$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143175.roa File: AS143175.roa (raw, json) Hash identifier: 2+HDOuTaHqOcdYlQZIB6jXm2W8q3z/Lm9pjnaKmP3K0= Subject key identifier: 70:EF:29:E8:E8:76:F0:35:28:A2:D4:A9:CA:A4:DA:BA:28:E1:D8:53 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 51871967DD0055BDBF0CC1C10A41D8A6EA3F6AA0 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143175.roa Signing time: Wed 04 Mar 2026 06:06:30 +0000 ROA not before: Wed 04 Mar 2026 06:01:30 +0000 ROA not after: Wed 03 Mar 2027 06:06:30 +0000 asID: 143175 IP address blocks: 240a:a20d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:87:19:67:dd:00:55:bd:bf:0c:c1:c1:0a:41:d8:a6:ea:3f:6a:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:30 2026 GMT Not After : Mar 3 06:06:30 2027 GMT Subject: CN=70EF29E8E876F03528A2D4A9CAA4DABA28E1D853 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:fc:72:a2:07:c2:fd:0f:11:8d:ed:fb:82:5e: 07:e1:d8:7f:24:a5:d8:93:55:09:fb:25:e1:78:e6: 3c:94:15:5e:5a:06:49:5b:cd:52:fe:f6:65:85:04: e0:4d:4e:30:34:9f:4a:6c:13:99:bc:e5:27:36:15: 22:f7:83:e2:0c:0b:17:ba:cb:3a:fc:39:8b:ce:43: 2b:a5:06:96:9d:b9:34:a3:f3:f0:6f:e3:16:68:4c: f9:a9:fb:1c:e1:64:8f:6b:89:c0:0e:3a:59:7c:f9: e0:3a:67:79:e0:0e:06:0a:65:ce:e6:7f:bc:b9:a4: 58:ca:93:f4:28:c0:2b:71:78:eb:51:50:e6:a9:17: 63:ee:54:9c:b4:f3:f7:46:53:73:69:ee:e3:77:6e: 83:b4:3f:44:79:ce:7b:43:dc:40:a7:a4:59:cf:e3: e3:31:74:7b:67:63:31:34:d9:ec:e8:40:21:60:3b: 40:02:02:75:d9:8f:32:01:63:b5:ee:58:49:c2:8a: 04:10:32:b0:70:a5:80:c7:08:96:09:f1:ea:a9:70: 2f:ab:39:6a:4c:c0:5a:5d:33:44:cc:d4:81:e1:1b: 23:ca:d6:2b:7f:9f:db:6d:57:8e:b8:e7:5c:b3:7f: b5:ac:15:1b:98:d1:d0:a8:d9:8d:c7:4c:7b:44:ec: 81:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:EF:29:E8:E8:76:F0:35:28:A2:D4:A9:CA:A4:DA:BA:28:E1:D8:53 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143175.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a20d::/32 Signature Algorithm: sha256WithRSAEncryption 1b:d6:f2:99:c9:f8:03:0b:dd:1e:1c:0f:3d:3f:44:45:50:f7: a6:ca:14:4a:1d:a6:e5:b5:eb:69:47:f7:fc:57:21:86:81:09: 60:20:e1:e6:b7:f5:59:41:4f:18:65:de:78:7a:4c:a8:49:f3: cf:58:4d:28:25:06:a6:9b:24:12:ea:19:47:31:84:97:92:21: d9:f6:22:2f:f9:db:21:32:bd:9e:f1:f2:41:1d:17:9b:07:01: da:c7:10:ae:0e:e9:ce:81:32:dd:95:23:9c:ac:2a:6d:5b:b5: 27:2a:d6:ff:1d:71:28:e9:bb:da:4e:bf:4e:a3:51:23:a7:98: 9a:6a:96:19:70:ec:ec:46:ec:9c:f7:70:fe:a9:d2:de:2c:c6: 10:7a:56:e0:a0:0b:f3:46:20:fb:fc:1a:6b:04:3a:de:c4:eb: 29:08:69:f0:35:75:83:f3:53:c6:13:d3:fd:fa:da:c7:b3:57: 40:0f:91:b7:fa:8a:fe:57:e8:e4:2c:28:3c:e4:1f:f5:94:79: f8:3a:6c:45:88:75:2d:bf:36:6a:79:0c:20:3a:93:86:c3:44: af:61:65:3f:13:62:20:d9:39:b0:fb:c6:7f:2b:c6:11:9f:16: af:e1:98:ae:ac:1d:1c:60:53:94:94:ee:fa:b4:57:16:e2:7e: db:30:19:a3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUUYcZZ90AVb2/DMHBCkHYpuo/aqAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEzMFoX DTI3MDMwMzA2MDYzMFowMzExMC8GA1UEAxMoNzBFRjI5RThFODc2RjAzNTI4QTJE NEE5Q0FBNERBQkEyOEUxRDg1MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK38cqIHwv0PEY3t+4JeB+HYfySl2JNVCfsl4XjmPJQVXloGSVvNUv72ZYUE 4E1OMDSfSmwTmbzlJzYVIveD4gwLF7rLOvw5i85DK6UGlp25NKPz8G/jFmhM+an7 HOFkj2uJwA46WXz54DpneeAOBgplzuZ/vLmkWMqT9CjAK3F461FQ5qkXY+5UnLTz 90ZTc2nu43dug7Q/RHnOe0PcQKekWc/j4zF0e2djMTTZ7OhAIWA7QAICddmPMgFj te5YScKKBBAysHClgMcIlgnx6qlwL6s5akzAWl0zRMzUgeEbI8rWK3+f221Xjrjn XLN/tawVG5jR0KjZjcdMe0TsgVsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRw7yno 6HbwNSii1KnKpNq6KOHYUzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzE3NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK og0wDQYJKoZIhvcNAQELBQADggEBABvW8pnJ+AML3R4cDz0/REVQ96bKFEodpuW1 62lH9/xXIYaBCWAg4ea39VlBTxhl3nh6TKhJ889YTSglBqabJBLqGUcxhJeSIdn2 Ii/52yEyvZ7x8kEdF5sHAdrHEK4O6c6BMt2VI5ysKm1btScq1v8dcSjpu9pOv06j USOnmJpqlhlw7OxG7Jz3cP6p0t4sxhB6VuCgC/NGIPv8GmsEOt7E6ykIafA1dYPz U8YT0/362sezV0APkbf6iv5X6OQsKDzkH/WUefg6bEWIdS2/Nmp5DCA6k4bDRK9h ZT8TYiDZObD7xn8rxhGfFq/hmK6sHRxgU5SU7vq0VxbiftswGaM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:05 2026 by rpki-client