$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143069.roa File: AS143069.roa (raw, json) Hash identifier: axQYhYUi8CukKCZXmYfif9rMROhubncA8463o74t9fk= Subject key identifier: 66:0D:A3:A5:DA:92:50:8E:E4:4A:49:60:31:81:E7:63:B1:8F:47:B5 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3112E68B31B5DF9D2304DAFDC264E726E7EC578E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143069.roa Signing time: Wed 04 Mar 2026 06:05:44 +0000 ROA not before: Wed 04 Mar 2026 06:00:44 +0000 ROA not after: Wed 03 Mar 2027 06:05:44 +0000 asID: 143069 IP address blocks: 240a:a1a3::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:12:e6:8b:31:b5:df:9d:23:04:da:fd:c2:64:e7:26:e7:ec:57:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:44 2026 GMT Not After : Mar 3 06:05:44 2027 GMT Subject: CN=660DA3A5DA92508EE44A49603181E763B18F47B5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:9f:71:c5:05:8b:62:ad:38:e3:6d:22:7f:56: bb:a3:dc:d4:50:6a:fa:3d:cd:f6:9a:02:9e:e5:d0: 20:0a:68:0e:b6:52:e7:5a:4a:eb:f7:49:ab:da:8d: b9:25:cc:e6:dd:5a:16:4e:cb:74:da:b8:d7:d0:84: d2:05:07:94:c4:1a:04:fb:ff:10:91:38:ed:86:00: fe:b2:78:13:bb:0f:ce:b5:d4:35:d7:8e:b3:bd:c3: 66:07:14:84:a5:56:6f:66:7f:bb:08:99:69:1a:c6: 55:a0:9b:59:a6:3d:e1:cd:4e:97:1d:4f:05:84:eb: 8c:c2:27:b1:11:b0:57:27:06:32:df:ff:fd:35:12: aa:4a:d6:4a:9f:80:f2:c4:5b:fa:df:90:7d:43:ef: 0d:9f:23:7e:34:2a:3a:9a:4a:1f:3d:ae:ca:d2:14: 13:d2:af:cc:fe:db:b3:71:8a:31:cc:e0:35:13:9f: 4f:7c:79:10:09:89:69:9a:c1:79:01:92:5d:44:61: 6c:ce:e9:6d:fe:5b:30:22:2f:6e:e8:03:f2:78:51: c1:79:a9:ba:87:63:da:6c:60:fa:29:57:48:20:0c: 80:9b:23:5c:b5:47:16:df:4a:42:75:68:eb:0d:f7: 37:e4:9a:28:3b:11:2a:ae:8c:2d:4b:53:e3:c8:4e: 52:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:0D:A3:A5:DA:92:50:8E:E4:4A:49:60:31:81:E7:63:B1:8F:47:B5 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143069.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1a3::/32 Signature Algorithm: sha256WithRSAEncryption 5e:94:3f:02:6f:4c:a3:6f:cc:1e:71:ce:0b:d6:f6:42:9a:66: 33:76:73:90:05:d8:7b:00:92:d5:8c:2d:16:18:97:12:73:6d: ee:e0:8e:8b:5b:14:05:8d:6c:0d:67:fc:dc:62:78:0a:46:bc: d1:fd:01:b5:00:a2:a6:d8:4f:21:e3:ba:88:f5:d5:54:d4:7f: b1:78:cc:0e:47:d5:7f:e0:ff:fc:ed:d4:d3:b1:6d:62:30:1f: 47:49:41:f4:90:bb:64:74:4b:09:8b:a6:2b:ec:a0:e8:0a:b7: 87:fb:36:0c:a9:2f:fb:65:f2:51:da:41:c6:6c:82:26:06:e0: a8:8e:61:39:25:0b:64:f0:ff:fb:52:fe:0d:4a:a8:29:53:36: be:fd:d5:3c:e2:d8:7f:a4:5e:5d:cf:16:4b:13:81:21:8a:90: 32:42:43:c6:2d:7c:6a:77:ef:7a:1d:fc:5f:7e:42:05:f0:5e: 17:99:6b:19:14:c4:34:66:cc:44:6d:cd:a4:8e:e9:2d:e5:95: e4:80:d4:3e:9b:4c:6d:a8:df:91:67:49:c5:80:1f:fa:62:17: aa:f4:d1:af:b3:b8:94:66:8a:53:23:d4:1f:cb:c0:8e:ad:4b: d3:f0:0c:ec:21:8f:ab:88:d0:ab:55:e8:39:dd:1c:24:1d:f2: 05:5f:81:e6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMRLmizG1350jBNr9wmTnJufsV44wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA0NFoX DTI3MDMwMzA2MDU0NFowMzExMC8GA1UEAxMoNjYwREEzQTVEQTkyNTA4RUU0NEE0 OTYwMzE4MUU3NjNCMThGNDdCNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMOfccUFi2KtOONtIn9Wu6Pc1FBq+j3N9poCnuXQIApoDrZS51pK6/dJq9qN uSXM5t1aFk7LdNq419CE0gUHlMQaBPv/EJE47YYA/rJ4E7sPzrXUNdeOs73DZgcU hKVWb2Z/uwiZaRrGVaCbWaY94c1Olx1PBYTrjMInsRGwVycGMt///TUSqkrWSp+A 8sRb+t+QfUPvDZ8jfjQqOppKHz2uytIUE9KvzP7bs3GKMczgNROfT3x5EAmJaZrB eQGSXURhbM7pbf5bMCIvbugD8nhRwXmpuodj2mxg+ilXSCAMgJsjXLVHFt9KQnVo 6w33N+SaKDsRKq6MLUtT48hOUs8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRmDaOl 2pJQjuRKSWAxgedjsY9HtTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzA2OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oaMwDQYJKoZIhvcNAQELBQADggEBAF6UPwJvTKNvzB5xzgvW9kKaZjN2c5AF2HsA ktWMLRYYlxJzbe7gjotbFAWNbA1n/NxieApGvNH9AbUAoqbYTyHjuoj11VTUf7F4 zA5H1X/g//zt1NOxbWIwH0dJQfSQu2R0SwmLpivsoOgKt4f7NgypL/tl8lHaQcZs giYG4KiOYTklC2Tw//tS/g1KqClTNr791Tzi2H+kXl3PFksTgSGKkDJCQ8YtfGp3 73od/F9+QgXwXheZaxkUxDRmzERtzaSO6S3lleSA1D6bTG2o35FnScWAH/piF6r0 0a+zuJRmilMj1B/LwI6tS9PwDOwhj6uI0KtV6DndHCQd8gVfgeY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:45 2026 by rpki-client