$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143085.roa File: AS143085.roa (raw, json) Hash identifier: oehcZi0xNtVx8VhucgJHFkIqoLEAwiFYqc0PdnD9wN0= Subject key identifier: 4C:45:CD:84:5B:33:E2:76:16:97:1D:D6:ED:B0:39:37:E3:C9:4D:28 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4D6B063F5C053173AB91999DF912E881C86062E4 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143085.roa Signing time: Wed 04 Mar 2026 06:07:38 +0000 ROA not before: Wed 04 Mar 2026 06:02:38 +0000 ROA not after: Wed 03 Mar 2027 06:07:38 +0000 asID: 143085 IP address blocks: 240a:a1b3::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:6b:06:3f:5c:05:31:73:ab:91:99:9d:f9:12:e8:81:c8:60:62:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:38 2026 GMT Not After : Mar 3 06:07:38 2027 GMT Subject: CN=4C45CD845B33E27616971DD6EDB03937E3C94D28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:54:a7:8e:84:94:f3:76:14:62:c8:33:1c:b1: 5c:60:b2:ce:c5:c9:85:95:9d:d7:8d:bd:c1:2e:b6: 3a:13:c7:8d:ff:7c:1a:97:6d:13:32:18:6f:78:84: 16:eb:72:b9:8f:cd:f8:4e:9b:3f:5d:56:9b:23:d3: 7e:b2:dd:4d:83:df:da:3c:0d:31:09:91:f2:70:02: 70:bd:f8:f5:19:38:d8:04:fa:0f:72:e7:df:79:eb: 6c:aa:3d:6a:9b:ec:2b:ae:ae:d6:1e:88:5c:64:c1: 43:fd:fc:88:c7:08:ea:e0:7c:73:5a:52:7d:b5:a3: 47:5c:5c:63:22:b3:93:cf:0f:65:62:9d:4e:d2:51: 9d:b0:b5:8b:d7:e2:df:3a:4b:a1:53:86:5c:94:cd: 1e:b1:05:58:1d:01:e3:c2:20:79:ba:64:3a:a5:b5: cf:bb:60:58:bd:f7:f0:0b:0d:7b:3b:bd:b1:7a:52: 6e:70:fe:5f:73:1d:0f:e8:5c:de:9a:0a:6e:0a:a5: 94:60:61:fb:15:19:99:79:6d:ea:44:f8:6d:fa:3e: ca:a1:f9:42:e6:fe:33:f1:e6:7b:d5:0f:82:2c:61: dc:b4:41:0c:e9:8b:25:c5:f3:6c:a0:2b:29:01:7e: de:1c:cb:05:6f:a0:ab:d7:ea:42:45:65:7e:1e:1b: 35:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:45:CD:84:5B:33:E2:76:16:97:1D:D6:ED:B0:39:37:E3:C9:4D:28 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143085.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1b3::/32 Signature Algorithm: sha256WithRSAEncryption 91:7e:52:51:22:e2:26:be:ec:e7:b1:ad:3a:25:cf:27:eb:88: 2c:56:28:c3:7f:83:dd:04:5e:ab:ca:2b:03:fb:9f:2b:bb:56: 5a:a8:5b:bf:62:d8:06:ea:0a:a6:85:ef:a7:5e:dd:db:b5:24: 9d:1f:8a:16:1c:3c:64:7e:bd:f6:64:32:b7:4d:51:9d:9a:2f: 2e:e3:87:fd:d3:ca:a1:84:c9:a2:ac:79:e3:cb:25:51:e4:ca: 7f:47:77:fe:91:cb:a3:71:5d:84:0b:17:27:7f:2f:09:e7:4a: 4a:7b:1d:7b:60:b0:49:82:6e:05:9a:44:d6:c8:0a:39:61:c5: 9a:c8:14:8d:c0:f4:32:c1:d4:22:5f:7d:98:25:8a:80:77:b4: d7:4c:f4:8f:9b:4e:bc:c0:6d:80:c2:0d:e5:05:a4:ca:64:1a: b4:d4:b6:15:dc:6a:f7:05:3b:65:c6:b3:ad:bb:80:51:ce:65: 00:b8:02:eb:81:73:ae:c2:ba:96:f7:50:02:a4:56:17:9c:48: ad:98:4f:82:8d:76:2e:4d:23:27:d6:f8:9c:bb:34:87:dd:24: ea:ae:80:c9:be:dd:ae:54:33:5c:70:b0:0f:39:60:ce:4b:d7: dd:9e:c3:3a:7b:9c:e1:2f:9c:20:d2:b1:e2:77:ec:21:01:a3: a6:51:74:6c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTWsGP1wFMXOrkZmd+RLogchgYuQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIzOFoX DTI3MDMwMzA2MDczOFowMzExMC8GA1UEAxMoNEM0NUNEODQ1QjMzRTI3NjE2OTcx REQ2RURCMDM5MzdFM0M5NEQyODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALZUp46ElPN2FGLIMxyxXGCyzsXJhZWd1429wS62OhPHjf98GpdtEzIYb3iE FutyuY/N+E6bP11WmyPTfrLdTYPf2jwNMQmR8nACcL349Rk42AT6D3Ln33nrbKo9 apvsK66u1h6IXGTBQ/38iMcI6uB8c1pSfbWjR1xcYyKzk88PZWKdTtJRnbC1i9fi 3zpLoVOGXJTNHrEFWB0B48IgebpkOqW1z7tgWL338AsNezu9sXpSbnD+X3MdD+hc 3poKbgqllGBh+xUZmXlt6kT4bfo+yqH5Qub+M/Hme9UPgixh3LRBDOmLJcXzbKAr KQF+3hzLBW+gq9fqQkVlfh4bNQsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRMRc2E WzPidhaXHdbtsDk348lNKDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzA4NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK obMwDQYJKoZIhvcNAQELBQADggEBAJF+UlEi4ia+7OexrTolzyfriCxWKMN/g90E XqvKKwP7nyu7VlqoW79i2AbqCqaF76de3du1JJ0fihYcPGR+vfZkMrdNUZ2aLy7j h/3TyqGEyaKseePLJVHkyn9Hd/6Ry6NxXYQLFyd/LwnnSkp7HXtgsEmCbgWaRNbI CjlhxZrIFI3A9DLB1CJffZglioB3tNdM9I+bTrzAbYDCDeUFpMpkGrTUthXcavcF O2XGs627gFHOZQC4AuuBc67Cupb3UAKkVhecSK2YT4KNdi5NIyfW+Jy7NIfdJOqu gMm+3a5UM1xwsA85YM5L192ewzp7nOEvnCDSseJ37CEBo6ZRdGw= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:06 2026 by rpki-client