$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143145.roa File: AS143145.roa (raw, json) Hash identifier: aZSqf0XnHnWRiJiWyLNO+FoRNYtDqvRHbeigTJJGO5g= Subject key identifier: 33:9F:95:81:AD:B3:5E:70:33:3B:37:D0:5A:8B:95:06:0F:5A:23:50 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4259DF3B16EDFA076CDD12F3BF241D0FBA853E9C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143145.roa Signing time: Wed 04 Mar 2026 06:07:45 +0000 ROA not before: Wed 04 Mar 2026 06:02:45 +0000 ROA not after: Wed 03 Mar 2027 06:07:45 +0000 asID: 143145 IP address blocks: 240a:a1ef::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:59:df:3b:16:ed:fa:07:6c:dd:12:f3:bf:24:1d:0f:ba:85:3e:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:45 2026 GMT Not After : Mar 3 06:07:45 2027 GMT Subject: CN=339F9581ADB35E70333B37D05A8B95060F5A2350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:a4:f9:3b:6a:fa:06:49:2a:5d:b3:aa:e1:8b: f7:89:e7:b8:85:f3:1a:9e:96:1e:6e:2a:3d:e5:4c: 11:2b:b3:24:f4:e2:03:14:4a:f2:31:11:fa:b7:ce: c9:43:f4:fa:2b:ab:00:ca:e9:8c:5b:70:8d:8f:f2: 11:ce:f5:6f:8c:ed:f1:a3:82:c6:b7:d0:da:77:98: bf:5c:46:82:0b:cb:72:b1:97:b7:7e:36:21:58:26: c2:29:9d:de:aa:4d:84:53:e9:1a:b5:65:b2:78:03: fb:3b:4c:9b:bd:89:2a:95:55:fe:c0:a0:c5:cd:c8: a4:c0:dc:c6:06:ae:3f:fc:8e:88:b3:0a:ee:b5:93: 65:e2:4d:3a:13:33:70:d3:52:e5:22:ba:fd:bc:62: d2:b5:b0:09:08:d0:81:16:bd:59:fe:6f:d0:53:cf: bc:72:2b:33:01:81:39:71:7d:2a:95:b6:73:80:e9: 1a:cd:e5:ed:cc:ea:58:4e:e5:97:b7:51:57:ea:b3: 54:a1:77:cf:b3:55:8b:e9:8a:cd:4f:80:1f:4c:16: 48:8f:2e:50:2e:2c:69:6f:5f:eb:8c:bf:ff:4c:0e: 99:ef:bb:8a:13:43:19:4a:57:59:dc:f6:b6:4b:6f: 05:e2:f7:4c:80:2d:74:d7:46:81:91:1a:96:2f:31: a8:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:9F:95:81:AD:B3:5E:70:33:3B:37:D0:5A:8B:95:06:0F:5A:23:50 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143145.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1ef::/32 Signature Algorithm: sha256WithRSAEncryption 60:c3:d0:9e:eb:86:dc:a7:b3:27:a1:06:c2:ba:f1:92:34:93: 7c:2c:ce:ff:29:14:d1:55:05:6e:db:2e:f4:d2:a5:cf:3d:27: ea:64:5d:61:e0:5f:ec:64:15:3c:27:25:34:45:53:45:85:4d: ef:f4:c4:47:b6:1d:5c:62:d0:8e:f6:04:42:07:94:a3:5f:13: 28:7d:cd:26:37:50:64:1b:b5:2c:f7:ee:de:e7:f5:07:8e:27: 1c:b3:b6:c3:b8:62:91:1c:bb:e9:8d:75:26:9b:9e:53:a8:2a: a9:28:04:df:c9:5c:21:a3:92:86:96:3d:b9:c7:fb:f5:9c:d7: 41:6b:22:87:53:5b:2c:a6:3a:5b:87:d6:c1:88:69:1d:aa:ba: b1:03:66:e1:9c:ce:83:60:5d:3b:23:99:57:0f:34:9b:c4:03: 01:06:d8:41:00:6d:82:c5:16:ac:69:38:13:75:e1:2e:46:fb: df:e3:8b:18:9a:90:bc:68:b1:fa:c9:2b:22:d4:56:b0:ff:71: a0:66:8f:d1:38:f7:a9:d5:99:9e:88:a6:ea:bb:29:59:77:9a: e4:90:5f:6d:75:f4:b1:92:cb:77:a0:7d:65:fc:a9:80:c8:c4: db:da:ad:6c:65:23:cb:c8:9a:93:c2:28:bf:bb:99:03:3a:89: 36:83:9c:19 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQlnfOxbt+gds3RLzvyQdD7qFPpwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI0NVoX DTI3MDMwMzA2MDc0NVowMzExMC8GA1UEAxMoMzM5Rjk1ODFBREIzNUU3MDMzM0Iz N0QwNUE4Qjk1MDYwRjVBMjM1MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJuk+Ttq+gZJKl2zquGL94nnuIXzGp6WHm4qPeVMESuzJPTiAxRK8jER+rfO yUP0+iurAMrpjFtwjY/yEc71b4zt8aOCxrfQ2neYv1xGggvLcrGXt342IVgmwimd 3qpNhFPpGrVlsngD+ztMm72JKpVV/sCgxc3IpMDcxgauP/yOiLMK7rWTZeJNOhMz cNNS5SK6/bxi0rWwCQjQgRa9Wf5v0FPPvHIrMwGBOXF9KpW2c4DpGs3l7czqWE7l l7dRV+qzVKF3z7NVi+mKzU+AH0wWSI8uUC4saW9f64y//0wOme+7ihNDGUpXWdz2 tktvBeL3TIAtdNdGgZEali8xqC0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQzn5WB rbNecDM7N9Bai5UGD1ojUDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzE0NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oe8wDQYJKoZIhvcNAQELBQADggEBAGDD0J7rhtynsyehBsK68ZI0k3wszv8pFNFV BW7bLvTSpc89J+pkXWHgX+xkFTwnJTRFU0WFTe/0xEe2HVxi0I72BEIHlKNfEyh9 zSY3UGQbtSz37t7n9QeOJxyztsO4YpEcu+mNdSabnlOoKqkoBN/JXCGjkoaWPbnH +/Wc10FrIodTWyymOluH1sGIaR2qurEDZuGczoNgXTsjmVcPNJvEAwEG2EEAbYLF FqxpOBN14S5G+9/jixiakLxosfrJKyLUVrD/caBmj9E496nVmZ6Ipuq7KVl3muSQ X2119LGSy3egfWX8qYDIxNvarWxlI8vImpPCKL+7mQM6iTaDnBk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:45 2026 by rpki-client