$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143146.roa File: AS143146.roa (raw, json) Hash identifier: vBMzDAMS2facZ2l8JM/FJMovvyKwEsDKW7kNxH0JyaA= Subject key identifier: C8:26:7B:DB:59:FD:C9:5B:27:39:E2:20:47:AE:2E:4E:45:BE:DD:1F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7B15F94765E9EF9407B268FE9B64576216E49D2C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143146.roa Signing time: Wed 04 Mar 2026 06:06:59 +0000 ROA not before: Wed 04 Mar 2026 06:01:59 +0000 ROA not after: Wed 03 Mar 2027 06:06:59 +0000 asID: 143146 IP address blocks: 240a:a1f0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:15:f9:47:65:e9:ef:94:07:b2:68:fe:9b:64:57:62:16:e4:9d:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:59 2026 GMT Not After : Mar 3 06:06:59 2027 GMT Subject: CN=C8267BDB59FDC95B2739E22047AE2E4E45BEDD1F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:a4:af:d8:ad:e0:ac:ac:df:be:f5:2a:40:92: fc:ac:c7:c5:ed:64:8e:9c:a9:95:c8:7e:2e:52:fe: d9:c2:6d:9b:1a:49:f5:0e:70:ef:09:f0:7f:76:5b: dd:b8:7c:8a:b5:0d:51:b8:36:f4:f6:f5:62:79:7e: d0:d4:3b:5e:2b:9a:20:37:49:04:ff:d4:6f:87:ec: 2a:8b:ac:e2:94:07:93:f2:04:5d:20:e7:ee:48:dc: f0:c1:65:d6:5d:a3:1a:52:e1:18:d3:cf:c1:54:9d: ba:e1:a4:f8:b9:27:03:54:80:4d:6f:e7:e2:f5:08: d2:6d:fb:b1:9f:d0:c6:e0:89:14:c1:1f:24:47:a7: 6a:5f:2c:c6:ed:bd:d0:4e:a8:f5:a9:e8:7e:8a:f5: f8:72:d4:17:d4:49:ab:23:55:c3:e4:21:8b:34:43: 76:87:29:6d:1a:b7:e4:b5:77:81:86:fd:7d:c0:a4: ac:aa:70:63:3c:46:1e:55:d5:1e:be:73:55:06:d7: 8a:2f:5c:69:b3:70:10:0d:7d:a0:d4:60:2a:40:5f: 02:04:15:5d:f1:5f:d9:57:62:28:1f:56:d2:aa:a5: 18:66:89:77:7b:61:18:67:2d:5d:02:df:fc:a5:d8: ae:5b:e7:d1:c1:40:92:49:3e:ae:b2:a4:9b:5f:ba: fd:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:26:7B:DB:59:FD:C9:5B:27:39:E2:20:47:AE:2E:4E:45:BE:DD:1F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143146.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1f0::/32 Signature Algorithm: sha256WithRSAEncryption d5:db:fd:57:7c:75:ed:dc:e4:1e:7a:5d:95:19:50:64:64:7a: 39:c2:87:6d:55:05:36:53:4e:ee:29:89:72:b2:3e:94:26:b7: f9:8b:73:f0:fa:ef:4b:8a:f2:bb:0d:20:41:be:96:a0:56:ca: cd:6a:6b:a0:43:34:3a:75:c4:bb:32:ac:09:bd:a1:98:4c:b8: 7f:e4:ed:ba:04:b1:f4:70:a4:d0:5b:d2:56:3a:e1:2d:73:fb: 3b:2d:30:99:45:e2:6a:55:98:5c:1c:b6:38:ac:dd:32:d7:71: 4d:da:e9:30:30:ee:e1:13:f1:9f:91:14:06:93:15:69:62:76: b8:69:f5:ab:47:82:44:8b:34:db:54:8d:29:a2:86:a1:0e:2b: aa:21:4e:c4:b2:7b:44:9f:53:d0:02:82:cd:78:04:e9:9d:92: 80:8a:43:f2:15:c4:75:4d:31:d1:44:88:a9:1a:37:8e:c9:72: 7c:0c:4a:58:6b:8c:f1:61:e4:13:10:3e:2a:30:49:0f:98:38: 0f:ab:d7:cc:a2:1d:ed:d3:41:c7:ea:a0:ed:32:51:37:a2:e2: e0:aa:27:78:f8:62:75:96:2b:b5:c7:bb:d2:de:fa:3e:a5:a7: 7d:c1:fe:2d:96:9c:7c:ba:8f:6e:fa:7b:84:b8:cc:aa:78:24: f9:55:1c:d1 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUexX5R2Xp75QHsmj+m2RXYhbknSwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE1OVoX DTI3MDMwMzA2MDY1OVowMzExMC8GA1UEAxMoQzgyNjdCREI1OUZEQzk1QjI3MzlF MjIwNDdBRTJFNEU0NUJFREQxRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKukr9it4Kys3771KkCS/KzHxe1kjpyplch+LlL+2cJtmxpJ9Q5w7wnwf3Zb 3bh8irUNUbg29Pb1Ynl+0NQ7XiuaIDdJBP/Ub4fsKous4pQHk/IEXSDn7kjc8MFl 1l2jGlLhGNPPwVSduuGk+LknA1SATW/n4vUI0m37sZ/QxuCJFMEfJEenal8sxu29 0E6o9anofor1+HLUF9RJqyNVw+QhizRDdocpbRq35LV3gYb9fcCkrKpwYzxGHlXV Hr5zVQbXii9cabNwEA19oNRgKkBfAgQVXfFf2VdiKB9W0qqlGGaJd3thGGctXQLf /KXYrlvn0cFAkkk+rrKkm1+6/c8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTIJnvb Wf3JWyc54iBHri5ORb7dHzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzE0Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ofAwDQYJKoZIhvcNAQELBQADggEBANXb/Vd8de3c5B56XZUZUGRkejnCh21VBTZT Tu4piXKyPpQmt/mLc/D670uK8rsNIEG+lqBWys1qa6BDNDp1xLsyrAm9oZhMuH/k 7boEsfRwpNBb0lY64S1z+zstMJlF4mpVmFwctjis3TLXcU3a6TAw7uET8Z+RFAaT FWlidrhp9atHgkSLNNtUjSmihqEOK6ohTsSye0SfU9ACgs14BOmdkoCKQ/IVxHVN MdFEiKkaN47JcnwMSlhrjPFh5BMQPiowSQ+YOA+r18yiHe3TQcfqoO0yUTei4uCq J3j4YnWWK7XHu9Le+j6lp33B/i2WnHy6j276e4S4zKp4JPlVHNE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:50:03 2026 by rpki-client