$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143112.roa File: AS143112.roa (raw, json) Hash identifier: aWXx0PLszJAdiabJsjQPeZ5NXAPw+KwW3yzs+5hI2TY= Subject key identifier: 58:8A:05:57:36:F2:5A:81:3C:0A:EB:A5:58:48:EA:C9:5B:7C:41:2B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 79CB2D46F763DD7A41BD3268DD20125E41FAC0A9 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143112.roa Signing time: Wed 04 Mar 2026 06:07:57 +0000 ROA not before: Wed 04 Mar 2026 06:02:57 +0000 ROA not after: Wed 03 Mar 2027 06:07:57 +0000 asID: 143112 IP address blocks: 240a:a1ce::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:cb:2d:46:f7:63:dd:7a:41:bd:32:68:dd:20:12:5e:41:fa:c0:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:57 2026 GMT Not After : Mar 3 06:07:57 2027 GMT Subject: CN=588A055736F25A813C0AEBA55848EAC95B7C412B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:75:cd:6c:b1:50:38:fa:08:ee:c4:7f:b6:8d: 06:cf:62:54:18:4a:71:96:c7:e0:fc:cf:42:b8:f5: fe:76:3c:cd:a9:06:32:a8:58:d8:d9:6c:63:5c:e2: 9c:72:7e:0d:dc:4c:6c:26:22:0d:f3:a3:2c:be:ac: 9c:0f:dd:f6:ab:97:51:16:09:ae:cd:80:25:a3:4a: 79:bd:ef:b3:76:d6:f9:75:dd:1b:9f:c6:46:0a:d7: 66:fd:ab:6c:ae:5b:3a:3e:38:5c:6c:03:81:e4:c5: d4:1b:28:cf:dd:17:b6:2b:3d:61:aa:d0:de:04:19: 42:6b:0c:cd:a3:0c:6b:ff:5a:1c:da:67:b6:ca:db: 03:42:8d:de:93:e1:58:80:d3:83:30:5b:e4:22:8d: e1:8b:83:b3:53:7f:0e:74:c9:0f:b3:cf:9b:0a:f6: a5:07:6f:5b:94:d0:37:82:b6:e7:f9:ff:d2:7e:c4: 35:fe:6b:e2:00:5b:fb:06:c1:6a:16:8f:ec:97:e0: 3d:71:34:11:ef:5e:a4:10:68:b7:71:37:7a:c3:48: 4d:43:b0:82:4e:75:31:28:54:fc:45:a9:15:2b:d6: fc:bf:66:6c:f4:d0:70:3f:2a:39:bf:22:be:a2:11: 33:ba:27:72:e4:05:8c:eb:9c:0c:99:11:8d:7b:ec: 58:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:8A:05:57:36:F2:5A:81:3C:0A:EB:A5:58:48:EA:C9:5B:7C:41:2B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143112.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1ce::/32 Signature Algorithm: sha256WithRSAEncryption c5:a7:73:24:6e:55:c9:80:46:2d:d6:4f:a1:4d:1c:61:23:ce: ca:09:8e:01:b3:27:8e:7f:0f:d8:13:a8:3f:ab:1d:71:84:7a: cf:01:bf:98:2e:dd:18:8c:db:22:d8:3d:d3:4c:da:39:84:db: e9:54:6b:9c:78:ac:51:e4:8a:76:f5:12:7d:99:6d:86:82:a1: c2:26:a5:4c:07:9a:40:91:87:dd:fd:21:96:a1:85:61:fb:3d: c8:7f:68:5c:00:45:6a:2e:e3:dd:59:bb:1a:64:c5:f2:8c:3e: 20:ff:82:8f:93:7c:ba:b7:a9:7c:7a:9f:e4:38:a5:c2:b0:27: f1:36:2f:16:d1:6e:8f:7b:d7:ef:95:fb:33:e5:74:45:6b:8f: 45:ce:35:25:75:82:d4:26:a9:de:53:a8:dc:fe:3f:c7:15:03: 99:a0:72:ab:70:20:d8:b9:fd:49:d1:47:e3:9f:fe:f5:14:88: df:22:c6:80:16:b3:47:1c:a2:55:a3:5d:de:c8:3e:59:e8:7a: 07:7c:ed:33:06:4c:f1:c3:e6:5b:59:b8:6d:8a:21:46:6a:bc: 05:ad:1c:e7:07:b5:93:57:6a:31:66:9c:77:0e:d0:4d:60:4d: 2b:0f:32:5b:0e:e8:06:f6:fd:44:77:8e:90:bb:63:27:57:5f: 38:f2:51:b8 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUecstRvdj3XpBvTJo3SASXkH6wKkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI1N1oX DTI3MDMwMzA2MDc1N1owMzExMC8GA1UEAxMoNTg4QTA1NTczNkYyNUE4MTNDMEFF QkE1NTg0OEVBQzk1QjdDNDEyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANl1zWyxUDj6CO7Ef7aNBs9iVBhKcZbH4PzPQrj1/nY8zakGMqhY2NlsY1zi nHJ+DdxMbCYiDfOjLL6snA/d9quXURYJrs2AJaNKeb3vs3bW+XXdG5/GRgrXZv2r bK5bOj44XGwDgeTF1Bsoz90Xtis9YarQ3gQZQmsMzaMMa/9aHNpntsrbA0KN3pPh WIDTgzBb5CKN4YuDs1N/DnTJD7PPmwr2pQdvW5TQN4K25/n/0n7ENf5r4gBb+wbB ahaP7JfgPXE0Ee9epBBot3E3esNITUOwgk51MShU/EWpFSvW/L9mbPTQcD8qOb8i vqIRM7oncuQFjOucDJkRjXvsWHsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRYigVX NvJagTwK66VYSOrJW3xBKzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzExMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oc4wDQYJKoZIhvcNAQELBQADggEBAMWncyRuVcmARi3WT6FNHGEjzsoJjgGzJ45/ D9gTqD+rHXGEes8Bv5gu3RiM2yLYPdNM2jmE2+lUa5x4rFHkinb1En2ZbYaCocIm pUwHmkCRh939IZahhWH7Pch/aFwARWou491ZuxpkxfKMPiD/go+TfLq3qXx6n+Q4 pcKwJ/E2LxbRbo971++V+zPldEVrj0XONSV1gtQmqd5TqNz+P8cVA5mgcqtwINi5 /UnRR+Of/vUUiN8ixoAWs0ccolWjXd7IPlnoegd87TMGTPHD5ltZuG2KIUZqvAWt HOcHtZNXajFmnHcO0E1gTSsPMlsO6Ab2/UR3jpC7YydXXzjyUbg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:10 2026 by rpki-client