$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143097.roa File: AS143097.roa (raw, json) Hash identifier: hTtaUw1N/I6oKgDD1ph/rxZ1GkB6JSYeOm8TrVXFfA8= Subject key identifier: CD:10:64:D7:27:59:1E:7A:E8:48:3E:BD:67:8E:F3:A8:3D:F3:6F:1B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7AF83D197D8E6768088A937C40A987F9B5A85E7E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143097.roa Signing time: Wed 04 Mar 2026 06:06:42 +0000 ROA not before: Wed 04 Mar 2026 06:01:42 +0000 ROA not after: Wed 03 Mar 2027 06:06:42 +0000 asID: 143097 IP address blocks: 240a:a1bf::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:f8:3d:19:7d:8e:67:68:08:8a:93:7c:40:a9:87:f9:b5:a8:5e:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:42 2026 GMT Not After : Mar 3 06:06:42 2027 GMT Subject: CN=CD1064D727591E7AE8483EBD678EF3A83DF36F1B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:6d:41:1f:5d:9c:50:d7:45:e1:18:6c:ec:09: 77:06:cf:27:6c:b4:f7:b3:3d:43:f9:c0:3b:16:92: 92:c7:a0:6f:0c:09:b2:84:c3:2f:b4:dc:c2:02:b0: e7:59:1a:23:3b:6d:36:50:19:4f:a4:2b:6d:bd:25: bf:a5:64:40:9c:14:5c:ce:a2:a1:eb:13:71:1d:75: 5b:f5:e7:c2:9a:1a:ad:a4:6d:e4:4b:25:65:b8:26: 52:15:73:13:b8:a8:2c:39:b4:0d:96:28:e9:15:e1: 4a:d5:96:99:15:f9:ef:f4:87:bb:da:95:22:56:4e: 4a:31:5c:69:24:2d:0d:2c:7c:20:51:47:14:60:13: 14:34:06:7b:05:b9:6f:a1:14:0e:59:13:52:9d:4f: a7:d9:b7:69:ae:df:bb:25:4e:0b:00:4e:97:b1:5e: 30:f8:ec:08:eb:c9:6d:03:eb:71:c2:d3:25:a8:f7: 54:44:ca:f4:be:17:40:0e:94:d7:f1:04:88:40:38: bb:60:1f:98:0b:ea:13:83:18:fe:91:4d:64:cb:04: f5:0a:62:e1:90:47:12:08:f0:99:15:8d:0e:cc:f0: 9e:ba:78:b8:12:96:20:ad:e2:fd:aa:7b:fb:7f:0c: da:25:14:5d:93:5f:53:b7:77:8a:9c:98:50:13:fb: bc:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:10:64:D7:27:59:1E:7A:E8:48:3E:BD:67:8E:F3:A8:3D:F3:6F:1B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143097.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1bf::/32 Signature Algorithm: sha256WithRSAEncryption d3:8b:56:cb:64:83:d7:22:4b:f2:5f:48:b6:3d:46:63:09:0d: c3:a4:6e:02:81:61:6a:da:31:88:fb:0a:a1:d6:c6:a4:43:9a: 48:6f:4a:a4:a4:c9:ec:ce:16:6c:7e:1c:70:41:cf:c3:28:83: ef:01:a8:c1:f1:3d:0a:c2:c6:39:37:41:be:29:5f:f7:97:3f: a4:02:9c:a1:e1:57:eb:87:6a:7e:fe:b9:64:22:eb:15:3d:dd: 80:71:47:b0:70:cb:d0:9d:55:78:fd:b6:8d:3b:80:b9:f4:5d: ea:14:e0:c0:e9:26:38:2f:36:9d:53:1c:a3:5f:83:2a:21:a6: e3:09:d3:19:86:dd:cc:85:69:be:c4:ce:ec:ef:dd:55:95:1c: 2e:fb:fc:ea:92:22:74:21:26:4c:57:4a:1e:be:30:30:1c:22: f8:1c:30:d1:fd:90:ce:30:a7:27:17:ca:0d:2f:47:9d:ed:1f: a0:a8:c9:85:69:d1:b7:f4:a9:44:24:7d:1b:c8:4b:31:3e:3e: e4:ed:48:b5:a4:76:15:b1:54:d7:cc:4a:2c:e1:17:5e:7d:6c: 79:6c:0e:65:2f:cf:3a:66:de:79:13:1e:0f:44:a2:2d:e0:41: 1d:69:4d:d1:42:5c:33:eb:cc:36:2c:a0:96:2b:13:b2:8e:bf: a4:bd:f2:a6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUevg9GX2OZ2gIipN8QKmH+bWoXn4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE0MloX DTI3MDMwMzA2MDY0MlowMzExMC8GA1UEAxMoQ0QxMDY0RDcyNzU5MUU3QUU4NDgz RUJENjc4RUYzQTgzREYzNkYxQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANhtQR9dnFDXReEYbOwJdwbPJ2y097M9Q/nAOxaSksegbwwJsoTDL7TcwgKw 51kaIzttNlAZT6Qrbb0lv6VkQJwUXM6ioesTcR11W/XnwpoaraRt5EslZbgmUhVz E7ioLDm0DZYo6RXhStWWmRX57/SHu9qVIlZOSjFcaSQtDSx8IFFHFGATFDQGewW5 b6EUDlkTUp1Pp9m3aa7fuyVOCwBOl7FeMPjsCOvJbQPrccLTJaj3VETK9L4XQA6U 1/EEiEA4u2AfmAvqE4MY/pFNZMsE9Qpi4ZBHEgjwmRWNDszwnrp4uBKWIK3i/ap7 +38M2iUUXZNfU7d3ipyYUBP7vOECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTNEGTX J1keeuhIPr1njvOoPfNvGzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzA5Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ob8wDQYJKoZIhvcNAQELBQADggEBANOLVstkg9ciS/JfSLY9RmMJDcOkbgKBYWra MYj7CqHWxqRDmkhvSqSkyezOFmx+HHBBz8Mog+8BqMHxPQrCxjk3Qb4pX/eXP6QC nKHhV+uHan7+uWQi6xU93YBxR7Bwy9CdVXj9to07gLn0XeoU4MDpJjgvNp1THKNf gyohpuMJ0xmG3cyFab7Ezuzv3VWVHC77/OqSInQhJkxXSh6+MDAcIvgcMNH9kM4w pycXyg0vR53tH6CoyYVp0bf0qUQkfRvISzE+PuTtSLWkdhWxVNfMSizhF159bHls DmUvzzpm3nkTHg9Eoi3gQR1pTdFCXDPrzDYsoJYrE7KOv6S98qY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:11 2026 by rpki-client