$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143116.roa File: AS143116.roa (raw, json) Hash identifier: 5XoMp8UzJObos7n0HNFg8478qLoo+WVmF0jGT9GOvBc= Subject key identifier: 9B:63:E2:10:8C:F2:B1:7A:6B:15:C4:77:03:02:DF:6E:AC:98:09:49 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 67F7DCDDEEB8090D23F06C385EE4BD49CDC504A0 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143116.roa Signing time: Wed 04 Mar 2026 06:05:36 +0000 ROA not before: Wed 04 Mar 2026 06:00:36 +0000 ROA not after: Wed 03 Mar 2027 06:05:36 +0000 asID: 143116 IP address blocks: 240a:a1d2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:f7:dc:dd:ee:b8:09:0d:23:f0:6c:38:5e:e4:bd:49:cd:c5:04:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:36 2026 GMT Not After : Mar 3 06:05:36 2027 GMT Subject: CN=9B63E2108CF2B17A6B15C4770302DF6EAC980949 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:68:6a:4a:33:0f:ef:20:2e:7f:65:55:14:0e: 88:bb:86:4d:4d:4d:2e:ac:ec:8a:5c:b2:2d:a1:72: 8c:52:a0:4e:df:18:96:8f:26:dc:f6:4e:30:a3:47: 51:79:00:22:e6:2a:f7:ac:3c:7e:09:cf:cb:79:ab: 87:07:b5:4b:ab:e2:40:71:1c:2f:ee:b0:21:83:2e: 87:59:b5:48:ee:b1:a6:13:1a:77:75:b8:38:d6:fb: ef:69:69:92:fb:70:41:c5:0f:64:2a:8a:f5:4d:02: ab:01:17:4b:a6:c8:ba:7a:af:40:02:1e:08:ab:8b: 32:73:58:be:01:47:88:94:35:95:87:a1:f6:12:05: d9:a0:9c:b9:5d:9d:64:8c:63:b8:9f:31:51:2c:8e: 56:bd:68:c6:aa:da:3f:38:ed:99:13:53:d1:e4:8c: d2:07:b1:66:4f:13:bd:d8:0d:cd:26:53:e6:bd:8d: ec:da:9b:e0:50:4f:ad:10:52:ea:05:5e:53:76:39: bb:d1:05:3b:0f:39:b5:7d:66:b9:3d:ea:5a:35:c6: 6a:cf:08:79:6d:a8:01:b9:8f:f8:f3:f8:3f:c8:f6: de:56:d0:d4:f8:c2:33:50:6e:8a:cd:9e:b8:53:ec: e7:62:29:f5:d7:5a:9a:2a:ea:e8:34:2f:3e:8e:52: 04:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:63:E2:10:8C:F2:B1:7A:6B:15:C4:77:03:02:DF:6E:AC:98:09:49 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143116.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1d2::/32 Signature Algorithm: sha256WithRSAEncryption ac:3f:c9:7f:e0:bd:a2:35:76:f3:4f:62:0c:b7:a1:59:3e:0d: b6:78:b2:c8:6a:51:5e:7b:c1:27:79:c7:d7:6e:30:28:db:e5: 9d:ba:78:e6:e7:85:88:28:38:4d:b1:3f:7c:c8:88:36:c4:00: f2:0f:f5:cb:5a:6e:c2:60:3c:e5:74:95:13:5a:40:75:be:2b: 24:3f:3b:d5:3e:66:cc:9a:5f:fd:aa:d1:4b:7c:18:12:f9:05: 74:91:84:b4:fb:80:d8:41:9b:7e:6f:5b:e1:7e:fd:a1:95:58: 76:c3:67:c6:04:87:69:29:2e:9a:a8:e1:f5:87:a2:07:05:2c: a3:bf:97:b5:97:07:5b:75:f0:68:af:54:89:4a:29:45:7c:6f: ff:90:2c:50:e1:33:a4:89:2e:56:c5:30:5a:78:0f:f7:a9:b6: 49:b4:29:b4:7e:26:4a:e0:b5:d8:78:fa:2d:aa:ef:ab:6f:34: 82:70:01:8d:20:a4:47:7d:2b:2b:8a:94:3d:4a:55:3d:62:fa: 71:30:25:04:5e:6f:ac:52:2a:4d:82:07:fd:41:a1:5c:a5:81: 37:95:e8:59:a8:0d:fa:bb:7a:d0:d1:2f:bc:28:ee:3a:7d:93: e2:26:f8:20:fd:f6:8b:b7:da:30:d5:2e:1a:fb:5a:c8:1c:25: 03:c7:6c:9f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZ/fc3e64CQ0j8Gw4XuS9Sc3FBKAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAzNloX DTI3MDMwMzA2MDUzNlowMzExMC8GA1UEAxMoOUI2M0UyMTA4Q0YyQjE3QTZCMTVD NDc3MDMwMkRGNkVBQzk4MDk0OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJZoakozD+8gLn9lVRQOiLuGTU1NLqzsilyyLaFyjFKgTt8Ylo8m3PZOMKNH UXkAIuYq96w8fgnPy3mrhwe1S6viQHEcL+6wIYMuh1m1SO6xphMad3W4ONb772lp kvtwQcUPZCqK9U0CqwEXS6bIunqvQAIeCKuLMnNYvgFHiJQ1lYeh9hIF2aCcuV2d ZIxjuJ8xUSyOVr1oxqraPzjtmRNT0eSM0gexZk8TvdgNzSZT5r2N7Nqb4FBPrRBS 6gVeU3Y5u9EFOw85tX1muT3qWjXGas8IeW2oAbmP+PP4P8j23lbQ1PjCM1Buis2e uFPs52Ip9ddamirq6DQvPo5SBAUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSbY+IQ jPKxemsVxHcDAt9urJgJSTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzExNi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK odIwDQYJKoZIhvcNAQELBQADggEBAKw/yX/gvaI1dvNPYgy3oVk+DbZ4sshqUV57 wSd5x9duMCjb5Z26eObnhYgoOE2xP3zIiDbEAPIP9ctabsJgPOV0lRNaQHW+KyQ/ O9U+ZsyaX/2q0Ut8GBL5BXSRhLT7gNhBm35vW+F+/aGVWHbDZ8YEh2kpLpqo4fWH ogcFLKO/l7WXB1t18GivVIlKKUV8b/+QLFDhM6SJLlbFMFp4D/eptkm0KbR+Jkrg tdh4+i2q76tvNIJwAY0gpEd9KyuKlD1KVT1i+nEwJQReb6xSKk2CB/1BoVylgTeV 6FmoDfq7etDRL7wo7jp9k+Im+CD99ou32jDVLhr7WsgcJQPHbJ8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:45 2026 by rpki-client