$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143127.roa File: AS143127.roa (raw, json) Hash identifier: 5BC0Va9klygjil+fPi6+lCMkZ/4XjXP0Uy9gSqJ6bAU= Subject key identifier: C0:B0:C4:57:05:DE:9E:8E:8A:76:DB:37:51:52:8E:9E:86:03:E3:E5 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 15BF9E7B3A5B535D662232671BD6FB4FDDD53C72 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143127.roa Signing time: Wed 04 Mar 2026 06:06:00 +0000 ROA not before: Wed 04 Mar 2026 06:01:00 +0000 ROA not after: Wed 03 Mar 2027 06:06:00 +0000 asID: 143127 IP address blocks: 240a:a1dd::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:bf:9e:7b:3a:5b:53:5d:66:22:32:67:1b:d6:fb:4f:dd:d5:3c:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:00 2026 GMT Not After : Mar 3 06:06:00 2027 GMT Subject: CN=C0B0C45705DE9E8E8A76DB3751528E9E8603E3E5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:88:c4:72:3e:70:ae:e1:26:b8:da:66:11:b0: a4:52:09:ac:e6:43:99:3f:0a:bc:5d:f8:cc:76:37: b3:b3:d7:5b:69:a3:74:5c:f9:f3:32:23:7b:38:19: df:2f:cc:f8:41:95:f9:9e:d6:46:cf:aa:d6:dc:0a: bd:ca:01:f8:3d:b7:5d:eb:27:36:30:7b:11:c9:27: 9a:87:ec:ed:8d:b9:04:f6:a0:e1:3c:a2:77:5c:a4: ee:33:82:f6:1c:38:88:d7:78:d0:21:b8:0a:36:0a: e1:3b:25:c0:0e:5a:e9:ee:ef:7c:ed:02:2c:da:7b: 04:29:9a:b0:bb:33:81:bc:af:ea:0d:81:66:d3:dc: 73:7c:07:40:a1:c4:99:99:50:d5:c7:7a:66:57:b6: c4:3b:51:00:64:df:ff:dc:ee:62:30:0b:ba:c7:5b: 7f:6e:62:b1:20:f4:b4:85:f7:50:f1:14:5c:fb:a3: 2c:3e:4b:16:7e:94:db:48:dc:ab:71:8d:e2:07:c5: f3:32:6d:3c:55:bd:60:5e:af:9a:29:a5:52:64:32: cf:aa:70:a3:7e:32:79:5e:e8:19:57:a3:77:1a:51: 8f:b6:a4:d0:a0:78:ed:c9:84:79:23:60:e9:d6:b7: 3d:fb:a8:70:44:7b:a6:a5:7e:9e:33:73:c9:26:bf: 2b:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:B0:C4:57:05:DE:9E:8E:8A:76:DB:37:51:52:8E:9E:86:03:E3:E5 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143127.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1dd::/32 Signature Algorithm: sha256WithRSAEncryption d1:76:12:b2:f0:88:37:b0:3d:8b:39:45:ab:fe:ae:1e:a1:27: ef:9a:09:28:07:4e:6a:46:7e:88:12:90:ac:2b:2f:f4:83:58: dc:35:b9:2e:51:db:bf:dc:f8:c5:1d:9e:fd:fe:1a:67:59:1b: 23:c6:15:44:51:45:79:87:0e:74:18:2e:c3:bc:5b:bc:d9:0c: b3:15:9e:79:88:f6:4e:bf:84:6c:a4:db:0a:d6:7e:ff:c3:f0: e6:90:e4:91:49:83:87:a6:6a:ef:02:93:00:1b:f9:0f:c9:3e: 20:05:60:bb:1c:92:12:0a:ee:c7:f6:ca:ab:e2:24:cf:92:a8: f1:0d:bd:99:f9:e8:81:aa:87:a9:f6:ef:11:b8:e7:22:5f:87: 41:10:f3:98:74:eb:17:5d:f4:e7:22:1a:ec:42:18:ed:0d:af: 37:a3:6b:cf:19:13:e6:75:42:73:3c:26:ac:e9:4c:f0:bd:f7: e6:fa:6d:a7:8f:a5:5f:45:08:a1:37:05:56:fc:9a:cd:9b:4c: 53:5d:8b:91:2e:bf:6c:8b:8d:7f:1e:22:6b:c7:20:80:99:90: a5:da:b1:7a:c1:9e:73:b0:0b:93:d0:f6:3c:59:21:fc:7a:14: 69:18:e3:ad:7e:45:3e:56:84:49:c2:ae:a9:12:a5:df:26:01: 0d:01:40:43 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFb+eezpbU11mIjJnG9b7T93VPHIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEwMFoX DTI3MDMwMzA2MDYwMFowMzExMC8GA1UEAxMoQzBCMEM0NTcwNURFOUU4RThBNzZE QjM3NTE1MjhFOUU4NjAzRTNFNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANSIxHI+cK7hJrjaZhGwpFIJrOZDmT8KvF34zHY3s7PXW2mjdFz58zIjezgZ 3y/M+EGV+Z7WRs+q1twKvcoB+D23XesnNjB7Ecknmofs7Y25BPag4Tyid1yk7jOC 9hw4iNd40CG4CjYK4TslwA5a6e7vfO0CLNp7BCmasLszgbyv6g2BZtPcc3wHQKHE mZlQ1cd6Zle2xDtRAGTf/9zuYjALusdbf25isSD0tIX3UPEUXPujLD5LFn6U20jc q3GN4gfF8zJtPFW9YF6vmimlUmQyz6pwo34yeV7oGVejdxpRj7ak0KB47cmEeSNg 6da3PfuocER7pqV+njNzySa/KyECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTAsMRX Bd6ejop22zdRUo6ehgPj5TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzEyNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK od0wDQYJKoZIhvcNAQELBQADggEBANF2ErLwiDewPYs5Rav+rh6hJ++aCSgHTmpG fogSkKwrL/SDWNw1uS5R27/c+MUdnv3+GmdZGyPGFURRRXmHDnQYLsO8W7zZDLMV nnmI9k6/hGyk2wrWfv/D8OaQ5JFJg4emau8CkwAb+Q/JPiAFYLsckhIK7sf2yqvi JM+SqPENvZn56IGqh6n27xG45yJfh0EQ85h06xdd9OciGuxCGO0Nrzeja88ZE+Z1 QnM8JqzpTPC99+b6baePpV9FCKE3BVb8ms2bTFNdi5Euv2yLjX8eImvHIICZkKXa sXrBnnOwC5PQ9jxZIfx6FGkY461+RT5WhEnCrqkSpd8mAQ0BQEM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:37 2026 by rpki-client