3:3e:c5:2b:0d:a6:1a:81:ea:53: e0:78:c5:24 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWHH/qexL+6GNNI55IdnMC7bRvicwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEwNVoX DTI3MDMwMzA2MDYwNVowMzExMC8GA1UEAxMoNUYxRTRGMjZDOUQ1RTRCRDIzOTVC RDYxNzcwQkM5Qzg2OUZGNkRCMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM/Xi+t3m9pWolDvMtVXrp/9rNGJKOgfjrhBJ+7Ekro206Nzf2x5Q0/WNFB8 og25NaogsSud9Q29HDGnyWHeAFATnNI1KH0C/eRnqdXHZvtU4zmcNNe9C5lNSwFN aOdvGH5ndC5QDJ0BWzG6yF18CdA8ZhxdiFaJw88kgJPGZ5AekkpcsbRG/ldKkt9c OjVva3zFH/TvfDtD6rFkmSExqhh/JWbpLIwAImoSNEC497XgLu8dWxTW2MAd3dvi GJZ3Wf7jW4iXP1s7OASEFmPYuDaP+1uMDn5Vf+jdehWmvoBr9VUE4gjD9ieR5EV/ Vsig1iOrGx9C/0RNzEYY5QOjuQMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRfHk8m ydXkvSOVvWF3C8nIaf9tsTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzA1NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oZQwDQYJKoZIhvcNAQELBQADggEBACQgJtfJHrjXjyo/xp7vr48jF1ztU3zHg3wC p/+oMNPse45xlnQYvaI8pXF4PktEAVONtue5WEMqFRcSBRNIIYSlVN2QN5uAWgvM YZJR7XVlUhyjmBbRWRCCj5t7M9ALcgXpt/nGapYyjh8T/IqVe49lTH/QEmcZKJVF LMGxjCMd9k0w95Dk+PAlDxDaxuA+Q9jxHkwaXiXZwCPkEnNePnDzP7xCSlCQyOil MXPMnRNYZE/ZufPlfmJyzpo2mpOtzcPJonTuvXSADhmg1PfXzRqJw9j3F/yHRdyX 5EBv1smZ69AMc4n5k/VUZNrVzrp8z3E24z7FKw2mGoHqU+B4xSQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:30 2026 by rpki-client