$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143101.roa File: AS143101.roa (raw, json) Hash identifier: Ig3q9OEg87vkvYUWtW1uV8Bm9n7V8V6xbTk8f4E31HU= Subject key identifier: F3:BD:EE:38:53:89:11:F1:45:34:55:6D:F6:28:96:D4:AA:6E:AB:AE Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 342B72EE590F36CABD4376A5982C0587C85CA5D6 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143101.roa Signing time: Wed 04 Mar 2026 06:07:34 +0000 ROA not before: Wed 04 Mar 2026 06:02:34 +0000 ROA not after: Wed 03 Mar 2027 06:07:34 +0000 asID: 143101 IP address blocks: 240a:a1c3::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:2b:72:ee:59:0f:36:ca:bd:43:76:a5:98:2c:05:87:c8:5c:a5:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:34 2026 GMT Not After : Mar 3 06:07:34 2027 GMT Subject: CN=F3BDEE38538911F14534556DF62896D4AA6EABAE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:f1:80:fe:77:30:cb:6a:57:3d:e5:ba:55:01: f2:13:42:cf:51:16:d7:e9:dc:5e:60:24:9c:7b:4f: 93:7e:32:b5:2f:57:b7:20:a2:0a:80:1c:29:37:ed: e5:f9:28:e7:cf:36:3f:81:22:4e:97:85:b4:5c:dd: ee:64:17:db:07:ac:00:90:8d:71:0f:a8:d2:e9:18: 7b:61:a0:d5:5f:b7:c7:cd:e1:aa:b2:99:8e:06:d7: 56:c8:fd:53:55:8e:ba:82:41:53:00:95:c6:9b:c5: 66:93:41:9a:f5:a4:06:37:9c:c2:8f:bc:82:be:dc: f1:7b:30:d7:e0:6c:d7:fe:2f:9a:72:fb:98:6c:43: db:c6:4d:d3:e4:df:50:9c:96:ce:5e:c0:80:07:34: 46:86:65:1e:3d:de:b2:81:b1:27:61:5a:c3:b7:e9: b0:00:58:fc:63:b0:20:6b:43:13:b3:f5:15:bd:6f: 59:6f:5a:fe:44:a0:57:89:75:81:2a:aa:c6:2e:f0: a0:3b:91:fd:86:65:6e:e6:1f:a8:9a:ce:bc:3a:71: 6e:95:80:5a:a5:cd:77:9f:27:c5:7a:83:5b:47:37: 50:4b:66:b8:f6:f8:ea:85:7c:37:cf:d5:2e:ad:8e: c2:91:45:f5:3b:52:1a:4e:cc:d2:93:60:e6:54:b7: 38:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:BD:EE:38:53:89:11:F1:45:34:55:6D:F6:28:96:D4:AA:6E:AB:AE X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143101.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1c3::/32 Signature Algorithm: sha256WithRSAEncryption 89:bc:46:0b:89:82:85:5d:52:d2:0f:67:42:85:16:70:71:3e: 8b:63:c3:b6:ed:55:5c:11:ca:d8:d6:95:40:8c:40:5c:ef:a2: 2d:ff:72:b8:38:35:bf:5c:a8:ee:a7:fc:f3:a9:22:d6:69:80: bc:f7:47:71:e9:82:03:3b:f0:07:1c:0b:b6:b8:05:9c:df:1a: 1d:9a:06:4d:ae:e9:b1:6d:bc:05:a8:8f:b8:64:6b:ee:a0:73: ac:9a:c6:b2:df:94:f2:c9:de:a3:8b:68:f6:8c:c1:cf:5a:e9: fa:f4:d2:78:a7:85:58:59:01:6c:52:c4:68:43:9c:57:f2:c4: 77:07:d3:49:80:8c:48:04:24:fd:86:c6:1c:61:34:7d:d5:63: 6e:ab:e8:89:23:7a:9e:48:de:94:45:de:6b:6c:9b:f0:c7:c5: 32:db:f4:b2:85:7a:ff:82:b2:6a:c3:06:13:ea:d3:ad:fb:27: fd:c2:e0:2e:4c:c5:49:52:ee:4e:f7:d6:3b:f4:b2:a6:5a:dd: 73:50:05:45:5c:61:1d:1a:42:94:1b:b0:61:b9:b2:a4:2f:99: 8f:5a:44:80:30:18:27:e1:26:6e:18:e7:bd:f5:7e:7c:76:e6: c6:08:70:d3:48:8a:07:7e:4c:04:0d:43:e1:5b:8d:ea:3c:ae: c2:73:d7:1f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNCty7lkPNsq9Q3almCwFh8hcpdYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIzNFoX DTI3MDMwMzA2MDczNFowMzExMC8GA1UEAxMoRjNCREVFMzg1Mzg5MTFGMTQ1MzQ1 NTZERjYyODk2RDRBQTZFQUJBRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN/xgP53MMtqVz3lulUB8hNCz1EW1+ncXmAknHtPk34ytS9XtyCiCoAcKTft 5fko5882P4EiTpeFtFzd7mQX2wesAJCNcQ+o0ukYe2Gg1V+3x83hqrKZjgbXVsj9 U1WOuoJBUwCVxpvFZpNBmvWkBjecwo+8gr7c8Xsw1+Bs1/4vmnL7mGxD28ZN0+Tf UJyWzl7AgAc0RoZlHj3esoGxJ2Faw7fpsABY/GOwIGtDE7P1Fb1vWW9a/kSgV4l1 gSqqxi7woDuR/YZlbuYfqJrOvDpxbpWAWqXNd58nxXqDW0c3UEtmuPb46oV8N8/V Lq2OwpFF9TtSGk7M0pNg5lS3OEUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTzve44 U4kR8UU0VW32KJbUqm6rrjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzEwMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ocMwDQYJKoZIhvcNAQELBQADggEBAIm8RguJgoVdUtIPZ0KFFnBxPotjw7btVVwR ytjWlUCMQFzvoi3/crg4Nb9cqO6n/POpItZpgLz3R3HpggM78AccC7a4BZzfGh2a Bk2u6bFtvAWoj7hka+6gc6yaxrLflPLJ3qOLaPaMwc9a6fr00ninhVhZAWxSxGhD nFfyxHcH00mAjEgEJP2GxhxhNH3VY26r6Ikjep5I3pRF3mtsm/DHxTLb9LKFev+C smrDBhPq0637J/3C4C5MxUlS7k731jv0sqZa3XNQBUVcYR0aQpQbsGG5sqQvmY9a RIAwGCfhJm4Y5731fnx25sYIcNNIigd+TAQNQ+Fbjeo8rsJz1x8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:07 2026 by rpki-client