$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143157.roa File: AS143157.roa (raw, json) Hash identifier: TSpR2ivkMHfS/tosPPsGH3TFrMEYoLFlNmPqN0jRbN4= Subject key identifier: B3:13:D6:DE:4E:F7:15:A9:1E:45:64:B7:00:3B:D2:99:77:79:BB:2E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1E54049EA5AEE33A2B736F4D13DB875E1385E817 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143157.roa Signing time: Wed 04 Mar 2026 06:06:04 +0000 ROA not before: Wed 04 Mar 2026 06:01:04 +0000 ROA not after: Wed 03 Mar 2027 06:06:04 +0000 asID: 143157 IP address blocks: 240a:a1fb::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:54:04:9e:a5:ae:e3:3a:2b:73:6f:4d:13:db:87:5e:13:85:e8:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:04 2026 GMT Not After : Mar 3 06:06:04 2027 GMT Subject: CN=B313D6DE4EF715A91E4564B7003BD2997779BB2E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:1a:30:1c:4d:97:5f:b4:e2:23:c4:a9:f0:cc: 28:30:74:e4:d2:9b:99:f3:42:f0:e7:dd:a7:97:3d: 87:c3:56:46:5e:f4:d7:ec:2c:5d:d7:29:30:5f:50: 4a:a2:95:8a:6c:da:fa:c1:ba:b1:a7:d3:e4:38:ac: 73:d8:71:9d:b0:f8:67:bc:5b:10:81:a5:b6:9a:f3: e0:a3:45:4f:5e:57:c2:ba:f2:bc:c0:4e:5f:e5:45: 20:c8:49:55:4a:af:68:92:ec:f2:8b:7c:48:45:45: b0:c0:e7:54:9d:0a:c9:c8:dc:02:24:09:78:f5:a5: 95:1d:3d:76:16:5a:23:02:0d:d9:33:34:59:42:57: 78:79:39:92:47:de:4d:94:3b:70:f7:83:3e:a3:3e: 4b:47:4a:4a:e7:4a:8c:e4:c9:36:18:37:f5:63:1f: cf:0d:a5:51:e6:54:1a:42:1b:0f:c4:27:49:9a:4e: e0:86:53:ce:6b:90:3b:96:55:66:25:e2:10:3a:63: 95:39:1a:3c:b3:90:db:45:d1:e6:ac:c8:da:c4:36: 9f:86:98:f2:f3:27:b4:e9:96:dd:3c:b1:be:af:7a: a3:47:1a:d9:b9:e4:c3:7c:12:05:87:3a:36:df:b2: f1:76:20:a8:95:c4:8a:33:f3:87:54:9c:6c:a4:b2: 52:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:13:D6:DE:4E:F7:15:A9:1E:45:64:B7:00:3B:D2:99:77:79:BB:2E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143157.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1fb::/32 Signature Algorithm: sha256WithRSAEncryption ce:ca:9c:58:23:ff:24:dd:f9:8c:a0:ce:09:7a:11:c4:92:da: 6f:5b:bb:1b:fc:fd:12:c1:7c:5f:65:20:dd:0b:08:d5:40:05: 5e:06:ed:c6:c7:d2:43:e3:44:93:4f:d9:21:14:b0:1a:e8:c0: 98:88:31:5d:af:85:c9:df:fe:6c:31:4d:72:52:a8:6d:34:8b: cf:07:b0:cc:80:eb:74:a3:b4:d6:7c:12:e6:77:74:f5:2a:92: cd:e1:7c:7b:44:f8:f3:a6:3f:5c:66:3f:c1:12:95:f7:85:1e: ea:5f:3a:65:ea:42:6d:fd:d1:ee:66:f9:b8:69:47:38:15:79: 31:29:5f:fb:1b:7b:40:f9:47:fb:0c:eb:aa:4c:db:8e:74:04: d3:2b:fd:37:c8:2c:88:47:51:0d:8a:78:ce:3b:75:c8:67:fd: 62:34:a0:53:35:ef:05:8c:24:22:ed:08:f7:a8:af:0d:a0:8a: 80:c7:6a:e7:b5:e2:63:80:e9:23:57:b3:51:77:df:ee:39:b0: 10:e3:93:17:12:94:fb:26:8d:41:1b:dd:ed:50:3a:e8:a5:e2: e4:80:8f:a5:02:05:f7:f4:6c:a4:97:b6:53:6b:02:a8:d0:03: 43:d8:c6:c6:80:77:70:cb:0f:29:55:6b:1f:07:fd:26:ac:f1: ca:f5:85:72 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUHlQEnqWu4zorc29NE9uHXhOF6BcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEwNFoX DTI3MDMwMzA2MDYwNFowMzExMC8GA1UEAxMoQjMxM0Q2REU0RUY3MTVBOTFFNDU2 NEI3MDAzQkQyOTk3Nzc5QkIyRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALwaMBxNl1+04iPEqfDMKDB05NKbmfNC8Ofdp5c9h8NWRl701+wsXdcpMF9Q SqKVimza+sG6safT5Disc9hxnbD4Z7xbEIGltprz4KNFT15XwrryvMBOX+VFIMhJ VUqvaJLs8ot8SEVFsMDnVJ0KycjcAiQJePWllR09dhZaIwIN2TM0WUJXeHk5kkfe TZQ7cPeDPqM+S0dKSudKjOTJNhg39WMfzw2lUeZUGkIbD8QnSZpO4IZTzmuQO5ZV ZiXiEDpjlTkaPLOQ20XR5qzI2sQ2n4aY8vMntOmW3Tyxvq96o0ca2bnkw3wSBYc6 Nt+y8XYgqJXEijPzh1ScbKSyUi8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSzE9be TvcVqR5FZLcAO9KZd3m7LjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzE1Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ofswDQYJKoZIhvcNAQELBQADggEBAM7KnFgj/yTd+Yygzgl6EcSS2m9buxv8/RLB fF9lIN0LCNVABV4G7cbH0kPjRJNP2SEUsBrowJiIMV2vhcnf/mwxTXJSqG00i88H sMyA63SjtNZ8EuZ3dPUqks3hfHtE+POmP1xmP8ESlfeFHupfOmXqQm390e5m+bhp RzgVeTEpX/sbe0D5R/sM66pM2450BNMr/TfILIhHUQ2KeM47dchn/WI0oFM17wWM JCLtCPeorw2gioDHaue14mOA6SNXs1F33+45sBDjkxcSlPsmjUEb3e1QOuil4uSA j6UCBff0bKSXtlNrAqjQA0PYxsaAd3DLDylVax8H/Sas8cr1hXI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:18 2026 by rpki-client