$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143059.roa File: AS143059.roa (raw, json) Hash identifier: Tu4bl6ACc4E9E7C6k6QrV8SO+40565huewpPz6wv0Y4= Subject key identifier: A7:A9:D0:A5:C9:66:91:FC:0F:87:14:00:CD:49:35:1C:42:1F:FB:FC Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 76E6F150A0B3BE4E4B0CCE0A30119FA825C9D291 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143059.roa Signing time: Wed 04 Mar 2026 06:07:21 +0000 ROA not before: Wed 04 Mar 2026 06:02:21 +0000 ROA not after: Wed 03 Mar 2027 06:07:21 +0000 asID: 143059 IP address blocks: 240a:a199::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:e6:f1:50:a0:b3:be:4e:4b:0c:ce:0a:30:11:9f:a8:25:c9:d2:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:21 2026 GMT Not After : Mar 3 06:07:21 2027 GMT Subject: CN=A7A9D0A5C96691FC0F871400CD49351C421FFBFC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:70:fe:4f:1a:e8:2a:a5:81:df:d1:82:37:53: 80:8b:26:01:fd:23:b8:8e:d2:d7:50:b7:63:4d:05: 78:99:b0:0c:68:87:c4:c4:43:63:79:14:be:0c:24: e1:02:1f:8a:69:55:33:6f:81:67:b6:47:32:45:93: 0d:74:e3:b9:ce:09:c1:98:d3:35:84:7a:19:9d:66: 00:e2:a6:dc:67:80:29:27:6c:9b:73:bc:2b:22:47: 82:4c:92:4f:fc:67:a9:88:07:75:7b:b6:88:4c:51: 5f:b7:21:95:cb:70:82:64:60:cb:8b:fa:67:18:30: 5c:bb:1f:50:3e:92:b9:3d:31:c6:23:2a:c5:a3:5b: a8:f6:83:c9:23:b2:23:ae:7f:03:dd:03:5b:8c:c8: e1:e2:ad:17:28:91:2a:46:ee:81:8b:24:7e:7d:99: c9:f1:34:e7:36:a8:ef:f0:d8:bb:92:ed:e5:6d:28: 57:9e:91:d9:f9:60:35:3b:f9:9d:2a:00:bf:cd:1f: eb:38:b5:18:a8:46:64:14:d7:fc:68:66:ec:87:10: 36:6f:ac:a1:3f:e4:39:19:6b:80:04:3d:91:c5:d8: f5:12:83:ed:d5:9e:b4:03:fb:c5:97:c4:e1:aa:55: ce:67:88:9a:ed:39:a9:81:1d:4c:0d:22:1a:4a:fb: e5:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:A9:D0:A5:C9:66:91:FC:0F:87:14:00:CD:49:35:1C:42:1F:FB:FC X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143059.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a199::/32 Signature Algorithm: sha256WithRSAEncryption ce:4f:e0:a1:49:78:51:30:73:f6:88:47:35:af:a7:c9:76:9e: 7f:b8:64:33:b1:70:2d:b7:bf:c9:6b:46:86:a3:45:5a:bd:22: fd:86:fc:8d:af:19:71:51:da:d4:7d:ef:e9:29:f6:bf:1a:b0: 29:2a:8a:13:49:02:d5:4c:0c:42:78:70:81:29:6f:20:b6:d7: 3b:47:7e:68:5a:67:f0:02:be:fa:9a:ec:06:51:75:ff:2c:6b: 45:e8:13:ad:1c:9d:6c:a9:e8:f2:e7:29:7a:3e:6e:1a:38:da: 74:2d:17:13:fa:b0:b6:9e:3b:50:7a:cd:3e:18:9a:06:90:fe: 2e:f0:df:56:6d:e1:8e:c2:23:04:11:29:61:8a:95:02:74:a7: 29:e3:30:b7:48:ea:1b:40:e1:9b:8c:b7:d8:c5:ed:b0:96:d3: 39:f0:c6:7c:dd:22:ed:a9:05:9c:d5:ac:91:11:66:f4:a2:90: 97:9b:5c:86:9a:8c:97:17:77:2a:ff:29:59:68:74:41:92:7b: ab:a4:4d:cd:1d:2a:16:b2:5e:ef:9a:6a:11:9f:c5:cd:d7:3d: 3f:c0:c2:5d:12:14:6a:82:b3:d7:8f:94:7a:2f:70:9a:da:2d: 42:56:35:80:03:3d:f4:b2:fd:a5:dd:82:d9:56:29:99:27:6e: 04:6d:d7:7e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUdubxUKCzvk5LDM4KMBGfqCXJ0pEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIyMVoX DTI3MDMwMzA2MDcyMVowMzExMC8GA1UEAxMoQTdBOUQwQTVDOTY2OTFGQzBGODcx NDAwQ0Q0OTM1MUM0MjFGRkJGQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALBw/k8a6Cqlgd/RgjdTgIsmAf0juI7S11C3Y00FeJmwDGiHxMRDY3kUvgwk 4QIfimlVM2+BZ7ZHMkWTDXTjuc4JwZjTNYR6GZ1mAOKm3GeAKSdsm3O8KyJHgkyS T/xnqYgHdXu2iExRX7chlctwgmRgy4v6ZxgwXLsfUD6SuT0xxiMqxaNbqPaDySOy I65/A90DW4zI4eKtFyiRKkbugYskfn2ZyfE05zao7/DYu5Lt5W0oV56R2flgNTv5 nSoAv80f6zi1GKhGZBTX/Ghm7IcQNm+soT/kORlrgAQ9kcXY9RKD7dWetAP7xZfE 4apVzmeImu05qYEdTA0iGkr75X0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSnqdCl yWaR/A+HFADNSTUcQh/7/DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzA1OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oZkwDQYJKoZIhvcNAQELBQADggEBAM5P4KFJeFEwc/aIRzWvp8l2nn+4ZDOxcC23 v8lrRoajRVq9Iv2G/I2vGXFR2tR97+kp9r8asCkqihNJAtVMDEJ4cIEpbyC21ztH fmhaZ/ACvvqa7AZRdf8sa0XoE60cnWyp6PLnKXo+bho42nQtFxP6sLaeO1B6zT4Y mgaQ/i7w31Zt4Y7CIwQRKWGKlQJ0pynjMLdI6htA4ZuMt9jF7bCW0znwxnzdIu2p BZzVrJERZvSikJebXIaajJcXdyr/KVlodEGSe6ukTc0dKhayXu+aahGfxc3XPT/A wl0SFGqCs9ePlHovcJraLUJWNYADPfSy/aXdgtlWKZknbgRt134= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:48 2026 by rpki-client