$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143153.roa File: AS143153.roa (raw, json) Hash identifier: hprrZ3aY4mT2Avp9eMWOWGWKsZsBp8JMQQihnO8kBgo= Subject key identifier: 56:AA:00:3C:04:E6:6D:03:67:E4:D3:04:25:57:DE:70:02:E2:BF:D2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7941A61AA18BAE4C1E7E9F4BFFF0B0CCA4994D9F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143153.roa Signing time: Wed 04 Mar 2026 06:07:41 +0000 ROA not before: Wed 04 Mar 2026 06:02:41 +0000 ROA not after: Wed 03 Mar 2027 06:07:41 +0000 asID: 143153 IP address blocks: 240a:a1f7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:41:a6:1a:a1:8b:ae:4c:1e:7e:9f:4b:ff:f0:b0:cc:a4:99:4d:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:41 2026 GMT Not After : Mar 3 06:07:41 2027 GMT Subject: CN=56AA003C04E66D0367E4D3042557DE7002E2BFD2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:4f:a6:af:5c:01:af:6c:7b:ee:ef:2c:40:4d: 1d:d0:d3:a3:c7:fc:35:48:84:ec:9e:83:21:d8:aa: 57:43:23:e6:15:e6:d9:7f:4d:da:ea:87:21:94:4d: a7:24:69:b9:0c:89:90:bb:67:a6:49:4f:e8:4b:e8: 69:36:27:19:7a:08:9f:b1:bb:17:cf:64:c5:0b:5d: 19:76:74:e8:9a:45:f6:7d:70:bd:dc:af:d3:4b:39: 9f:31:57:68:7f:06:67:8e:bb:42:bc:eb:ed:8b:68: f9:0e:6a:de:1f:3a:fa:0f:21:7c:aa:14:84:84:b6: 5e:a2:5c:ce:c5:1f:00:fd:1c:9c:1c:c6:27:83:46: 6c:b4:9b:7e:44:ca:32:2d:41:e6:ca:11:bb:76:de: e9:89:a1:02:a5:28:55:4e:3f:c7:61:f3:29:c1:2d: c0:fd:46:92:d7:43:2c:1a:26:8e:9e:81:20:30:c1: 32:c9:74:aa:92:48:e3:87:3a:aa:9a:e5:ee:ce:58: 22:4c:a8:6c:60:f7:19:18:9c:1f:9c:5d:96:77:30: 73:72:32:7b:69:65:cb:d8:99:54:f3:54:02:60:0a: f7:fa:cb:89:c7:f5:58:69:9c:60:36:63:d0:cc:e8: 88:50:bd:0d:2b:c8:a9:93:99:21:a1:52:cd:28:f1: c2:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:AA:00:3C:04:E6:6D:03:67:E4:D3:04:25:57:DE:70:02:E2:BF:D2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143153.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1f7::/32 Signature Algorithm: sha256WithRSAEncryption b7:94:49:cf:8e:b6:d6:25:d4:29:1e:a5:01:35:c5:2f:f7:e5: 1f:ee:06:62:94:41:88:1b:ff:2b:86:b3:08:42:86:25:07:46: 7d:a7:48:c5:07:18:a7:9c:05:00:d5:c4:67:8b:a2:b7:6b:4b: 81:92:34:4f:37:22:08:c1:95:22:ae:c9:1f:7d:89:7a:cb:8a: 64:73:dc:f6:e6:28:45:07:14:08:4e:8a:9f:eb:eb:fa:fd:bb: ec:38:99:9e:06:fb:e6:43:ff:0b:50:fa:f1:3a:1c:c7:9e:5d: 7e:67:f3:5a:9d:ad:af:8d:87:e8:11:6d:7d:51:1d:5c:2f:34: 98:0f:99:cc:e1:5c:ad:a4:9b:7c:c5:97:a5:3d:29:69:16:17: 6f:05:9b:fc:7c:8b:08:1f:5b:ae:b7:94:da:42:f0:87:e3:2f: f5:a6:b5:e3:f2:40:1e:9b:23:66:e8:73:77:af:b8:9d:b7:b3: ff:46:8b:b7:66:49:ca:93:91:48:9d:81:03:d0:ed:4f:0d:3c: 01:ab:1a:25:12:05:f7:48:35:cb:e4:6b:15:26:41:19:a9:3e: 65:85:87:4e:af:57:c0:ee:89:da:a1:0f:ca:1a:5d:d7:81:20: 3b:4e:bc:94:ac:b3:b3:56:36:19:fd:df:70:46:d9:75:60:67: 24:f7:33:90 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUeUGmGqGLrkwefp9L//CwzKSZTZ8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI0MVoX DTI3MDMwMzA2MDc0MVowMzExMC8GA1UEAxMoNTZBQTAwM0MwNEU2NkQwMzY3RTRE MzA0MjU1N0RFNzAwMkUyQkZEMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM1Ppq9cAa9se+7vLEBNHdDTo8f8NUiE7J6DIdiqV0Mj5hXm2X9N2uqHIZRN pyRpuQyJkLtnpklP6EvoaTYnGXoIn7G7F89kxQtdGXZ06JpF9n1wvdyv00s5nzFX aH8GZ467Qrzr7Yto+Q5q3h86+g8hfKoUhIS2XqJczsUfAP0cnBzGJ4NGbLSbfkTK Mi1B5soRu3be6YmhAqUoVU4/x2HzKcEtwP1GktdDLBomjp6BIDDBMsl0qpJI44c6 qprl7s5YIkyobGD3GRicH5xdlncwc3Iye2lly9iZVPNUAmAK9/rLicf1WGmcYDZj 0MzoiFC9DSvIqZOZIaFSzSjxwsECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRWqgA8 BOZtA2fk0wQlV95wAuK/0jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzE1My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ofcwDQYJKoZIhvcNAQELBQADggEBALeUSc+OttYl1CkepQE1xS/35R/uBmKUQYgb /yuGswhChiUHRn2nSMUHGKecBQDVxGeLordrS4GSNE83IgjBlSKuyR99iXrLimRz 3PbmKEUHFAhOip/r6/r9u+w4mZ4G++ZD/wtQ+vE6HMeeXX5n81qdra+Nh+gRbX1R HVwvNJgPmczhXK2km3zFl6U9KWkWF28Fm/x8iwgfW663lNpC8IfjL/WmtePyQB6b I2boc3evuJ23s/9Gi7dmScqTkUidgQPQ7U8NPAGrGiUSBfdINcvkaxUmQRmpPmWF h06vV8DuidqhD8oaXdeBIDtOvJSss7NWNhn933BG2XVgZyT3M5A= -----END CERTIFICATE-----Generated at Sat Mar 28 14:26:41 2026 by rpki-client