$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143118.roa File: AS143118.roa (raw, json) Hash identifier: YRprwsM4bU19RUDsc2wuQACrP8amjdLlAwnCt2/vAr0= Subject key identifier: 9C:43:CC:A3:14:55:CC:8E:58:4C:E4:C6:C5:F6:B7:FE:BD:05:74:2A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3473CB8DA1A2930FD19379B77D25AEC7DF21C4D3 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143118.roa Signing time: Wed 04 Mar 2026 06:07:44 +0000 ROA not before: Wed 04 Mar 2026 06:02:44 +0000 ROA not after: Wed 03 Mar 2027 06:07:44 +0000 asID: 143118 IP address blocks: 240a:a1d4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:73:cb:8d:a1:a2:93:0f:d1:93:79:b7:7d:25:ae:c7:df:21:c4:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:44 2026 GMT Not After : Mar 3 06:07:44 2027 GMT Subject: CN=9C43CCA31455CC8E584CE4C6C5F6B7FEBD05742A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:cb:23:1f:9b:36:49:ee:d3:03:b4:60:09:8e: f3:e1:36:2b:80:f2:f4:96:38:f2:1a:b4:8f:56:29: a6:0d:a1:46:45:7e:b5:c6:97:3a:a4:63:4b:fd:9f: ae:2d:c6:21:53:ff:26:b0:be:bd:fc:9c:c5:43:4b: 92:9c:62:b9:ea:cf:2f:47:1b:23:19:c5:79:7f:a3: 99:9c:65:51:2c:f2:a3:9b:61:ee:f5:93:18:21:2b: 10:62:1c:a2:88:84:e5:17:2a:de:7c:df:0c:15:45: 12:ba:03:1c:de:1d:b8:4f:3a:48:cd:05:f4:26:72: 46:09:cb:39:46:68:60:05:42:56:37:e3:34:24:00: b2:3f:a1:4d:a7:1e:78:d7:f2:69:42:c0:47:74:50: 96:72:eb:c9:51:6b:0c:4e:d6:c5:04:1e:84:c1:fb: ee:8d:24:6b:74:08:c7:3d:c1:8a:35:4f:5f:29:0d: f0:da:d9:af:ac:40:5d:de:8d:e4:fd:6e:12:11:16: 50:c3:01:b0:49:ea:6b:8e:b3:9f:52:56:89:73:06: 2c:f9:d3:74:26:fa:b7:d9:0a:b7:1a:fc:08:3a:ef: 32:63:2d:e4:b0:2e:1d:1d:2c:7e:cb:51:e3:1e:c6: 04:01:5e:df:cf:d2:60:38:97:b9:06:bb:3d:4e:79: ca:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:43:CC:A3:14:55:CC:8E:58:4C:E4:C6:C5:F6:B7:FE:BD:05:74:2A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143118.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1d4::/32 Signature Algorithm: sha256WithRSAEncryption 4e:74:26:19:ee:fc:c6:94:8b:ef:c7:df:dd:07:28:88:b4:d5: 42:7a:c2:32:67:a0:78:e8:cd:a5:cb:63:68:ca:09:6a:4c:5a: 64:55:fb:be:71:f5:59:b4:07:c7:c3:ae:e4:97:4c:c0:88:05: 93:ef:f8:e0:b7:29:a1:54:02:0f:21:93:65:1c:e1:9d:b6:88: 89:bb:84:86:c3:85:dc:0a:a9:c9:00:93:80:0e:d1:dc:a3:49: bd:40:69:09:1a:88:2d:2d:99:ba:b5:1d:4b:e9:4a:f3:b3:cc: f6:5f:d9:0e:6b:c8:fa:a2:0b:a5:43:03:03:e2:93:12:1b:74: bd:c6:09:1f:76:7f:48:73:5c:44:70:d8:46:4d:01:a5:c1:7c: 04:32:57:1a:58:d1:ec:a2:69:3b:8d:dd:5e:cd:13:05:52:06: 33:03:e7:96:95:f9:ca:e6:58:c2:2f:d0:93:de:f2:12:61:64: b7:a6:a8:e0:03:dc:15:27:2d:89:2b:39:a9:04:13:99:6f:bd: 81:8d:3f:6f:e1:80:de:06:6f:3e:17:86:1f:8b:0f:2a:88:49: 73:ec:b5:2a:90:b1:37:f3:ed:f2:1d:5c:a6:f9:9a:1c:61:43: 39:81:5a:fb:b3:cc:8c:ea:6b:05:f8:e3:d6:50:44:92:a3:40: 83:b7:d3:1a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNHPLjaGikw/Rk3m3fSWux98hxNMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI0NFoX DTI3MDMwMzA2MDc0NFowMzExMC8GA1UEAxMoOUM0M0NDQTMxNDU1Q0M4RTU4NENF NEM2QzVGNkI3RkVCRDA1NzQyQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJfLIx+bNknu0wO0YAmO8+E2K4Dy9JY48hq0j1Yppg2hRkV+tcaXOqRjS/2f ri3GIVP/JrC+vfycxUNLkpxiuerPL0cbIxnFeX+jmZxlUSzyo5th7vWTGCErEGIc ooiE5Rcq3nzfDBVFEroDHN4duE86SM0F9CZyRgnLOUZoYAVCVjfjNCQAsj+hTace eNfyaULAR3RQlnLryVFrDE7WxQQehMH77o0ka3QIxz3BijVPXykN8NrZr6xAXd6N 5P1uEhEWUMMBsEnqa46zn1JWiXMGLPnTdCb6t9kKtxr8CDrvMmMt5LAuHR0sfstR 4x7GBAFe38/SYDiXuQa7PU55yj0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBScQ8yj FFXMjlhM5MbF9rf+vQV0KjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzExOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK odQwDQYJKoZIhvcNAQELBQADggEBAE50Jhnu/MaUi+/H390HKIi01UJ6wjJnoHjo zaXLY2jKCWpMWmRV+75x9Vm0B8fDruSXTMCIBZPv+OC3KaFUAg8hk2Uc4Z22iIm7 hIbDhdwKqckAk4AO0dyjSb1AaQkaiC0tmbq1HUvpSvOzzPZf2Q5ryPqiC6VDAwPi kxIbdL3GCR92f0hzXERw2EZNAaXBfAQyVxpY0eyiaTuN3V7NEwVSBjMD55aV+crm WMIv0JPe8hJhZLemqOAD3BUnLYkrOakEE5lvvYGNP2/hgN4Gbz4Xhh+LDyqISXPs tSqQsTfz7fIdXKb5mhxhQzmBWvuzzIzqawX449ZQRJKjQIO30xo= -----END CERTIFICATE-----Generated at Sat Mar 28 14:31:41 2026 by rpki-client