$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143143.roa File: AS143143.roa (raw, json) Hash identifier: 0dXXeeWvh7/ujhV475KguvYaRyCCVQl65Ll23AA/8wA= Subject key identifier: 23:84:B5:DD:5D:92:83:08:48:DD:2C:81:17:31:91:99:7F:51:1E:08 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 695AA637735F9A29B4C6C970F3AFB35D7155F1B0 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143143.roa Signing time: Wed 04 Mar 2026 06:06:39 +0000 ROA not before: Wed 04 Mar 2026 06:01:39 +0000 ROA not after: Wed 03 Mar 2027 06:06:39 +0000 asID: 143143 IP address blocks: 240a:a1ed::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:5a:a6:37:73:5f:9a:29:b4:c6:c9:70:f3:af:b3:5d:71:55:f1:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:39 2026 GMT Not After : Mar 3 06:06:39 2027 GMT Subject: CN=2384B5DD5D92830848DD2C81173191997F511E08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:ab:db:8d:11:ae:67:56:ab:6b:58:88:82:3b: 0b:95:a4:ef:6c:02:0f:c1:9f:1c:37:66:fd:b1:78: bd:4b:df:b4:6e:45:f2:4f:fe:c3:54:1a:58:c2:e5: ae:6d:33:8c:db:9b:7f:ad:d9:be:da:41:90:6c:28: 02:bd:0a:53:33:4a:67:35:b5:74:0c:99:fd:29:e2: cc:0c:ef:fb:4b:32:62:8d:61:9f:da:88:ca:97:1f: 9b:8d:f1:bf:b1:eb:16:fb:d4:69:26:39:5f:b2:5f: 0a:9c:dd:6b:83:2d:16:d2:df:f6:46:4d:17:12:8f: 1b:7d:09:f2:c5:f8:45:d9:38:c0:33:f5:f6:1f:d5: a9:5d:27:ab:9b:15:56:8f:22:4f:99:3b:01:3b:2a: 70:09:67:40:49:c3:db:12:df:19:7f:1a:a2:67:43: bc:55:75:0a:0a:99:60:f8:b5:40:4e:6a:9e:8e:e0: c6:eb:3c:b7:95:34:d3:3a:3b:85:a0:0d:66:73:3c: 46:25:57:ce:c4:92:99:fb:36:b8:7a:70:ed:fc:d8: 2e:80:2d:f0:a8:c6:cf:8e:49:a5:eb:1f:e3:0c:96: c1:30:88:26:9f:c7:aa:df:99:f3:a2:3c:55:b3:52: e3:1e:b1:29:2f:cb:85:d9:81:ab:7c:d6:fe:89:a1: 71:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:84:B5:DD:5D:92:83:08:48:DD:2C:81:17:31:91:99:7F:51:1E:08 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143143.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1ed::/32 Signature Algorithm: sha256WithRSAEncryption d0:97:32:28:49:d7:5d:0e:e9:a3:4c:d7:cb:58:b8:0a:5a:ed: 0f:e8:26:7f:2f:cb:e5:40:09:fe:ce:6f:85:2b:4f:56:76:b9: 96:a4:ea:4b:bd:0b:be:ac:be:08:23:72:ba:68:9e:f9:3b:a7: 13:bf:3d:a4:ab:20:09:50:20:b3:d9:ba:95:ac:79:b7:d8:19: 79:a8:17:42:f3:96:9f:b4:53:6b:a5:90:4e:20:3d:bd:97:f5: 2b:ba:e1:6c:d4:bf:88:99:32:f8:e2:fd:fb:ef:2c:e4:4e:d6: 44:ce:4b:87:79:e7:98:9a:73:bb:49:77:b9:08:a0:e9:2c:49: 16:46:9a:8d:17:18:da:a5:af:21:57:83:b7:ae:3c:bc:12:1a: 52:f2:b7:9d:8d:40:20:d3:9a:36:ff:e2:4a:67:c3:14:f5:05: 8c:8b:f3:03:62:3f:86:66:50:4e:5a:d0:16:07:64:0f:5b:70: 50:ef:35:4c:2b:7d:59:b9:d2:46:1f:6d:f7:87:16:f8:bf:6d: eb:79:9d:bf:52:82:f3:5d:7a:4d:02:71:f1:fb:48:94:90:48: 45:69:48:60:18:4a:76:e1:8a:9e:96:d4:d0:49:86:e6:1c:9a: 28:67:02:7a:d8:0f:ec:23:f4:59:77:4b:9b:60:86:34:e1:91: 18:ac:d7:5d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUaVqmN3Nfmim0xslw86+zXXFV8bAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEzOVoX DTI3MDMwMzA2MDYzOVowMzExMC8GA1UEAxMoMjM4NEI1REQ1RDkyODMwODQ4REQy QzgxMTczMTkxOTk3RjUxMUUwODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKir240RrmdWq2tYiII7C5Wk72wCD8GfHDdm/bF4vUvftG5F8k/+w1QaWMLl rm0zjNubf63ZvtpBkGwoAr0KUzNKZzW1dAyZ/SnizAzv+0syYo1hn9qIypcfm43x v7HrFvvUaSY5X7JfCpzda4MtFtLf9kZNFxKPG30J8sX4Rdk4wDP19h/VqV0nq5sV Vo8iT5k7ATsqcAlnQEnD2xLfGX8aomdDvFV1CgqZYPi1QE5qno7gxus8t5U00zo7 haANZnM8RiVXzsSSmfs2uHpw7fzYLoAt8KjGz45Jpesf4wyWwTCIJp/Hqt+Z86I8 VbNS4x6xKS/LhdmBq3zW/omhcQ8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQjhLXd XZKDCEjdLIEXMZGZf1EeCDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzE0My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oe0wDQYJKoZIhvcNAQELBQADggEBANCXMihJ110O6aNM18tYuApa7Q/oJn8vy+VA Cf7Ob4UrT1Z2uZak6ku9C76svggjcrponvk7pxO/PaSrIAlQILPZupWsebfYGXmo F0Lzlp+0U2ulkE4gPb2X9Su64WzUv4iZMvji/fvvLORO1kTOS4d555iac7tJd7kI oOksSRZGmo0XGNqlryFXg7euPLwSGlLyt52NQCDTmjb/4kpnwxT1BYyL8wNiP4Zm UE5a0BYHZA9bcFDvNUwrfVm50kYfbfeHFvi/bet5nb9SgvNdek0CcfH7SJSQSEVp SGAYSnbhip6W1NBJhuYcmihnAnrYD+wj9Fl3S5tghjThkRis110= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:29 2026 by rpki-client