$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143150.roa File: AS143150.roa (raw, json) Hash identifier: ZFBce7Yr3ZiiLLz9UQaURKmH9y2UsYRNHJ4o5OItrc4= Subject key identifier: 1B:7B:0F:79:A8:B0:9D:75:76:DE:C9:7C:6A:B4:5A:AC:E9:5F:4E:6A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1E84DEC0DCA383BDB10D5E8E4035FB4FBC820B0B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143150.roa Signing time: Wed 04 Mar 2026 06:06:50 +0000 ROA not before: Wed 04 Mar 2026 06:01:50 +0000 ROA not after: Wed 03 Mar 2027 06:06:50 +0000 asID: 143150 IP address blocks: 240a:a1f4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:84:de:c0:dc:a3:83:bd:b1:0d:5e:8e:40:35:fb:4f:bc:82:0b:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:50 2026 GMT Not After : Mar 3 06:06:50 2027 GMT Subject: CN=1B7B0F79A8B09D7576DEC97C6AB45AACE95F4E6A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:89:90:8d:03:7a:c1:81:e7:8e:e4:d1:2f:72: 71:6f:88:87:31:89:82:4a:ea:75:0c:99:81:ff:76: 5d:14:e8:f2:31:d1:5e:4f:6a:7c:8c:a0:91:22:3d: 40:e8:c3:f1:c7:c6:df:18:02:ba:0b:e6:dd:ef:2e: 72:6e:37:a3:a8:19:b9:48:33:5c:7f:f5:26:ce:0b: bf:e6:b9:ea:86:17:ca:b3:17:67:60:52:d0:0d:5e: d6:f5:69:0d:d1:83:29:3f:05:cd:20:da:40:41:59: 69:1f:ff:b6:73:87:82:1d:23:70:5d:68:92:e7:d8: b9:85:96:7c:2e:03:9f:13:d7:52:97:15:fa:0b:54: c3:70:a8:04:66:66:a1:67:bd:95:e7:43:6c:0d:00: 35:f3:38:55:eb:2e:1a:89:37:87:e3:d2:95:62:f7: 0a:9e:77:fa:d2:10:0b:97:d9:69:4d:d1:d5:9a:a7: c7:76:d1:c4:b7:9b:08:f6:cc:2c:c2:79:e5:36:bb: 36:1f:f9:74:2f:29:97:48:63:f5:b9:29:72:c2:5e: 91:da:3a:69:49:6a:98:5c:0f:25:10:da:e5:11:2e: ad:36:96:76:ba:a6:b1:26:d5:f9:0f:e8:58:d3:cc: d9:67:ee:04:2c:27:81:87:44:5e:51:c2:9a:84:4f: 23:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:7B:0F:79:A8:B0:9D:75:76:DE:C9:7C:6A:B4:5A:AC:E9:5F:4E:6A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143150.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1f4::/32 Signature Algorithm: sha256WithRSAEncryption 7a:b9:21:23:a2:49:86:d6:cc:96:19:60:9d:4d:31:01:55:0a: 1e:d6:6c:1d:0c:15:70:88:eb:d7:8b:f2:7f:46:ce:22:77:1b: 12:b1:1b:5a:3c:0f:b1:e4:c3:50:cc:66:8b:2f:f0:b9:68:71: e0:1a:d5:f4:7d:91:44:64:87:01:9d:c0:6e:00:b8:f7:f5:cd: 06:8a:52:99:98:2b:70:09:e1:63:12:be:53:8c:d4:27:21:08: 4f:a8:1f:f4:39:58:43:52:a0:0a:1e:a0:a8:07:be:4e:b8:0d: 1e:81:ab:10:61:e2:57:36:5d:1b:d3:87:67:93:d8:a0:6a:69: c1:f3:4f:59:9e:58:ee:1f:96:3b:0c:d5:55:cd:62:6b:be:74: 6f:af:37:1e:ad:12:b4:ab:d0:6f:27:87:ac:c4:a5:40:da:32: 35:1c:47:f5:0e:0f:0e:e9:3c:8e:98:30:7c:71:1d:f6:1e:d4: cb:f6:5d:71:35:20:8b:5b:d1:96:3e:72:60:8e:cb:65:4b:6b: 90:80:32:7e:1a:74:5e:d8:f1:cd:31:d5:8e:32:41:9b:67:8b: e0:41:15:59:01:94:5b:63:6f:9d:16:fb:e6:c2:05:79:9b:1b: 43:a7:92:ae:c0:24:ff:70:5b:43:72:37:ae:30:94:fa:12:8f: 2c:07:69:8d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUHoTewNyjg72xDV6OQDX7T7yCCwswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE1MFoX DTI3MDMwMzA2MDY1MFowMzExMC8GA1UEAxMoMUI3QjBGNzlBOEIwOUQ3NTc2REVD OTdDNkFCNDVBQUNFOTVGNEU2QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJSJkI0DesGB547k0S9ycW+IhzGJgkrqdQyZgf92XRTo8jHRXk9qfIygkSI9 QOjD8cfG3xgCugvm3e8ucm43o6gZuUgzXH/1Js4Lv+a56oYXyrMXZ2BS0A1e1vVp DdGDKT8FzSDaQEFZaR//tnOHgh0jcF1okufYuYWWfC4DnxPXUpcV+gtUw3CoBGZm oWe9ledDbA0ANfM4VesuGok3h+PSlWL3Cp53+tIQC5fZaU3R1Zqnx3bRxLebCPbM LMJ55Ta7Nh/5dC8pl0hj9bkpcsJekdo6aUlqmFwPJRDa5REurTaWdrqmsSbV+Q/o WNPM2WfuBCwngYdEXlHCmoRPIwsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQbew95 qLCddXbeyXxqtFqs6V9OajAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzE1MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ofQwDQYJKoZIhvcNAQELBQADggEBAHq5ISOiSYbWzJYZYJ1NMQFVCh7WbB0MFXCI 69eL8n9GziJ3GxKxG1o8D7Hkw1DMZosv8LloceAa1fR9kURkhwGdwG4AuPf1zQaK UpmYK3AJ4WMSvlOM1CchCE+oH/Q5WENSoAoeoKgHvk64DR6BqxBh4lc2XRvTh2eT 2KBqacHzT1meWO4fljsM1VXNYmu+dG+vNx6tErSr0G8nh6zEpUDaMjUcR/UODw7p PI6YMHxxHfYe1Mv2XXE1IItb0ZY+cmCOy2VLa5CAMn4adF7Y8c0x1Y4yQZtni+BB FVkBlFtjb50W++bCBXmbG0Onkq7AJP9wW0NyN64wlPoSjywHaY0= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:15 2026 by rpki-client