$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143113.roa File: AS143113.roa (raw, json) Hash identifier: r6PKyCAp1qlbirXe5QWw1L6kqBAdfOyxoTgGZAno8Tw= Subject key identifier: 4D:AA:20:8D:D1:46:4F:DE:DF:A7:46:30:A4:F6:2D:B5:7F:5C:F1:1C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2A612B23989423AAA87CA76D4563108B29640541 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143113.roa Signing time: Wed 04 Mar 2026 06:06:52 +0000 ROA not before: Wed 04 Mar 2026 06:01:52 +0000 ROA not after: Wed 03 Mar 2027 06:06:52 +0000 asID: 143113 IP address blocks: 240a:a1cf::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:61:2b:23:98:94:23:aa:a8:7c:a7:6d:45:63:10:8b:29:64:05:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:52 2026 GMT Not After : Mar 3 06:06:52 2027 GMT Subject: CN=4DAA208DD1464FDEDFA74630A4F62DB57F5CF11C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:16:17:41:6b:68:36:b0:2e:4f:38:b3:bb:27: 2b:f9:5a:f3:80:7b:6c:11:f7:c5:f7:9a:02:a9:89: 3e:dd:cf:ea:10:eb:1f:8e:da:58:dd:3d:81:dc:7a: 49:71:f9:7a:fe:cc:e1:9e:51:05:90:25:2a:77:68: a4:2f:9c:12:4f:61:bc:e7:bc:39:5d:a3:43:54:cc: 76:71:93:66:c6:67:95:02:eb:d2:c0:45:30:3e:ee: b4:7f:33:43:da:40:10:21:45:bb:0b:30:97:fd:e5: 3b:6b:df:37:7d:ce:b3:09:43:6c:4b:82:ca:63:e0: 7d:30:eb:83:59:c2:62:66:8c:e7:c5:7a:9f:c8:64: ca:df:10:30:a0:2d:6d:0d:a9:f0:e4:90:a8:5c:05: b6:76:e7:c1:5c:1f:2e:cf:75:8c:d8:b1:be:ac:2f: 4b:44:15:84:9e:06:8a:22:23:40:37:8a:63:0b:19: 10:cd:f2:02:69:0e:b7:45:4a:c4:4f:69:f5:c8:0c: ce:15:0f:3e:44:55:28:21:fb:67:90:50:7c:fe:f5: e1:cf:81:8a:ed:a1:11:48:f9:0d:3b:f6:db:7c:ee: 7d:5e:8a:9d:db:a9:00:34:94:24:0a:6c:7b:c9:fb: 8f:55:98:aa:bf:cd:63:91:33:fc:f5:72:90:5d:3b: fa:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:AA:20:8D:D1:46:4F:DE:DF:A7:46:30:A4:F6:2D:B5:7F:5C:F1:1C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143113.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1cf::/32 Signature Algorithm: sha256WithRSAEncryption 35:d3:1f:57:68:d0:54:6c:16:06:f5:fa:79:dd:13:27:32:5c: 38:fa:a3:82:0b:63:86:bb:f8:89:e7:56:0d:16:62:1f:0a:c5: 67:43:ec:c3:03:4a:07:7f:57:bd:3d:7f:75:97:98:96:67:2a: 10:0e:a2:fd:11:56:50:5b:d8:2c:cb:89:0c:63:b3:87:bf:94: 6a:27:1b:75:b1:11:a6:80:5d:6f:eb:6f:98:1c:99:fc:4e:a1: 16:ae:26:67:29:74:15:fd:87:86:60:b6:03:ac:10:72:2a:b1: a2:3c:6d:39:16:6e:e0:57:2a:6e:62:10:df:c4:ac:48:de:96: 09:56:b4:27:fb:10:0a:e1:00:d4:b3:ad:6d:1c:e3:32:a4:c8: 56:90:12:b8:b6:c8:84:a9:d9:ab:3c:3b:f5:07:30:65:5d:7e: 8d:df:66:82:aa:77:cd:83:0e:0e:57:4b:87:5e:dc:d1:31:08: 35:c2:1a:de:ec:47:22:bf:e3:70:6d:cf:d2:d1:b0:c2:5b:ac: c1:d0:dd:7e:82:27:86:63:f2:b6:ee:a5:e6:12:8f:cf:fe:f9: 09:20:7e:4e:47:76:0a:7e:60:f0:47:39:bf:de:de:0f:5d:91: 26:06:66:b5:f8:6d:8c:fb:8e:f0:56:1b:38:50:ea:e2:9e:b2: 02:f7:61:4b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKmErI5iUI6qofKdtRWMQiylkBUEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE1MloX DTI3MDMwMzA2MDY1MlowMzExMC8GA1UEAxMoNERBQTIwOEREMTQ2NEZERURGQTc0 NjMwQTRGNjJEQjU3RjVDRjExQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALMWF0FraDawLk84s7snK/la84B7bBH3xfeaAqmJPt3P6hDrH47aWN09gdx6 SXH5ev7M4Z5RBZAlKndopC+cEk9hvOe8OV2jQ1TMdnGTZsZnlQLr0sBFMD7utH8z Q9pAECFFuwswl/3lO2vfN33OswlDbEuCymPgfTDrg1nCYmaM58V6n8hkyt8QMKAt bQ2p8OSQqFwFtnbnwVwfLs91jNixvqwvS0QVhJ4GiiIjQDeKYwsZEM3yAmkOt0VK xE9p9cgMzhUPPkRVKCH7Z5BQfP714c+Biu2hEUj5DTv223zufV6KndupADSUJAps e8n7j1WYqr/NY5Ez/PVykF07+skCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRNqiCN 0UZP3t+nRjCk9i21f1zxHDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzExMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oc8wDQYJKoZIhvcNAQELBQADggEBADXTH1do0FRsFgb1+nndEycyXDj6o4ILY4a7 +InnVg0WYh8KxWdD7MMDSgd/V709f3WXmJZnKhAOov0RVlBb2CzLiQxjs4e/lGon G3WxEaaAXW/rb5gcmfxOoRauJmcpdBX9h4ZgtgOsEHIqsaI8bTkWbuBXKm5iEN/E rEjelglWtCf7EArhANSzrW0c4zKkyFaQEri2yISp2as8O/UHMGVdfo3fZoKqd82D Dg5XS4de3NExCDXCGt7sRyK/43Btz9LRsMJbrMHQ3X6CJ4Zj8rbupeYSj8/++Qkg fk5Hdgp+YPBHOb/e3g9dkSYGZrX4bYz7jvBWGzhQ6uKesgL3YUs= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:05 2026 by rpki-client