$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143136.roa File: AS143136.roa (raw, json) Hash identifier: 7manALj4RNcRavFoSM4B4j6+4Dmr6LtW/nXWtCa2Cts= Subject key identifier: 2B:12:93:EB:A3:F7:E3:A6:10:41:BD:05:AF:A1:35:D5:D7:6B:1A:45 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2FD80130F49F3CCB65F5F0E6275F453F5553645A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143136.roa Signing time: Wed 04 Mar 2026 06:06:32 +0000 ROA not before: Wed 04 Mar 2026 06:01:32 +0000 ROA not after: Wed 03 Mar 2027 06:06:32 +0000 asID: 143136 IP address blocks: 240a:a1e6::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:d8:01:30:f4:9f:3c:cb:65:f5:f0:e6:27:5f:45:3f:55:53:64:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:32 2026 GMT Not After : Mar 3 06:06:32 2027 GMT Subject: CN=2B1293EBA3F7E3A61041BD05AFA135D5D76B1A45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:9b:a2:ba:49:03:a3:1e:07:e5:dd:ae:1c:ac: 35:15:c7:7f:ac:0a:83:87:63:1f:43:94:2e:91:65: e7:3e:31:0b:44:57:e5:fc:3a:e5:ed:c7:34:40:7a: ef:0d:39:5a:9a:3a:f0:ff:97:9a:bc:8e:b2:ad:31: cf:bc:eb:cc:61:9f:3a:7b:8a:1a:2d:a4:28:d7:64: e9:4b:2b:e6:41:19:8b:42:e7:e9:61:fe:0f:5f:9e: fc:f0:ae:0e:3f:9f:e6:9a:45:10:b8:86:88:64:80: 27:03:28:2b:e5:7b:c3:7c:73:c8:9c:bb:0a:d4:6d: de:07:1f:6b:f9:d4:77:f0:f1:3f:34:30:19:cf:46: 40:e3:16:a1:8a:5e:2f:ba:c9:3d:76:1d:1e:8f:5d: a8:d6:f0:33:fe:be:44:16:e4:75:c8:97:36:d9:2b: 40:cf:13:5e:29:b5:88:33:42:af:9d:4d:86:58:63: 57:3c:87:ec:1e:a7:7f:6c:f9:93:f9:af:d5:b2:0f: 38:80:24:94:3d:e1:e7:61:d4:4b:97:b1:fd:1b:10: 0a:be:7c:c9:22:c8:38:69:1e:a4:3d:d4:be:61:fd: 2d:d8:40:0a:6c:bc:ce:0c:28:de:4f:64:ef:72:6c: 7f:11:fd:3f:b6:db:dd:55:d3:9f:4d:a5:69:51:a4: 55:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:12:93:EB:A3:F7:E3:A6:10:41:BD:05:AF:A1:35:D5:D7:6B:1A:45 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143136.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1e6::/32 Signature Algorithm: sha256WithRSAEncryption 5d:00:21:d1:36:68:d8:e4:4c:01:d5:ff:17:74:9d:04:8c:6f: 59:c1:8d:67:80:30:45:2e:07:3c:9f:4e:22:fe:21:91:6b:49: 48:7e:c1:62:38:f1:5a:cc:bf:60:f3:5b:c6:8e:42:7f:8b:99: af:3b:4b:63:86:c9:cd:a9:e7:71:01:6b:21:b4:ed:44:ac:41: 37:cb:d6:48:2d:ca:fe:08:ef:04:bf:e3:5f:22:14:91:97:76: a5:8d:5e:67:8f:bc:e5:1d:6c:0a:e0:21:26:cb:3f:b6:f8:50: 26:b2:f6:37:c1:6d:0e:34:29:df:42:3b:0b:2d:d1:9e:cc:e8: 17:f1:92:f7:ed:56:d4:8f:d1:d1:6b:b6:ee:d0:d4:3e:7b:cf: b0:f5:a4:27:2a:9f:29:41:a6:65:9e:4e:5b:c0:10:39:54:8d: 67:64:d6:bd:f6:40:56:e9:bb:5c:18:56:82:67:25:91:f0:b9: 8d:7b:98:3d:d2:ea:79:03:9a:17:e7:d9:f7:cc:bc:6f:a9:31: 84:72:7e:ef:fc:dd:1b:6e:c7:08:6e:24:9c:2a:94:aa:1c:5f: 01:49:d9:b9:8d:b3:97:93:82:27:3f:d3:3a:57:99:4d:bf:f4: 39:8b:24:0e:f6:1a:b1:6f:5a:30:41:99:cf:3c:e5:6b:33:d2: 49:9b:e0:22 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUL9gBMPSfPMtl9fDmJ19FP1VTZFowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEzMloX DTI3MDMwMzA2MDYzMlowMzExMC8GA1UEAxMoMkIxMjkzRUJBM0Y3RTNBNjEwNDFC RDA1QUZBMTM1RDVENzZCMUE0NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKmborpJA6MeB+XdrhysNRXHf6wKg4djH0OULpFl5z4xC0RX5fw65e3HNEB6 7w05Wpo68P+XmryOsq0xz7zrzGGfOnuKGi2kKNdk6Usr5kEZi0Ln6WH+D1+e/PCu Dj+f5ppFELiGiGSAJwMoK+V7w3xzyJy7CtRt3gcfa/nUd/DxPzQwGc9GQOMWoYpe L7rJPXYdHo9dqNbwM/6+RBbkdciXNtkrQM8TXim1iDNCr51NhlhjVzyH7B6nf2z5 k/mv1bIPOIAklD3h52HUS5ex/RsQCr58ySLIOGkepD3UvmH9LdhACmy8zgwo3k9k 73JsfxH9P7bb3VXTn02laVGkVYUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQrEpPr o/fjphBBvQWvoTXV12saRTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzEzNi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oeYwDQYJKoZIhvcNAQELBQADggEBAF0AIdE2aNjkTAHV/xd0nQSMb1nBjWeAMEUu BzyfTiL+IZFrSUh+wWI48VrMv2DzW8aOQn+Lma87S2OGyc2p53EBayG07USsQTfL 1kgtyv4I7wS/418iFJGXdqWNXmePvOUdbArgISbLP7b4UCay9jfBbQ40Kd9COwst 0Z7M6BfxkvftVtSP0dFrtu7Q1D57z7D1pCcqnylBpmWeTlvAEDlUjWdk1r32QFbp u1wYVoJnJZHwuY17mD3S6nkDmhfn2ffMvG+pMYRyfu/83RtuxwhuJJwqlKocXwFJ 2bmNs5eTgic/0zpXmU2/9DmLJA72GrFvWjBBmc885Wsz0kmb4CI= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:31 2026 by rpki-client