$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143156.roa File: AS143156.roa (raw, json) Hash identifier: 4HpF+zFRqcV+BPLp3n5sOorq7xukql+/7OVuqywb9bQ= Subject key identifier: C8:B3:89:14:CC:29:8C:DE:44:92:8A:CF:23:94:FF:A3:F3:53:E9:9E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0F6FE7380ADDD52A268B34441A5D774F50CB2CED Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143156.roa Signing time: Wed 04 Mar 2026 06:07:07 +0000 ROA not before: Wed 04 Mar 2026 06:02:07 +0000 ROA not after: Wed 03 Mar 2027 06:07:07 +0000 asID: 143156 IP address blocks: 240a:a1fa::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:6f:e7:38:0a:dd:d5:2a:26:8b:34:44:1a:5d:77:4f:50:cb:2c:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:07 2026 GMT Not After : Mar 3 06:07:07 2027 GMT Subject: CN=C8B38914CC298CDE44928ACF2394FFA3F353E99E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:de:db:80:e5:54:90:d7:3e:86:48:8b:08:3d: a4:f8:83:0c:f8:72:f3:58:d3:63:b0:e9:20:97:f9: e4:6b:35:31:5a:b3:0d:e9:62:88:ce:71:a8:5f:e4: 77:92:49:be:ad:97:5c:c8:1a:fd:e5:c4:f9:a4:1e: 13:70:b3:8d:69:9a:e5:d8:76:ee:0e:b6:bb:d6:83: 01:21:7a:68:14:cf:0a:ba:65:75:47:09:5b:ab:ac: 11:2b:87:95:4f:8d:2c:6a:b7:2d:37:f2:7b:f4:30: 82:e5:02:41:53:8f:34:03:cb:74:13:a3:5d:e1:52: 73:4a:d9:52:3f:ee:67:8a:72:10:c3:b8:ea:f6:21: 4b:c4:45:f6:34:48:f4:d7:a6:59:e8:f7:58:af:56: 83:4e:17:3f:0b:f0:46:d0:81:24:e7:92:2e:02:1a: dc:37:80:b7:36:f7:6d:71:14:af:ee:6e:48:6d:6c: 32:37:0d:1f:06:95:a3:74:af:a0:31:23:42:b0:c4: 08:ea:66:71:68:cd:cd:43:5d:5b:5c:39:0b:5b:4c: 9a:b6:66:09:fe:38:09:6e:10:16:49:b3:06:31:f1: 12:59:89:23:1f:d1:22:1a:49:b3:6a:c7:2e:f2:5d: fa:12:19:69:7b:bd:b3:69:6a:5a:6e:04:45:f0:aa: d8:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:B3:89:14:CC:29:8C:DE:44:92:8A:CF:23:94:FF:A3:F3:53:E9:9E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143156.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1fa::/32 Signature Algorithm: sha256WithRSAEncryption 0b:0a:d8:e8:ee:90:d6:da:d4:66:02:c2:ce:9d:a1:50:33:d8: 37:59:6d:9a:67:da:3d:b6:aa:3a:5a:3b:f6:9b:be:68:57:4b: 3a:f3:8d:7e:cc:71:99:0c:e4:15:72:8b:c7:a5:eb:a0:6e:9a: ec:af:ae:77:b8:95:0e:7f:d2:b8:43:a0:68:d6:03:3b:a8:72: 74:04:1e:60:5a:e1:c2:35:af:69:a1:aa:ee:a6:42:82:fd:98: 7d:fc:e3:33:bd:76:79:2a:88:8c:12:6c:75:c6:6b:eb:f5:0f: ad:61:a7:7d:3d:2d:25:67:0c:1f:42:4e:c5:bc:2f:0a:79:5f: 29:26:2f:6b:c9:a4:55:d8:94:85:c5:33:d0:d0:a5:9f:33:17: 94:f2:5d:d0:1c:ad:94:b2:22:21:2c:8b:21:47:f7:31:63:a5: a6:3d:13:9b:8b:fa:91:fa:6f:1a:01:1b:5e:cf:1b:6c:bb:5c: 29:47:6a:72:9f:54:20:a0:e4:bd:3b:02:b6:8e:1d:02:f2:4b: f4:99:65:8b:bf:92:bc:ac:51:33:f2:00:ac:cc:89:82:07:36: ea:d2:14:37:b1:00:b3:c3:41:c8:71:2c:2d:68:aa:8e:db:6e: bb:7b:de:3d:0e:37:11:0b:91:ea:a6:3c:f3:9c:2f:4a:89:1a: 9e:e1:62:25 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUD2/nOArd1SomizREGl13T1DLLO0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIwN1oX DTI3MDMwMzA2MDcwN1owMzExMC8GA1UEAxMoQzhCMzg5MTRDQzI5OENERTQ0OTI4 QUNGMjM5NEZGQTNGMzUzRTk5RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANre24DlVJDXPoZIiwg9pPiDDPhy81jTY7DpIJf55Gs1MVqzDeliiM5xqF/k d5JJvq2XXMga/eXE+aQeE3CzjWma5dh27g62u9aDASF6aBTPCrpldUcJW6usESuH lU+NLGq3LTfye/QwguUCQVOPNAPLdBOjXeFSc0rZUj/uZ4pyEMO46vYhS8RF9jRI 9NemWej3WK9Wg04XPwvwRtCBJOeSLgIa3DeAtzb3bXEUr+5uSG1sMjcNHwaVo3Sv oDEjQrDECOpmcWjNzUNdW1w5C1tMmrZmCf44CW4QFkmzBjHxElmJIx/RIhpJs2rH LvJd+hIZaXu9s2lqWm4ERfCq2EMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTIs4kU zCmM3kSSis8jlP+j81PpnjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzE1Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ofowDQYJKoZIhvcNAQELBQADggEBAAsK2OjukNba1GYCws6doVAz2DdZbZpn2j22 qjpaO/abvmhXSzrzjX7McZkM5BVyi8el66Bumuyvrne4lQ5/0rhDoGjWAzuocnQE HmBa4cI1r2mhqu6mQoL9mH384zO9dnkqiIwSbHXGa+v1D61hp309LSVnDB9CTsW8 Lwp5XykmL2vJpFXYlIXFM9DQpZ8zF5TyXdAcrZSyIiEsiyFH9zFjpaY9E5uL+pH6 bxoBG17PG2y7XClHanKfVCCg5L07AraOHQLyS/SZZYu/krysUTPyAKzMiYIHNurS FDexALPDQchxLC1oqo7bbrt73j0ONxELkeqmPPOcL0qJGp7hYiU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:29 2026 by rpki-client