$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143104.roa File: AS143104.roa (raw, json) Hash identifier: doWKM5jBvT5i+g6oi93EVr16ddDilsdXYokztrG5+yo= Subject key identifier: D0:2E:D8:59:EA:B6:BE:60:2E:E5:3B:68:B1:4C:DC:5F:55:0D:73:A2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 56245F54FE950F55B604B47D0AEF083927BA92F5 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143104.roa Signing time: Wed 04 Mar 2026 06:06:52 +0000 ROA not before: Wed 04 Mar 2026 06:01:52 +0000 ROA not after: Wed 03 Mar 2027 06:06:52 +0000 asID: 143104 IP address blocks: 240a:a1c6::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:24:5f:54:fe:95:0f:55:b6:04:b4:7d:0a:ef:08:39:27:ba:92:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:52 2026 GMT Not After : Mar 3 06:06:52 2027 GMT Subject: CN=D02ED859EAB6BE602EE53B68B14CDC5F550D73A2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:d1:db:00:2c:81:85:be:f8:44:8d:f6:8d:09: e8:50:45:48:ff:b5:ee:34:fa:89:c6:bd:f7:5b:5a: 83:a2:d7:f8:1f:37:e5:d8:7f:4e:18:15:66:ed:77: 55:4e:f9:c0:5c:1f:49:e9:38:d7:df:dd:d5:dc:42: a7:20:a7:38:6f:0c:3a:c4:e3:0c:3b:85:4f:04:46: 4b:84:87:62:0f:53:31:16:46:5b:c5:95:c2:3c:f3: 65:8f:a4:8b:38:c3:0b:e8:8a:a9:84:f0:48:8e:25: e7:06:52:e8:14:20:37:f0:17:b6:b1:a3:ce:30:b7: 6d:a8:d1:65:3d:55:2d:2a:2f:fe:b2:fb:89:55:94: fa:85:1c:a6:95:ab:5e:0a:0e:41:74:d6:1a:f3:ac: ae:53:02:2d:2e:3d:d3:8c:68:2d:3a:7c:29:8f:d3: 61:4f:df:2c:67:00:a1:5a:4a:11:07:02:da:07:46: 47:eb:b0:6d:d0:97:36:41:bc:1c:1e:00:80:37:f0: 0b:e6:05:c4:0d:09:9f:f7:cc:22:13:25:28:90:5d: 5d:f7:9f:f7:a8:a3:62:e8:29:ac:03:13:ae:0d:ba: de:83:65:92:f8:f0:6e:29:37:47:b2:3a:75:69:37: c9:8d:d8:1c:3d:95:f8:d7:8a:fd:9e:57:f7:c8:4d: a2:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:2E:D8:59:EA:B6:BE:60:2E:E5:3B:68:B1:4C:DC:5F:55:0D:73:A2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143104.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1c6::/32 Signature Algorithm: sha256WithRSAEncryption 71:c4:e7:d8:99:7a:64:24:68:a8:e0:af:48:4f:6f:76:4a:25: e2:10:cb:88:06:11:b1:a9:5c:ea:9b:3a:92:83:95:35:e3:bf: ea:76:ef:32:3c:9c:74:62:22:92:c2:31:63:50:28:5b:f0:fd: 1f:7b:12:7e:d7:ed:3e:a1:97:b3:38:e6:b9:19:92:4e:ee:9f: 59:67:8c:8a:15:1a:db:0f:f9:01:1b:1a:a4:0d:d0:45:63:e9: 94:6a:21:fa:9c:79:70:01:a5:ed:73:a7:81:00:90:1c:cc:51: ed:04:73:a8:16:69:1a:f7:8c:55:e4:8b:eb:1a:ba:e7:f6:46: a2:f7:20:eb:73:16:4d:ad:54:43:7d:83:46:bb:04:fc:03:47: 9d:89:47:0f:0d:21:e6:40:d7:63:47:10:62:4d:64:86:f7:e6: 83:4e:e7:d8:03:80:3d:1a:62:c7:a5:8a:68:5f:e8:8e:fc:40: 10:2c:a4:e1:84:27:27:95:87:c5:d0:08:ff:28:23:d9:2b:da: 2f:3d:16:4e:86:37:8b:3e:be:fd:df:9f:66:40:1b:1b:31:37: 48:92:ac:9e:33:46:a8:0f:84:97:26:67:56:b5:97:4f:a8:78: 46:98:5c:3b:ff:4a:50:bf:b4:6a:8c:9f:f6:34:d0:30:92:ca: 55:a1:78:73 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUViRfVP6VD1W2BLR9Cu8IOSe6kvUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE1MloX DTI3MDMwMzA2MDY1MlowMzExMC8GA1UEAxMoRDAyRUQ4NTlFQUI2QkU2MDJFRTUz QjY4QjE0Q0RDNUY1NTBENzNBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIXR2wAsgYW++ESN9o0J6FBFSP+17jT6ica991tag6LX+B835dh/ThgVZu13 VU75wFwfSek419/d1dxCpyCnOG8MOsTjDDuFTwRGS4SHYg9TMRZGW8WVwjzzZY+k izjDC+iKqYTwSI4l5wZS6BQgN/AXtrGjzjC3bajRZT1VLSov/rL7iVWU+oUcppWr XgoOQXTWGvOsrlMCLS4904xoLTp8KY/TYU/fLGcAoVpKEQcC2gdGR+uwbdCXNkG8 HB4AgDfwC+YFxA0Jn/fMIhMlKJBdXfef96ijYugprAMTrg263oNlkvjwbik3R7I6 dWk3yY3YHD2V+NeK/Z5X98hNorcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTQLthZ 6ra+YC7lO2ixTNxfVQ1zojAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzEwNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ocYwDQYJKoZIhvcNAQELBQADggEBAHHE59iZemQkaKjgr0hPb3ZKJeIQy4gGEbGp XOqbOpKDlTXjv+p27zI8nHRiIpLCMWNQKFvw/R97En7X7T6hl7M45rkZkk7un1ln jIoVGtsP+QEbGqQN0EVj6ZRqIfqceXABpe1zp4EAkBzMUe0Ec6gWaRr3jFXki+sa uuf2RqL3IOtzFk2tVEN9g0a7BPwDR52JRw8NIeZA12NHEGJNZIb35oNO59gDgD0a Yselimhf6I78QBAspOGEJyeVh8XQCP8oI9kr2i89Fk6GN4s+vv3fn2ZAGxsxN0iS rJ4zRqgPhJcmZ1a1l0+oeEaYXDv/SlC/tGqMn/Y00DCSylWheHM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:50:01 2026 by rpki-client