$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143159.roa File: AS143159.roa (raw, json) Hash identifier: 9iJQ67duVCVpMWA12B0soqxDTYxsenSNHs8dYACJ+uQ= Subject key identifier: 2E:F2:AF:F9:AD:0E:85:1E:E1:B1:E1:A3:E2:58:CD:25:AD:69:13:63 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 58F4C07C56AA6010D2D59C86AE454695D6F85C96 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143159.roa Signing time: Wed 04 Mar 2026 06:05:27 +0000 ROA not before: Wed 04 Mar 2026 06:00:27 +0000 ROA not after: Wed 03 Mar 2027 06:05:27 +0000 asID: 143159 IP address blocks: 240a:a1fd::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:f4:c0:7c:56:aa:60:10:d2:d5:9c:86:ae:45:46:95:d6:f8:5c:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:27 2026 GMT Not After : Mar 3 06:05:27 2027 GMT Subject: CN=2EF2AFF9AD0E851EE1B1E1A3E258CD25AD691363 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:82:86:81:47:c4:fc:5f:53:59:94:5e:5a:ed: 7b:d8:11:81:e9:0e:bd:d7:f6:f7:4b:a2:ea:08:63: a8:20:05:7a:d3:f3:46:a7:4e:fd:c1:ed:12:22:df: 69:52:6b:2c:a3:8a:74:20:e1:bf:13:f2:0c:3a:a5: bb:1e:02:21:77:f7:66:1e:80:f3:53:ae:1e:7b:41: 38:60:b4:a5:e1:e2:3e:92:d1:96:f0:d7:f2:2c:b6: 4d:91:c9:ff:09:dd:d9:f4:58:fe:f5:0d:9b:81:0d: 73:67:9b:ee:7c:97:e4:2f:a8:51:d8:94:31:76:97: 80:b9:b8:f4:cc:43:97:16:68:a0:51:07:69:cf:fa: 7d:d7:f3:2f:62:56:81:0c:b2:b0:79:d0:a1:5f:a6: df:f3:79:70:79:da:5c:d7:38:7d:c4:b2:3e:31:46: 3f:b5:e2:43:70:8c:0b:76:b8:9e:28:f7:1c:91:6f: b6:06:23:3e:17:44:34:ff:57:a8:c6:4f:03:4d:7a: 99:ab:d4:eb:8a:c8:ed:cb:79:cf:f1:a7:4c:60:d5: 92:03:7b:76:33:ab:75:86:9b:ad:41:64:34:eb:73: 6a:36:c2:42:91:6e:3a:62:57:ab:14:2b:09:a9:be: 26:57:30:4d:25:f4:a5:75:59:a9:ba:56:c8:a1:89: 1c:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:F2:AF:F9:AD:0E:85:1E:E1:B1:E1:A3:E2:58:CD:25:AD:69:13:63 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143159.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1fd::/32 Signature Algorithm: sha256WithRSAEncryption 2b:b6:b5:93:5c:71:48:af:a2:57:3c:63:66:a2:ba:22:0c:51: 32:ae:f1:8c:a1:8e:fc:d4:1e:82:e1:bb:84:69:bb:87:df:0b: 01:33:ee:1b:85:9a:89:72:76:88:a2:59:e7:32:9f:1f:85:20: 11:3d:51:2d:34:41:29:3e:db:c7:4a:c6:34:1c:a5:51:30:fb: 46:ab:99:98:e3:fc:82:56:07:71:ac:29:86:bd:97:9d:e4:3e: 59:fe:66:3c:3e:3f:3f:60:53:7c:60:43:86:59:07:a2:44:8a: 3b:d6:ef:12:cf:d0:a6:d3:1c:86:51:d5:8a:6b:0b:c3:15:47: 68:b8:a9:e2:1e:77:f8:bd:5c:52:cb:06:97:82:f9:81:3a:d4: fd:bc:f0:a2:c6:4d:aa:e9:93:05:c1:03:a1:5d:fa:9d:5d:4e: be:ac:31:b4:26:b7:8c:5c:98:fb:d3:8b:b0:77:b8:b4:89:9f: 91:d4:3b:91:0b:9f:fc:34:2f:ff:1d:19:45:b8:79:d7:cb:28: 53:0a:78:76:54:23:0a:e6:0e:78:83:9e:f4:22:a6:1b:f7:f1: 7f:42:71:41:ac:c0:5d:a5:f6:1b:52:82:24:5e:a8:db:cb:5b: 35:2d:b2:a1:d7:4a:3f:8c:1a:1c:d2:f3:38:81:eb:3e:f1:bf: dc:95:b7:b0 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWPTAfFaqYBDS1ZyGrkVGldb4XJYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAyN1oX DTI3MDMwMzA2MDUyN1owMzExMC8GA1UEAxMoMkVGMkFGRjlBRDBFODUxRUUxQjFF MUEzRTI1OENEMjVBRDY5MTM2MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMSChoFHxPxfU1mUXlrte9gRgekOvdf290ui6ghjqCAFetPzRqdO/cHtEiLf aVJrLKOKdCDhvxPyDDqlux4CIXf3Zh6A81OuHntBOGC0peHiPpLRlvDX8iy2TZHJ /wnd2fRY/vUNm4ENc2eb7nyX5C+oUdiUMXaXgLm49MxDlxZooFEHac/6fdfzL2JW gQyysHnQoV+m3/N5cHnaXNc4fcSyPjFGP7XiQ3CMC3a4nij3HJFvtgYjPhdENP9X qMZPA016mavU64rI7ct5z/GnTGDVkgN7djOrdYabrUFkNOtzajbCQpFuOmJXqxQr Cam+JlcwTSX0pXVZqbpWyKGJHD0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQu8q/5 rQ6FHuGx4aPiWM0lrWkTYzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzE1OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK of0wDQYJKoZIhvcNAQELBQADggEBACu2tZNccUivolc8Y2aiuiIMUTKu8YyhjvzU HoLhu4Rpu4ffCwEz7huFmolydoiiWecynx+FIBE9US00QSk+28dKxjQcpVEw+0ar mZjj/IJWB3GsKYa9l53kPln+Zjw+Pz9gU3xgQ4ZZB6JEijvW7xLP0KbTHIZR1Ypr C8MVR2i4qeIed/i9XFLLBpeC+YE61P288KLGTarpkwXBA6Fd+p1dTr6sMbQmt4xc mPvTi7B3uLSJn5HUO5ELn/w0L/8dGUW4edfLKFMKeHZUIwrmDniDnvQiphv38X9C cUGswF2l9htSgiReqNvLWzUtsqHXSj+MGhzS8ziB6z7xv9yVt7A= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:34 2026 by rpki-client