$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143152.roa File: AS143152.roa (raw, json) Hash identifier: th+DrVuKHu8BIuqY0zvkC6gUHPIvCchJsBPRBg3ZJcw= Subject key identifier: 61:56:F8:03:FB:B0:51:49:86:05:3E:9B:4E:E2:F1:E9:66:A2:B3:5C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3FF00FD08C673B0A50F7502BD01570998DDB1921 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143152.roa Signing time: Wed 04 Mar 2026 06:05:48 +0000 ROA not before: Wed 04 Mar 2026 06:00:48 +0000 ROA not after: Wed 03 Mar 2027 06:05:48 +0000 asID: 143152 IP address blocks: 240a:a1f6::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:f0:0f:d0:8c:67:3b:0a:50:f7:50:2b:d0:15:70:99:8d:db:19:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:48 2026 GMT Not After : Mar 3 06:05:48 2027 GMT Subject: CN=6156F803FBB0514986053E9B4EE2F1E966A2B35C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:7f:e2:9c:5a:41:0a:f8:d6:43:18:a3:d2:f3: 99:6d:a7:07:09:66:b4:28:af:37:a8:28:50:f4:f1: 6f:91:62:7f:78:28:c3:9c:bd:c4:fc:0a:df:d8:16: 4a:db:fe:2f:4b:eb:32:8a:9a:d8:e3:cf:04:91:66: 7d:eb:80:e4:b0:9d:92:8f:ae:4f:6b:d5:5c:d4:ea: 24:e2:e0:1c:c2:78:dc:63:d4:d5:60:a8:f4:25:0c: a8:6d:e3:74:91:d8:f2:04:f9:3c:a6:46:1c:fb:db: 8e:33:81:dc:ed:7c:2c:82:64:8f:1d:20:8e:b9:98: 9a:e1:ff:30:b8:c3:f1:3a:0e:74:4c:ef:e1:9f:2e: d6:c8:d3:44:36:2f:6e:bf:ce:01:ee:2f:98:86:64: 4a:06:d6:6b:8f:95:25:e2:ab:1f:8f:ff:b9:39:3c: 15:83:66:d5:48:5e:95:eb:34:7f:b4:e9:c0:7f:4d: 9d:e0:b5:ce:65:24:c0:af:6f:0a:4c:95:3b:74:d3: 88:8c:32:1b:b0:4a:12:0d:e8:16:1d:36:cd:f4:9d: de:5a:37:2b:6d:63:da:4f:12:29:59:69:96:31:60: f0:d8:6e:ea:b8:ca:de:c3:e4:39:03:08:53:51:82: b1:54:e9:21:ae:ec:ca:61:13:fd:66:89:5f:e5:83: 95:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:56:F8:03:FB:B0:51:49:86:05:3E:9B:4E:E2:F1:E9:66:A2:B3:5C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143152.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1f6::/32 Signature Algorithm: sha256WithRSAEncryption c2:32:78:50:1e:2d:99:8e:f5:e2:f6:40:64:bd:a5:d1:76:2b: e3:41:90:cd:cf:9d:f6:68:4c:92:65:73:91:f5:d7:15:86:7f: ae:bd:57:b3:b5:04:5b:7d:fb:63:55:be:07:55:d3:92:ce:14: e2:67:24:cb:7e:2d:80:14:6b:4e:57:5f:86:ef:91:70:09:20: 96:1c:fd:36:b0:46:fd:b6:c5:12:bb:3f:a5:e5:31:df:64:d9: a8:3c:d9:53:20:59:9c:75:ea:a4:4d:e6:7b:85:77:f1:af:5a: 3d:47:ba:07:75:dd:d4:3f:0c:aa:94:1d:4d:38:81:4c:cc:42: 19:80:18:2e:12:00:cd:8b:8a:28:ee:59:93:a3:f8:50:78:d2: 0a:ab:47:93:a5:8f:ea:35:d9:35:fd:49:97:86:0c:0e:53:19: 0a:7c:46:cd:6e:0a:1e:78:ce:9c:9f:2d:88:47:6d:04:35:7a: 38:9a:fb:04:17:f0:d8:f1:dc:03:0f:1b:65:8b:a9:09:de:65: 30:78:f8:82:25:4d:c3:60:e7:27:07:bc:34:21:12:b5:55:94: 8a:27:07:f1:60:30:23:39:20:f0:03:b4:7f:19:3d:e9:f5:4b: da:95:e0:02:54:c1:43:88:b4:93:1a:f7:8d:c0:ae:7b:ca:da: 3e:70:c2:c4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUP/AP0IxnOwpQ91Ar0BVwmY3bGSEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA0OFoX DTI3MDMwMzA2MDU0OFowMzExMC8GA1UEAxMoNjE1NkY4MDNGQkIwNTE0OTg2MDUz RTlCNEVFMkYxRTk2NkEyQjM1QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANh/4pxaQQr41kMYo9LzmW2nBwlmtCivN6goUPTxb5Fif3gow5y9xPwK39gW Stv+L0vrMoqa2OPPBJFmfeuA5LCdko+uT2vVXNTqJOLgHMJ43GPU1WCo9CUMqG3j dJHY8gT5PKZGHPvbjjOB3O18LIJkjx0gjrmYmuH/MLjD8ToOdEzv4Z8u1sjTRDYv br/OAe4vmIZkSgbWa4+VJeKrH4//uTk8FYNm1Uheles0f7TpwH9NneC1zmUkwK9v CkyVO3TTiIwyG7BKEg3oFh02zfSd3lo3K21j2k8SKVlpljFg8Nhu6rjK3sPkOQMI U1GCsVTpIa7symET/WaJX+WDlbUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRhVvgD +7BRSYYFPptO4vHpZqKzXDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzE1Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ofYwDQYJKoZIhvcNAQELBQADggEBAMIyeFAeLZmO9eL2QGS9pdF2K+NBkM3PnfZo TJJlc5H11xWGf669V7O1BFt9+2NVvgdV05LOFOJnJMt+LYAUa05XX4bvkXAJIJYc /TawRv22xRK7P6XlMd9k2ag82VMgWZx16qRN5nuFd/GvWj1Hugd13dQ/DKqUHU04 gUzMQhmAGC4SAM2LiijuWZOj+FB40gqrR5Olj+o12TX9SZeGDA5TGQp8Rs1uCh54 zpyfLYhHbQQ1ejia+wQX8Njx3AMPG2WLqQneZTB4+IIlTcNg5ycHvDQhErVVlIon B/FgMCM5IPADtH8ZPen1S9qV4AJUwUOItJMa943ArnvK2j5wwsQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:01 2026 by rpki-client