$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143147.roa File: AS143147.roa (raw, json) Hash identifier: W+qzTZr1rNNeLQSkzZKUgWRxfq5yBoqd4+qBiKjbbMs= Subject key identifier: 4D:49:AD:EC:65:01:52:11:96:E6:8F:93:4A:B5:9F:BF:DD:F6:D2:2E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0B49A74494274FC0AF866DDF285F29EEBC599575 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143147.roa Signing time: Wed 04 Mar 2026 06:07:53 +0000 ROA not before: Wed 04 Mar 2026 06:02:53 +0000 ROA not after: Wed 03 Mar 2027 06:07:53 +0000 asID: 143147 IP address blocks: 240a:a1f1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:49:a7:44:94:27:4f:c0:af:86:6d:df:28:5f:29:ee:bc:59:95:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:53 2026 GMT Not After : Mar 3 06:07:53 2027 GMT Subject: CN=4D49ADEC6501521196E68F934AB59FBFDDF6D22E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:88:89:9e:a5:31:3d:24:22:61:a5:51:e1:e8: bb:ac:0b:3e:ee:0b:45:24:f5:cf:41:81:41:2a:49: 23:d2:dd:30:82:95:94:64:13:66:f4:eb:dc:38:ee: 66:0b:68:96:14:51:2a:07:57:95:79:30:cd:9c:d3: 34:0a:44:71:80:f6:27:25:5f:45:0a:e9:07:12:4c: da:4e:e5:06:2f:80:d7:cd:bf:af:47:92:b0:46:9b: 33:12:ac:e4:23:60:b8:0e:87:a1:21:cf:f7:4a:88: 40:da:ce:51:b1:8f:ec:98:d6:32:5b:44:46:00:57: 99:0e:a9:53:c8:e1:16:01:71:e8:7b:c3:71:e2:e1: ec:2f:8d:15:31:c7:13:ce:5b:26:7c:ad:37:7f:20: 87:74:8d:40:36:ec:ca:d9:0f:77:96:e1:a8:e6:9f: 99:3b:61:91:1f:1f:2e:0c:78:9d:3e:da:89:0b:ef: 68:dc:67:4e:c5:21:f2:d5:b3:06:57:ad:78:83:d0: 35:18:04:77:94:00:f6:4c:e4:ef:ac:65:79:09:b8: 6e:b5:25:b8:fd:b7:a2:ba:01:dd:86:9d:d0:79:95: 32:66:a0:ac:53:05:09:c2:a4:42:a1:52:14:23:3d: a5:06:0a:63:42:d4:85:15:3d:d6:7a:15:c3:9d:f2: f3:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:49:AD:EC:65:01:52:11:96:E6:8F:93:4A:B5:9F:BF:DD:F6:D2:2E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143147.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1f1::/32 Signature Algorithm: sha256WithRSAEncryption 5d:cc:35:4e:9b:49:4b:4e:c6:0a:5a:a1:e3:3a:5e:23:c4:07: 80:6d:5b:81:f7:1f:a3:78:55:be:30:00:91:3f:96:89:43:93: 3f:fe:7b:79:26:9a:98:28:fd:6c:0a:0c:ff:2b:0f:cb:86:ea: f1:e8:a1:e2:0d:09:69:27:31:4f:70:78:64:5a:6f:68:65:72: 9b:81:0e:0b:75:ce:b4:bf:59:aa:ec:25:88:d2:24:f5:7a:79: ba:1d:72:41:72:dd:2e:77:dc:85:24:93:55:7d:f2:c6:52:f9: a9:51:c3:e7:c9:b9:9b:75:a8:44:9d:89:ad:b3:54:53:5a:8b: b1:59:46:02:7f:3c:4f:4d:51:7a:f6:4e:68:e4:3a:84:30:c3: f3:d3:f6:1a:7a:08:6c:a2:ad:5d:d1:19:79:ab:c4:31:93:f0: e4:06:a3:71:f3:7c:17:65:7a:75:44:1f:ba:25:7a:2d:46:7e: c0:e6:c9:6c:65:e7:4b:1c:bf:d2:22:ee:8d:48:0d:56:bf:59: 1f:b2:6d:95:aa:d5:c3:90:9d:b7:ec:b6:7e:2f:45:a6:30:00: 06:24:3b:3e:11:c5:7a:6d:ff:0b:1d:7d:f7:c2:56:b9:7f:45: 54:d9:b1:f5:47:ec:e0:9f:46:48:d5:50:32:7a:9b:e2:11:79: 44:ff:0d:84 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUC0mnRJQnT8Cvhm3fKF8p7rxZlXUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI1M1oX DTI3MDMwMzA2MDc1M1owMzExMC8GA1UEAxMoNEQ0OUFERUM2NTAxNTIxMTk2RTY4 RjkzNEFCNTlGQkZEREY2RDIyRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKuIiZ6lMT0kImGlUeHou6wLPu4LRST1z0GBQSpJI9LdMIKVlGQTZvTr3Dju ZgtolhRRKgdXlXkwzZzTNApEcYD2JyVfRQrpBxJM2k7lBi+A182/r0eSsEabMxKs 5CNguA6HoSHP90qIQNrOUbGP7JjWMltERgBXmQ6pU8jhFgFx6HvDceLh7C+NFTHH E85bJnytN38gh3SNQDbsytkPd5bhqOafmTthkR8fLgx4nT7aiQvvaNxnTsUh8tWz BleteIPQNRgEd5QA9kzk76xleQm4brUluP23oroB3Yad0HmVMmagrFMFCcKkQqFS FCM9pQYKY0LUhRU91noVw53y85UCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRNSa3s ZQFSEZbmj5NKtZ+/3fbSLjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzE0Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ofEwDQYJKoZIhvcNAQELBQADggEBAF3MNU6bSUtOxgpaoeM6XiPEB4BtW4H3H6N4 Vb4wAJE/lolDkz/+e3kmmpgo/WwKDP8rD8uG6vHooeINCWknMU9weGRab2hlcpuB Dgt1zrS/WarsJYjSJPV6ebodckFy3S533IUkk1V98sZS+alRw+fJuZt1qESdia2z VFNai7FZRgJ/PE9NUXr2TmjkOoQww/PT9hp6CGyirV3RGXmrxDGT8OQGo3HzfBdl enVEH7olei1GfsDmyWxl50scv9Ii7o1IDVa/WR+ybZWq1cOQnbfstn4vRaYwAAYk Oz4RxXpt/wsdfffCVrl/RVTZsfVH7OCfRkjVUDJ6m+IReUT/DYQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:02 2026 by rpki-client