$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143076.roa File: AS143076.roa (raw, json) Hash identifier: 1T1SLqRFH+XIauDx5ynfqfJw9yflUCYGAW0ymQlU2Yc= Subject key identifier: C1:77:E3:D5:BB:4D:E7:C0:78:0A:0E:03:87:E5:34:C4:AA:70:F4:4C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 69EB14D3059E66366C4237AEF404BB398066A72E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143076.roa Signing time: Wed 04 Mar 2026 06:05:56 +0000 ROA not before: Wed 04 Mar 2026 06:00:56 +0000 ROA not after: Wed 03 Mar 2027 06:05:56 +0000 asID: 143076 IP address blocks: 240a:a1aa::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:eb:14:d3:05:9e:66:36:6c:42:37:ae:f4:04:bb:39:80:66:a7:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:56 2026 GMT Not After : Mar 3 06:05:56 2027 GMT Subject: CN=C177E3D5BB4DE7C0780A0E0387E534C4AA70F44C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:43:79:c1:1f:b2:bc:0b:eb:59:dd:90:f0:41: 12:c3:0e:aa:8e:e7:63:8e:54:2f:bd:a0:99:c5:12: 29:a0:5f:a8:88:89:45:47:59:d6:67:97:61:8f:f8: 7d:ad:bc:59:6a:3f:c3:33:af:83:93:d1:4e:43:cf: 7e:b9:e5:fc:4e:8f:63:43:7d:98:ef:71:a7:64:49: 78:cc:95:7d:62:5e:d0:7e:f7:7e:84:ef:2d:02:8a: 33:99:12:eb:84:27:e5:fe:e2:27:d0:c6:8d:f9:d2: 43:ee:ce:47:2d:46:03:c1:ca:26:f6:0c:5e:30:02: 78:48:6e:33:12:b0:dd:eb:51:f0:95:e7:74:17:d8: f0:28:6b:50:cf:8f:4e:e2:cd:ee:83:ec:3f:d1:9b: ce:56:99:6f:90:16:9a:9b:f1:2c:89:67:92:52:37: e3:43:45:81:2c:e9:22:c9:36:8b:80:04:01:e0:d2: 61:14:91:23:30:8e:f5:a2:0e:a3:07:19:5e:27:ce: b6:74:b3:05:d3:10:be:20:85:93:8e:29:ce:61:cb: b3:77:fb:b5:c1:6f:b4:25:0e:ae:24:71:40:eb:2b: 3d:de:6a:b7:87:e5:1f:f2:19:b6:e6:18:31:76:1e: 30:56:b9:4b:45:4b:4b:2d:f3:03:13:5c:91:6a:e6: 5c:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:77:E3:D5:BB:4D:E7:C0:78:0A:0E:03:87:E5:34:C4:AA:70:F4:4C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143076.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1aa::/32 Signature Algorithm: sha256WithRSAEncryption 5b:bb:f9:d2:46:01:ff:fc:56:11:0a:7a:55:71:57:26:9a:f8: 1e:b6:79:a9:49:97:85:4a:cc:43:84:0c:41:76:f7:a4:c7:b6: ff:9e:6e:90:a9:2b:66:e5:54:4c:fb:bb:93:90:b1:be:85:59: 17:02:c3:98:ab:ad:3e:e9:d0:82:47:29:0f:c2:b5:ee:f0:e7: ad:91:72:b2:09:dc:ce:b8:72:aa:7e:cb:f2:70:65:9f:58:1e: ae:26:3a:af:43:06:a1:9f:a0:30:9d:a9:be:33:bd:6d:a0:34: fa:65:23:d2:0e:1f:db:49:f7:b1:cf:3d:60:74:af:ef:8e:d5: 58:75:b8:5a:e6:bb:1a:d3:6d:02:5d:65:62:89:6c:38:0c:e6: c2:09:c6:1e:c9:c4:6f:3f:8b:31:6e:d3:24:ba:d3:88:a6:af: 74:40:70:e0:96:6a:e1:84:98:17:21:bd:da:95:64:0c:00:cf: 89:47:10:41:90:b1:f4:d4:b4:e2:d4:98:08:9b:f1:4b:c6:b3: 99:73:f1:42:f6:87:cb:5e:57:92:90:e3:5a:56:25:f8:a9:87: ff:2f:3f:f7:f0:46:da:0c:ef:01:85:33:66:58:95:e0:0c:38: a6:6c:a0:4f:b4:2c:2b:0e:37:f4:a7:f2:9f:a6:a8:8e:30:b9: aa:4b:c0:43 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUaesU0wWeZjZsQjeu9AS7OYBmpy4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA1NloX DTI3MDMwMzA2MDU1NlowMzExMC8GA1UEAxMoQzE3N0UzRDVCQjRERTdDMDc4MEEw RTAzODdFNTM0QzRBQTcwRjQ0QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALdDecEfsrwL61ndkPBBEsMOqo7nY45UL72gmcUSKaBfqIiJRUdZ1meXYY/4 fa28WWo/wzOvg5PRTkPPfrnl/E6PY0N9mO9xp2RJeMyVfWJe0H73foTvLQKKM5kS 64Qn5f7iJ9DGjfnSQ+7ORy1GA8HKJvYMXjACeEhuMxKw3etR8JXndBfY8ChrUM+P TuLN7oPsP9GbzlaZb5AWmpvxLIlnklI340NFgSzpIsk2i4AEAeDSYRSRIzCO9aIO owcZXifOtnSzBdMQviCFk44pzmHLs3f7tcFvtCUOriRxQOsrPd5qt4flH/IZtuYY MXYeMFa5S0VLSy3zAxNckWrmXM0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTBd+PV u03nwHgKDgOH5TTEqnD0TDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzA3Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oaowDQYJKoZIhvcNAQELBQADggEBAFu7+dJGAf/8VhEKelVxVyaa+B62ealJl4VK zEOEDEF296THtv+ebpCpK2blVEz7u5OQsb6FWRcCw5irrT7p0IJHKQ/Cte7w562R crIJ3M64cqp+y/JwZZ9YHq4mOq9DBqGfoDCdqb4zvW2gNPplI9IOH9tJ97HPPWB0 r++O1Vh1uFrmuxrTbQJdZWKJbDgM5sIJxh7JxG8/izFu0yS604imr3RAcOCWauGE mBchvdqVZAwAz4lHEEGQsfTUtOLUmAib8UvGs5lz8UL2h8teV5KQ41pWJfiph/8v P/fwRtoM7wGFM2ZYleAMOKZsoE+0LCsON/Sn8p+mqI4wuapLwEM= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:33 2026 by rpki-client