$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143170.roa File: AS143170.roa (raw, json) Hash identifier: H6Q2YPGkxWKkdSSTCVjEK79xy4o+Z3DvfGdU7TheDF4= Subject key identifier: 29:82:D5:88:34:C0:70:BA:55:12:B9:DA:12:E1:79:9F:B0:9D:03:97 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4DEBDCA95588319DD64D7417C84BF549CD866796 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143170.roa Signing time: Wed 04 Mar 2026 06:06:14 +0000 ROA not before: Wed 04 Mar 2026 06:01:14 +0000 ROA not after: Wed 03 Mar 2027 06:06:14 +0000 asID: 143170 IP address blocks: 240a:a208::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:eb:dc:a9:55:88:31:9d:d6:4d:74:17:c8:4b:f5:49:cd:86:67:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:14 2026 GMT Not After : Mar 3 06:06:14 2027 GMT Subject: CN=2982D58834C070BA5512B9DA12E1799FB09D0397 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:1d:b2:aa:91:99:9e:bd:96:cc:8e:75:d3:a3: eb:d2:c3:a9:2a:a9:8a:a7:c2:2a:f0:44:d3:d5:84: d7:b7:41:0e:eb:de:d6:c2:d2:15:9a:e9:74:2b:4f: 75:76:1f:da:fb:51:58:4f:9f:60:9a:5f:05:cd:fc: 13:ab:d8:e5:bb:29:1e:e0:84:bc:57:50:99:0b:ba: 8d:86:bc:46:d6:5b:3c:d2:fe:9d:40:88:a5:49:5b: 97:8f:f7:7e:24:bf:9b:0b:5f:d1:b0:fe:f0:7b:09: 3d:9d:4f:7c:7d:47:eb:dc:08:f4:2b:3f:c2:3c:fe: ce:a9:64:c6:e9:89:44:df:aa:c8:b8:36:e5:3b:18: de:5a:4e:72:98:1b:a5:2a:08:bb:45:9e:ab:7a:d4: ab:fb:10:b4:b5:eb:a5:e3:77:6b:b9:32:3b:4b:15: 16:01:70:03:3a:5c:7b:d0:3d:32:e4:17:40:e6:ee: df:82:df:91:e3:58:fd:ef:5e:49:9a:c5:69:cf:10: 27:d4:e7:74:78:92:12:4d:56:30:e6:6c:32:65:e7: 36:62:98:30:c0:b2:ec:45:c2:e8:a6:cd:c4:5a:c0: 8a:22:d2:02:9d:45:24:f2:52:ac:1a:4c:ea:bc:37: d6:f9:01:bb:78:f7:2c:59:b6:93:c3:9b:5c:8f:31: 01:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:82:D5:88:34:C0:70:BA:55:12:B9:DA:12:E1:79:9F:B0:9D:03:97 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143170.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a208::/32 Signature Algorithm: sha256WithRSAEncryption 02:2d:b9:08:f2:92:ac:3c:e8:c0:b6:9f:66:34:26:fc:4f:f4: 95:19:ce:c1:a0:fe:e9:42:7f:96:f7:57:53:4d:fc:75:e7:9d: 85:3d:3b:1c:4c:7e:86:d6:93:8a:4c:a1:da:84:be:57:77:77: a3:0c:0c:0c:72:d2:e7:36:a2:ce:7e:73:7b:67:3e:f5:86:42: 4d:9d:1a:95:f4:ea:ee:1b:b7:c0:85:95:39:b6:82:a8:82:cc: 39:30:27:b8:81:49:d2:95:f6:c0:17:88:20:ad:33:50:1d:8b: 41:6f:91:cf:3a:29:1b:f9:84:0a:da:ea:65:92:dd:74:14:5d: 64:c6:bf:38:cc:f8:17:ea:47:f7:8a:c2:2a:55:a2:b8:54:fd: 7d:6b:95:c5:dd:05:68:5b:c8:e7:0e:b9:48:4f:5a:ff:4a:96: 82:98:ca:4c:bc:1d:d3:2c:bd:b6:d2:68:ac:89:51:b4:3e:f2: e2:89:96:84:b0:09:a3:c0:bd:bb:bc:e0:21:c7:db:13:10:89: 7c:63:3c:2d:a1:23:4a:29:8c:ad:d2:72:fa:7d:41:e0:80:76: 34:cc:04:9c:e9:e0:cb:e5:c6:d9:38:7c:10:46:f9:1e:b8:ce: 58:60:cf:c4:66:ca:4b:02:1f:d2:7c:71:a2:13:37:b2:fa:67: 9a:33:c0:53 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTevcqVWIMZ3WTXQXyEv1Sc2GZ5YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDExNFoX DTI3MDMwMzA2MDYxNFowMzExMC8GA1UEAxMoMjk4MkQ1ODgzNEMwNzBCQTU1MTJC OURBMTJFMTc5OUZCMDlEMDM5NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOMdsqqRmZ69lsyOddOj69LDqSqpiqfCKvBE09WE17dBDuve1sLSFZrpdCtP dXYf2vtRWE+fYJpfBc38E6vY5bspHuCEvFdQmQu6jYa8RtZbPNL+nUCIpUlbl4/3 fiS/mwtf0bD+8HsJPZ1PfH1H69wI9Cs/wjz+zqlkxumJRN+qyLg25TsY3lpOcpgb pSoIu0Weq3rUq/sQtLXrpeN3a7kyO0sVFgFwAzpce9A9MuQXQObu34LfkeNY/e9e SZrFac8QJ9TndHiSEk1WMOZsMmXnNmKYMMCy7EXC6KbNxFrAiiLSAp1FJPJSrBpM 6rw31vkBu3j3LFm2k8ObXI8xATMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQpgtWI NMBwulUSudoS4XmfsJ0DlzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzE3MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oggwDQYJKoZIhvcNAQELBQADggEBAAItuQjykqw86MC2n2Y0JvxP9JUZzsGg/ulC f5b3V1NN/HXnnYU9OxxMfobWk4pModqEvld3d6MMDAxy0uc2os5+c3tnPvWGQk2d GpX06u4bt8CFlTm2gqiCzDkwJ7iBSdKV9sAXiCCtM1Adi0Fvkc86KRv5hAra6mWS 3XQUXWTGvzjM+BfqR/eKwipVorhU/X1rlcXdBWhbyOcOuUhPWv9KloKYyky8HdMs vbbSaKyJUbQ+8uKJloSwCaPAvbu84CHH2xMQiXxjPC2hI0opjK3Scvp9QeCAdjTM BJzp4Mvlxtk4fBBG+R64zlhgz8RmyksCH9J8caITN7L6Z5ozwFM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:39 2026 by rpki-client