$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143109.roa File: AS143109.roa (raw, json) Hash identifier: exZaAkYR+jT7vCVaGqzuI58dn+AD8UWfRB85UHt9mOQ= Subject key identifier: 1A:4A:1A:BC:D6:4E:78:9D:3C:5C:6F:F7:F6:55:B0:36:46:19:38:7E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2AAAE6AFED0E5EC9204D2AAA5FB80AF849D6692F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143109.roa Signing time: Wed 04 Mar 2026 06:05:24 +0000 ROA not before: Wed 04 Mar 2026 06:00:24 +0000 ROA not after: Wed 03 Mar 2027 06:05:24 +0000 asID: 143109 IP address blocks: 240a:a1cb::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:aa:e6:af:ed:0e:5e:c9:20:4d:2a:aa:5f:b8:0a:f8:49:d6:69:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:24 2026 GMT Not After : Mar 3 06:05:24 2027 GMT Subject: CN=1A4A1ABCD64E789D3C5C6FF7F655B0364619387E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:5c:1a:16:e1:50:5a:a4:a8:91:ca:1f:e1:80: ca:e0:5f:1b:c6:2f:20:46:77:fc:17:95:c0:de:1a: c7:09:3a:a9:76:2b:19:4a:8a:d6:44:6c:d8:fb:de: 98:8c:a1:99:ab:6a:60:2e:01:9a:0c:56:fd:8b:c2: 2e:b1:3d:aa:5b:49:3c:26:26:9d:a0:bb:c8:73:83: 16:37:ef:ba:7c:c8:d7:6e:97:91:9b:89:30:fb:4b: 63:f2:6e:63:fc:eb:bd:42:f3:76:ad:df:69:4c:0f: 81:79:f6:f6:9f:1e:f2:b7:74:77:9c:7f:df:84:b5: 15:e2:c1:06:b8:b6:b9:2b:9b:69:b1:e4:2f:d0:7b: 56:67:63:b8:a3:9c:5c:9f:0b:26:d8:66:ab:f9:f4: f5:28:1e:43:fe:82:56:3a:2a:40:0e:1b:59:32:f5: 23:6d:ae:86:1a:d8:15:cd:a3:4e:2c:ab:6d:c6:f8: 9f:0e:91:57:f1:ae:fd:06:86:be:89:07:4b:cf:5c: f1:62:38:24:cb:55:28:7b:33:6c:61:20:97:0e:a8: fa:e8:cd:5b:68:22:dc:2f:b8:29:4d:35:ff:b1:a0: 1f:ce:aa:be:8a:28:39:73:21:69:24:b0:0b:3f:7a: b1:d4:4f:1b:1b:ba:36:7d:9e:6f:f3:0b:a0:95:d1: 82:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:4A:1A:BC:D6:4E:78:9D:3C:5C:6F:F7:F6:55:B0:36:46:19:38:7E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143109.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1cb::/32 Signature Algorithm: sha256WithRSAEncryption c2:16:72:eb:24:71:c7:c7:40:dc:5e:ac:36:e7:74:ab:6a:f2: 29:dc:fc:d5:05:8d:0d:06:41:82:0c:01:d8:d3:e8:fa:02:27: 33:d6:85:43:77:86:b2:07:ba:6e:30:3b:86:63:b0:0e:56:ba: 51:90:bb:62:25:14:43:56:7f:d6:f0:d2:e7:f9:db:27:f3:8f: 48:7b:6d:af:ec:66:34:9b:84:ba:43:a0:03:e2:c4:a2:d9:59: b9:97:96:a4:3c:58:c1:09:b3:4c:f5:ca:d5:9c:19:14:f1:19: a7:9d:f3:48:ec:8c:27:d3:10:a7:9c:91:02:8b:a1:67:0a:cd: 3f:da:c0:75:4e:3f:35:c2:ba:20:ee:13:bc:0f:46:2c:36:29: 59:f3:51:80:de:71:ff:7a:0a:07:92:48:4e:2b:3d:68:b2:ea: de:4a:11:c8:19:56:30:a3:e8:03:f2:11:a2:f5:5d:2c:16:ca: 80:9b:eb:41:da:97:7e:11:fc:5b:8a:8c:8e:70:88:3c:31:42: 22:ea:7a:b8:26:1f:15:55:89:c0:b9:7e:35:cc:52:da:f2:a8: 2c:31:c3:af:49:21:ef:1c:35:17:dd:03:5b:59:f5:4c:62:15: ec:1c:4d:6f:15:95:68:af:4d:88:e5:ff:84:05:66:8d:0e:c3: 7a:8b:ea:96 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKqrmr+0OXskgTSqqX7gK+EnWaS8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAyNFoX DTI3MDMwMzA2MDUyNFowMzExMC8GA1UEAxMoMUE0QTFBQkNENjRFNzg5RDNDNUM2 RkY3RjY1NUIwMzY0NjE5Mzg3RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALxcGhbhUFqkqJHKH+GAyuBfG8YvIEZ3/BeVwN4axwk6qXYrGUqK1kRs2Pve mIyhmatqYC4BmgxW/YvCLrE9qltJPCYmnaC7yHODFjfvunzI126XkZuJMPtLY/Ju Y/zrvULzdq3faUwPgXn29p8e8rd0d5x/34S1FeLBBri2uSubabHkL9B7VmdjuKOc XJ8LJthmq/n09SgeQ/6CVjoqQA4bWTL1I22uhhrYFc2jTiyrbcb4nw6RV/Gu/QaG vokHS89c8WI4JMtVKHszbGEglw6o+ujNW2gi3C+4KU01/7GgH86qvoooOXMhaSSw Cz96sdRPGxu6Nn2eb/MLoJXRghUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQaShq8 1k54nTxcb/f2VbA2Rhk4fjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzEwOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ocswDQYJKoZIhvcNAQELBQADggEBAMIWcuskccfHQNxerDbndKtq8inc/NUFjQ0G QYIMAdjT6PoCJzPWhUN3hrIHum4wO4ZjsA5WulGQu2IlFENWf9bw0uf52yfzj0h7 ba/sZjSbhLpDoAPixKLZWbmXlqQ8WMEJs0z1ytWcGRTxGaed80jsjCfTEKeckQKL oWcKzT/awHVOPzXCuiDuE7wPRiw2KVnzUYDecf96CgeSSE4rPWiy6t5KEcgZVjCj 6APyEaL1XSwWyoCb60Hal34R/FuKjI5wiDwxQiLqergmHxVVicC5fjXMUtryqCwx w69JIe8cNRfdA1tZ9UxiFewcTW8VlWivTYjl/4QFZo0Ow3qL6pY= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:44 2026 by rpki-client