$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143189.roa File: AS143189.roa (raw, json) Hash identifier: y3xqFxwZ5EAwS2QQWV/wDf4OwntGpkpUJv2GhptQ2oU= Subject key identifier: 2F:52:03:2D:1F:49:5F:15:30:7C:D1:4B:E0:FB:28:D0:88:F3:37:3B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 73BCCD76032E3E5866731DFE90A57A01436D65D9 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143189.roa Signing time: Wed 04 Mar 2026 06:05:11 +0000 ROA not before: Wed 04 Mar 2026 06:00:11 +0000 ROA not after: Wed 03 Mar 2027 06:05:11 +0000 asID: 143189 IP address blocks: 240a:a21b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:bc:cd:76:03:2e:3e:58:66:73:1d:fe:90:a5:7a:01:43:6d:65:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:11 2026 GMT Not After : Mar 3 06:05:11 2027 GMT Subject: CN=2F52032D1F495F15307CD14BE0FB28D088F3373B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:b4:76:cd:25:63:17:a0:9d:47:a1:24:43:20: ac:44:d3:25:4e:41:ce:b1:83:c9:a0:ba:79:10:3e: 4b:72:cf:d3:15:e7:e6:aa:85:c2:47:5a:f4:7c:d3: 02:86:20:25:ce:fa:73:c9:d9:79:2c:46:ca:63:b5: 42:d1:75:66:54:cc:0b:ba:a8:53:74:36:52:67:bb: 96:fd:99:63:85:98:ed:4c:2b:ca:bb:12:a8:e4:43: c7:99:e6:17:a2:3e:1e:b9:39:57:dd:3d:32:cb:a2: 97:08:5d:a7:df:0d:c3:ba:8f:b2:29:9d:49:aa:07: bf:fc:e0:ec:d5:5c:7c:d8:6c:ad:0e:5d:de:73:7d: 0f:0b:f9:f4:4b:bb:b8:76:d5:8b:fb:21:7b:f7:93: 68:86:80:9c:f3:66:b3:1c:3b:5c:13:d1:20:c8:90: 89:1b:34:8c:f0:6a:24:89:f7:0d:ee:09:94:72:e9: 50:6e:6a:df:4a:a8:77:5b:07:6a:04:f5:19:87:75: ac:f9:73:1f:6a:42:26:06:d6:79:ac:7c:69:6b:18: b2:8d:e7:62:f4:83:94:71:f0:a6:45:a8:35:84:fa: 54:a8:9c:2b:0c:20:8f:21:eb:b0:d3:1b:49:61:32: af:24:e4:12:05:2b:aa:0c:3f:6b:a6:ff:49:eb:fe: bf:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:52:03:2D:1F:49:5F:15:30:7C:D1:4B:E0:FB:28:D0:88:F3:37:3B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143189.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a21b::/32 Signature Algorithm: sha256WithRSAEncryption db:2e:b3:75:ad:c5:0a:15:de:33:0e:c7:3e:37:68:ba:6f:08: 5b:1c:2d:5a:84:25:d9:5e:a8:4e:39:7d:44:90:5e:90:87:60: 45:49:33:9e:7e:e5:93:27:78:f3:72:11:b8:e4:52:62:03:50: 66:e3:f6:e8:6b:f4:61:9b:e0:55:cd:cd:a7:1f:e6:74:a5:05: 41:f8:e9:b9:9c:8e:09:92:0c:84:f7:3c:d3:f1:9d:da:e5:44: 45:21:37:08:ff:f8:0e:d0:53:44:37:f1:2f:c8:f8:1e:7a:29: ce:49:1d:b8:2c:63:ad:78:c4:bd:5c:d8:0f:8a:88:b6:51:08: 39:06:00:e9:85:47:75:33:85:4f:89:7c:5f:ae:4a:f2:64:c2: 1e:08:bd:be:dd:e7:0b:a7:75:48:e0:c3:41:1a:da:50:c6:bf: b4:5d:ce:aa:8f:8d:e2:c1:10:31:b9:e1:c2:7b:a6:65:e2:1a: fa:41:a7:31:2e:65:a9:d9:e7:80:81:5c:a8:27:e3:51:e1:c2: 29:4c:fb:b8:3b:9e:75:c6:1a:8e:b5:db:99:a2:32:07:76:3b: 03:a7:40:94:a8:7a:d1:92:8b:cf:60:f5:a6:68:d8:98:e8:e5: 8c:6e:87:c8:ba:ad:69:5f:87:b9:93:c5:0a:51:e8:c1:4b:15: 77:9c:e0:73 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUc7zNdgMuPlhmcx3+kKV6AUNtZdkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAxMVoX DTI3MDMwMzA2MDUxMVowMzExMC8GA1UEAxMoMkY1MjAzMkQxRjQ5NUYxNTMwN0NE MTRCRTBGQjI4RDA4OEYzMzczQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKS0ds0lYxegnUehJEMgrETTJU5BzrGDyaC6eRA+S3LP0xXn5qqFwkda9HzT AoYgJc76c8nZeSxGymO1QtF1ZlTMC7qoU3Q2Ume7lv2ZY4WY7UwryrsSqORDx5nm F6I+Hrk5V909Msuilwhdp98Nw7qPsimdSaoHv/zg7NVcfNhsrQ5d3nN9Dwv59Eu7 uHbVi/she/eTaIaAnPNmsxw7XBPRIMiQiRs0jPBqJIn3De4JlHLpUG5q30qod1sH agT1GYd1rPlzH2pCJgbWeax8aWsYso3nYvSDlHHwpkWoNYT6VKicKwwgjyHrsNMb SWEyryTkEgUrqgw/a6b/Sev+vzsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQvUgMt H0lfFTB80Uvg+yjQiPM3OzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzE4OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ohswDQYJKoZIhvcNAQELBQADggEBANsus3WtxQoV3jMOxz43aLpvCFscLVqEJdle qE45fUSQXpCHYEVJM55+5ZMnePNyEbjkUmIDUGbj9uhr9GGb4FXNzacf5nSlBUH4 6bmcjgmSDIT3PNPxndrlREUhNwj/+A7QU0Q38S/I+B56Kc5JHbgsY614xL1c2A+K iLZRCDkGAOmFR3UzhU+JfF+uSvJkwh4Ivb7d5wundUjgw0Ea2lDGv7RdzqqPjeLB EDG54cJ7pmXiGvpBpzEuZanZ54CBXKgn41HhwilM+7g7nnXGGo6125miMgd2OwOn QJSoetGSi89g9aZo2Jjo5Yxuh8i6rWlfh7mTxQpR6MFLFXec4HM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:06 2026 by rpki-client