$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143096.roa File: AS143096.roa (raw, json) Hash identifier: Lgru8h54fEMNt5qx9//qnGPKAZ+r9bwrqXxr0IIslb4= Subject key identifier: 09:B4:45:3F:A6:D6:3A:2E:96:3B:AA:1A:B5:6C:B2:E9:77:C6:0F:22 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1A5E18677C832184ED199BFBD8A09570CF037BBF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143096.roa Signing time: Wed 04 Mar 2026 06:05:40 +0000 ROA not before: Wed 04 Mar 2026 06:00:40 +0000 ROA not after: Wed 03 Mar 2027 06:05:40 +0000 asID: 143096 IP address blocks: 240a:a1be::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:5e:18:67:7c:83:21:84:ed:19:9b:fb:d8:a0:95:70:cf:03:7b:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:40 2026 GMT Not After : Mar 3 06:05:40 2027 GMT Subject: CN=09B4453FA6D63A2E963BAA1AB56CB2E977C60F22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:fe:a4:94:3b:71:af:32:04:e4:f4:76:42:a2: ec:46:fd:d3:b4:0c:85:0f:e9:72:61:30:9b:81:10: 19:89:24:fb:38:05:79:b8:13:37:41:26:83:4f:02: f4:d8:4f:0a:b3:f4:b5:f0:c0:25:56:52:14:99:3e: 73:ea:87:a7:b4:14:69:c6:f2:88:a5:95:14:e5:9b: b5:e6:06:fd:78:1b:c1:ea:66:c2:cb:37:eb:ec:76: 93:2d:bc:1c:94:91:b5:15:88:f8:f5:63:0d:c2:15: 59:80:33:c6:23:04:a7:96:98:e0:1e:40:12:ab:50: 82:8a:c4:81:e2:3a:65:9c:64:04:9d:02:5f:fd:d4: ce:ae:f7:ff:54:61:5b:d3:fa:cc:8a:77:e8:e1:9c: 49:be:7b:50:87:22:7e:f7:38:f8:f6:25:d0:6e:44: ae:93:10:b8:0f:1e:dc:3d:58:e3:ec:72:b3:0e:86: c9:1c:cd:d0:c2:9b:16:64:4f:fc:e2:49:fa:2a:74: 9c:e0:db:4f:4f:2c:0a:bf:64:fa:aa:1c:0f:1e:f4: d5:46:31:71:7c:21:f9:6d:9d:28:10:b9:37:d0:6f: 93:e6:fb:12:9e:a7:ed:65:43:de:da:20:15:ee:98: 51:30:77:cd:4a:10:d7:ec:44:c1:e3:b3:05:8f:fb: 34:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:B4:45:3F:A6:D6:3A:2E:96:3B:AA:1A:B5:6C:B2:E9:77:C6:0F:22 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143096.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1be::/32 Signature Algorithm: sha256WithRSAEncryption 9d:84:8f:b8:29:df:ce:10:d1:56:24:dc:95:54:2f:02:1d:0e: bc:97:ba:e8:d2:23:e3:b4:e0:39:50:71:61:c6:85:e0:60:4c: eb:42:c7:b8:61:93:54:43:57:2d:36:90:7a:80:11:29:76:10: 17:a1:ac:f4:1a:f4:17:84:07:56:43:88:f0:93:db:8a:70:98: 8e:13:04:b3:ae:a6:76:71:ba:a2:4a:d1:96:2a:ba:79:2f:2d: 88:5b:80:53:fc:d6:31:0a:32:33:01:67:67:0b:b8:34:4d:bd: 57:69:cc:69:a8:3c:e4:59:e2:b2:7c:d5:c9:43:1e:8c:a3:fc: f1:c6:6c:fa:3a:18:34:68:85:3d:20:ee:a5:93:27:a1:39:b5: ca:25:e2:ae:30:b2:55:7b:03:81:d5:0a:ea:ce:d4:7d:6d:e8: a8:e9:a3:bf:23:af:92:8c:ce:f1:f2:1b:9a:f0:f9:46:d2:76: 94:0b:3f:a7:02:c1:a0:64:b3:1f:a0:7a:90:e7:30:33:7e:1e: 7f:3d:63:0b:d3:e5:bf:ef:e3:7b:f1:71:b4:0f:7b:ed:d1:c0: 1d:bc:b4:0e:71:ae:25:2f:da:d9:da:67:90:5b:cf:72:c1:8d: 13:cc:ac:54:1e:d9:bc:51:4d:41:0c:ae:e1:bf:49:2f:51:9e: 9e:f6:1b:e7 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUGl4YZ3yDIYTtGZv72KCVcM8De78wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA0MFoX DTI3MDMwMzA2MDU0MFowMzExMC8GA1UEAxMoMDlCNDQ1M0ZBNkQ2M0EyRTk2M0JB QTFBQjU2Q0IyRTk3N0M2MEYyMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALn+pJQ7ca8yBOT0dkKi7Eb907QMhQ/pcmEwm4EQGYkk+zgFebgTN0Emg08C 9NhPCrP0tfDAJVZSFJk+c+qHp7QUacbyiKWVFOWbteYG/Xgbwepmwss36+x2ky28 HJSRtRWI+PVjDcIVWYAzxiMEp5aY4B5AEqtQgorEgeI6ZZxkBJ0CX/3Uzq73/1Rh W9P6zIp36OGcSb57UIcifvc4+PYl0G5ErpMQuA8e3D1Y4+xysw6GyRzN0MKbFmRP /OJJ+ip0nODbT08sCr9k+qocDx701UYxcXwh+W2dKBC5N9Bvk+b7Ep6n7WVD3tog Fe6YUTB3zUoQ1+xEweOzBY/7NBECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQJtEU/ ptY6LpY7qhq1bLLpd8YPIjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzA5Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ob4wDQYJKoZIhvcNAQELBQADggEBAJ2Ej7gp384Q0VYk3JVULwIdDryXuujSI+O0 4DlQcWHGheBgTOtCx7hhk1RDVy02kHqAESl2EBehrPQa9BeEB1ZDiPCT24pwmI4T BLOupnZxuqJK0ZYqunkvLYhbgFP81jEKMjMBZ2cLuDRNvVdpzGmoPORZ4rJ81clD Hoyj/PHGbPo6GDRohT0g7qWTJ6E5tcol4q4wslV7A4HVCurO1H1t6Kjpo78jr5KM zvHyG5rw+UbSdpQLP6cCwaBksx+gepDnMDN+Hn89YwvT5b/v43vxcbQPe+3RwB28 tA5xriUv2tnaZ5Bbz3LBjRPMrFQe2bxRTUEMruG/SS9Rnp72G+c= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:03 2026 by rpki-client