$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143063.roa File: AS143063.roa (raw, json) Hash identifier: 3dXUjdtp8RhqguAyGn+NqoZywCT7tV5nmpQjiDQkQ4U= Subject key identifier: 96:AF:74:CA:D3:10:FD:27:30:D6:1E:54:B4:C8:1C:26:ED:CF:C4:66 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7C2CCCF19C7A38F4A254C6BA1EBD69763504E03F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143063.roa Signing time: Wed 04 Mar 2026 06:07:36 +0000 ROA not before: Wed 04 Mar 2026 06:02:36 +0000 ROA not after: Wed 03 Mar 2027 06:07:36 +0000 asID: 143063 IP address blocks: 240a:a19d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:2c:cc:f1:9c:7a:38:f4:a2:54:c6:ba:1e:bd:69:76:35:04:e0:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:36 2026 GMT Not After : Mar 3 06:07:36 2027 GMT Subject: CN=96AF74CAD310FD2730D61E54B4C81C26EDCFC466 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:a6:fe:77:65:ea:41:ab:75:d9:b1:13:71:f4: 4d:3d:8b:a7:80:b1:6a:f7:3e:cb:9f:f2:c6:d7:31: 11:a1:f3:e7:a2:f6:fa:51:9a:bc:47:16:fc:b5:2d: d6:c8:00:87:52:ad:4b:23:9e:54:79:75:4a:8e:23: f5:26:64:71:e3:41:82:3d:7e:c7:a5:12:6c:af:fc: 3f:56:0b:d6:5c:95:7d:47:0d:f8:75:bb:d8:28:4d: 87:18:a3:25:d1:9e:f1:d8:f7:96:e7:cd:25:45:a4: 25:a9:44:27:3a:06:3d:aa:af:dc:f0:73:7c:88:81: b6:ce:ea:5d:9a:78:21:bd:96:02:b0:66:aa:70:23: 1d:5a:7e:fb:74:8f:32:4d:3a:12:ee:59:26:48:f3: 72:c9:36:9d:91:33:70:87:f9:3e:94:4b:bc:07:98: 5d:17:65:46:9c:a6:d4:ff:bd:26:d4:f6:b5:7e:37: 4b:1a:f4:e4:62:c5:fa:eb:75:70:2f:22:7c:b9:ce: aa:00:ad:25:db:07:3c:44:26:7b:7c:59:7b:42:56: 72:76:54:ad:f1:bb:d2:36:1e:45:33:9a:1e:6f:ac: e1:cb:b9:a9:19:1a:a6:8f:ba:ed:71:d3:88:b7:b3: b9:ed:5f:76:74:d1:a8:76:4f:10:c9:65:34:3b:0c: 43:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:AF:74:CA:D3:10:FD:27:30:D6:1E:54:B4:C8:1C:26:ED:CF:C4:66 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143063.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a19d::/32 Signature Algorithm: sha256WithRSAEncryption 75:c1:4d:64:62:41:0e:a3:29:cb:9c:eb:79:b2:05:64:d9:66: 9b:14:8d:46:7b:e3:b2:d2:d5:a3:ef:8f:ab:64:80:7b:36:01: fe:9c:0a:ff:f1:e2:32:ee:1e:26:a3:0d:67:1b:2c:94:9d:e1: 90:56:22:c6:01:fd:13:d9:96:8f:52:57:a9:54:42:b0:a9:97: 5d:72:e8:4d:04:c1:6c:26:70:c8:40:b8:d9:8d:c4:75:bc:2b: 62:a9:01:21:25:1c:17:ac:1d:35:69:d0:3e:77:ad:a9:42:c9: be:83:c9:26:b4:d3:a8:dd:b8:c2:1c:ba:1f:ee:97:20:6b:04: 51:1a:7c:b4:ff:60:f8:75:ec:20:98:cd:bf:b1:c5:40:d0:b4: f3:69:95:7a:09:79:49:2b:32:f8:0f:ad:84:52:7a:bc:95:6a: 3e:ca:c9:f3:74:66:47:8d:28:be:ff:e5:72:be:40:39:b1:60: 27:1e:7c:66:f5:09:11:91:e1:bb:3f:5b:99:86:49:b9:a9:86: b2:19:c0:c3:f1:49:9c:33:4c:a9:b4:65:5b:f5:bc:c6:46:b7: 04:d2:51:18:cf:04:90:fb:fa:24:26:32:91:ab:e1:8c:ee:fe: 8d:e7:97:51:f2:01:7d:0f:93:b6:07:de:fc:ff:a3:86:05:9d: 57:d2:a8:be -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUfCzM8Zx6OPSiVMa6Hr1pdjUE4D8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIzNloX DTI3MDMwMzA2MDczNlowMzExMC8GA1UEAxMoOTZBRjc0Q0FEMzEwRkQyNzMwRDYx RTU0QjRDODFDMjZFRENGQzQ2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPSm/ndl6kGrddmxE3H0TT2Lp4Cxavc+y5/yxtcxEaHz56L2+lGavEcW/LUt 1sgAh1KtSyOeVHl1So4j9SZkceNBgj1+x6USbK/8P1YL1lyVfUcN+HW72ChNhxij JdGe8dj3lufNJUWkJalEJzoGPaqv3PBzfIiBts7qXZp4Ib2WArBmqnAjHVp++3SP Mk06Eu5ZJkjzcsk2nZEzcIf5PpRLvAeYXRdlRpym1P+9JtT2tX43Sxr05GLF+ut1 cC8ifLnOqgCtJdsHPEQme3xZe0JWcnZUrfG70jYeRTOaHm+s4cu5qRkapo+67XHT iLezue1fdnTRqHZPEMllNDsMQ0UCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSWr3TK 0xD9JzDWHlS0yBwm7c/EZjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzA2My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oZ0wDQYJKoZIhvcNAQELBQADggEBAHXBTWRiQQ6jKcuc63myBWTZZpsUjUZ747LS 1aPvj6tkgHs2Af6cCv/x4jLuHiajDWcbLJSd4ZBWIsYB/RPZlo9SV6lUQrCpl11y 6E0EwWwmcMhAuNmNxHW8K2KpASElHBesHTVp0D53ralCyb6DySa006jduMIcuh/u lyBrBFEafLT/YPh17CCYzb+xxUDQtPNplXoJeUkrMvgPrYRSeryVaj7KyfN0ZkeN KL7/5XK+QDmxYCcefGb1CRGR4bs/W5mGSbmphrIZwMPxSZwzTKm0ZVv1vMZGtwTS URjPBJD7+iQmMpGr4Yzu/o3nl1HyAX0Pk7YH3vz/o4YFnVfSqL4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:39 2026 by rpki-client