$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143131.roa File: AS143131.roa (raw, json) Hash identifier: KWqLb5WQGd25dAwrLSMHXAJjOIrlzt2WrKFcXvTPDlY= Subject key identifier: CB:CC:77:82:B9:55:D9:4D:08:79:F2:6F:50:D6:74:74:77:5C:42:13 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 56855065AA781169422C6AC573435BA1E54FE10A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143131.roa Signing time: Wed 04 Mar 2026 06:07:58 +0000 ROA not before: Wed 04 Mar 2026 06:02:58 +0000 ROA not after: Wed 03 Mar 2027 06:07:58 +0000 asID: 143131 IP address blocks: 240a:a1e1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:85:50:65:aa:78:11:69:42:2c:6a:c5:73:43:5b:a1:e5:4f:e1:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:58 2026 GMT Not After : Mar 3 06:07:58 2027 GMT Subject: CN=CBCC7782B955D94D0879F26F50D67474775C4213 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:ce:4f:c4:f1:d6:46:ff:eb:89:d8:ff:fa:cd: c0:b9:b2:a5:18:6e:41:32:fa:ee:da:47:8e:bd:ec: f1:ce:27:b0:42:02:f4:79:1f:ca:fc:60:1d:8c:c3: 5e:fd:88:27:0a:ac:5e:30:f5:d7:0c:1f:63:dc:43: b6:3d:9a:99:ef:76:b3:ba:cd:1c:6d:81:23:04:a7: 6c:ee:2a:76:9d:5b:d7:cd:65:db:19:55:b7:48:5c: 93:fa:38:53:4f:ac:6d:68:07:51:cc:51:9e:37:ee: a1:ce:bd:c5:3f:fe:a4:94:fc:18:1a:ac:70:9f:5f: f1:3c:54:39:36:f3:5d:39:4d:da:c7:e0:ec:68:ea: 40:76:66:b6:25:ff:c5:49:5d:37:0c:a3:6f:5b:c0: 31:d1:4d:5d:87:00:d7:9a:1c:20:af:05:94:6d:59: b1:66:af:b7:e1:0a:2f:82:0c:72:48:21:d1:f5:e9: 87:c8:c5:78:1c:00:21:5f:78:fe:a8:6b:fc:e0:47: 66:2c:88:93:39:28:5d:be:96:e8:db:2f:3b:44:aa: 0c:30:aa:cb:f5:de:21:af:17:cc:1d:3c:fc:c6:d5: 9a:43:5a:26:80:aa:c8:69:df:03:59:1d:36:05:46: e3:ca:97:22:4b:16:3d:0e:f8:9a:86:44:bd:bd:13: 83:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:CC:77:82:B9:55:D9:4D:08:79:F2:6F:50:D6:74:74:77:5C:42:13 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143131.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1e1::/32 Signature Algorithm: sha256WithRSAEncryption c0:93:67:54:24:d0:16:f5:eb:a7:47:83:d8:c8:98:b3:f0:53: c6:a0:5d:73:c6:dc:9e:ee:cc:9d:ec:50:b9:28:7d:6e:ad:fa: 15:0e:ce:6b:bf:d2:42:5f:bd:d8:67:4b:0b:c7:21:7e:cd:a3: b7:95:13:c1:d1:a9:c2:83:1f:f9:fc:c1:0e:dd:49:95:34:4b: 6c:48:89:71:98:5a:a8:05:2e:5c:c3:ac:da:3f:0e:23:7e:e1: 59:79:55:81:5b:b3:b0:a7:36:05:23:c6:78:4b:0d:1b:3f:80: e1:44:9a:e8:eb:10:df:e6:df:40:98:b0:e8:bc:63:a7:9c:11: f3:e6:8c:4b:9c:1a:a0:ce:d9:dc:2f:66:2d:1a:eb:06:71:4f: 76:e7:17:d7:61:cb:06:e7:c3:94:69:93:9a:b8:81:03:00:5a: 74:5d:19:dc:b8:a0:a3:1d:07:e9:48:0e:41:e6:34:04:65:14: 06:21:6c:f1:68:51:0a:18:7b:11:a1:23:a3:f2:ca:7b:89:a7: f7:72:c1:c3:57:0b:07:b2:54:fe:49:91:26:0a:19:e7:ca:1c: eb:63:40:71:e3:6d:0c:ca:99:f0:68:96:da:19:d9:c7:6e:b1: 8b:6c:3b:28:4c:14:0e:dd:1f:01:88:a5:11:e0:fb:3c:77:7e: c6:4d:01:ce -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVoVQZap4EWlCLGrFc0NboeVP4QowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI1OFoX DTI3MDMwMzA2MDc1OFowMzExMC8GA1UEAxMoQ0JDQzc3ODJCOTU1RDk0RDA4NzlG MjZGNTBENjc0NzQ3NzVDNDIxMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJzOT8Tx1kb/64nY//rNwLmypRhuQTL67tpHjr3s8c4nsEIC9HkfyvxgHYzD Xv2IJwqsXjD11wwfY9xDtj2ame92s7rNHG2BIwSnbO4qdp1b181l2xlVt0hck/o4 U0+sbWgHUcxRnjfuoc69xT/+pJT8GBqscJ9f8TxUOTbzXTlN2sfg7GjqQHZmtiX/ xUldNwyjb1vAMdFNXYcA15ocIK8FlG1ZsWavt+EKL4IMckgh0fXph8jFeBwAIV94 /qhr/OBHZiyIkzkoXb6W6NsvO0SqDDCqy/XeIa8XzB08/MbVmkNaJoCqyGnfA1kd NgVG48qXIksWPQ74moZEvb0Tg1kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTLzHeC uVXZTQh58m9Q1nR0d1xCEzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzEzMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oeEwDQYJKoZIhvcNAQELBQADggEBAMCTZ1Qk0Bb166dHg9jImLPwU8agXXPG3J7u zJ3sULkofW6t+hUOzmu/0kJfvdhnSwvHIX7No7eVE8HRqcKDH/n8wQ7dSZU0S2xI iXGYWqgFLlzDrNo/DiN+4Vl5VYFbs7CnNgUjxnhLDRs/gOFEmujrEN/m30CYsOi8 Y6ecEfPmjEucGqDO2dwvZi0a6wZxT3bnF9dhywbnw5Rpk5q4gQMAWnRdGdy4oKMd B+lIDkHmNARlFAYhbPFoUQoYexGhI6PyynuJp/dywcNXCweyVP5JkSYKGefKHOtj QHHjbQzKmfBoltoZ2cdusYtsOyhMFA7dHwGIpRHg+zx3fsZNAc4= -----END CERTIFICATE-----Generated at Sat Mar 28 13:15:14 2026 by rpki-client