$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143190.roa File: AS143190.roa (raw, json) Hash identifier: rKWpcIvNPY0opp9CIBuB104XkE2iQHbI1cCEgSmekUM= Subject key identifier: 65:CC:27:DD:5C:99:D3:DD:DD:5E:5E:DD:A9:0F:8B:DA:65:6F:60:33 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5BD386D0259462AD9EA8EB690B43D3B1DC555B38 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143190.roa Signing time: Wed 04 Mar 2026 06:05:44 +0000 ROA not before: Wed 04 Mar 2026 06:00:44 +0000 ROA not after: Wed 03 Mar 2027 06:05:44 +0000 asID: 143190 IP address blocks: 240a:a21c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:d3:86:d0:25:94:62:ad:9e:a8:eb:69:0b:43:d3:b1:dc:55:5b:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:44 2026 GMT Not After : Mar 3 06:05:44 2027 GMT Subject: CN=65CC27DD5C99D3DDDD5E5EDDA90F8BDA656F6033 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:13:8e:08:fa:55:90:03:ec:b6:2c:40:f8:26: 99:c0:0e:8a:1e:b1:46:f9:c5:67:72:d5:6a:90:1e: f2:b4:34:9e:88:8e:05:ff:e9:21:8f:b6:5e:7a:cd: fc:9f:e4:cc:a3:8f:1b:c6:75:b1:29:c0:5a:56:f8: d0:d6:ac:78:f4:88:f6:b4:b1:cb:b0:22:0c:cb:63: 26:22:84:d1:1e:b4:ae:2c:b1:79:4e:67:e7:3a:37: 56:77:b0:c1:70:62:b2:e0:e6:ab:c0:23:29:bb:c4: 65:a3:46:60:d2:d5:e5:e9:2f:bb:7d:fb:e1:cf:11: 6d:6a:f8:59:b8:a5:e4:59:eb:b6:5d:28:8c:f9:e6: b4:6f:0b:79:69:a5:3d:e8:21:df:78:77:42:54:e4: ae:87:49:37:73:86:b5:40:b4:6a:0f:ec:8e:55:b1: 04:dc:d7:3e:7f:4e:9f:36:f5:39:75:7b:d4:f0:2d: e8:18:fd:94:e4:1d:81:dc:a7:fb:40:28:42:67:f5: d8:11:eb:de:c8:18:6c:a3:f7:41:7f:88:99:0a:3d: 81:3f:bf:1c:24:f1:fc:69:77:47:9d:d3:b8:7c:cd: fc:64:73:c9:e7:7a:c8:a2:82:bf:ec:a0:c8:e9:3c: d0:a7:9a:86:75:e8:6a:c0:f5:cd:8c:ab:c8:d2:a8: 7a:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:CC:27:DD:5C:99:D3:DD:DD:5E:5E:DD:A9:0F:8B:DA:65:6F:60:33 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143190.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a21c::/32 Signature Algorithm: sha256WithRSAEncryption b2:08:78:36:ae:c6:44:1e:5f:2b:0a:b5:e2:19:bb:aa:04:5c: 19:dd:86:6d:63:09:16:b1:76:ba:11:72:94:18:bc:0d:35:54: b1:5f:23:37:f9:40:20:2b:20:ee:10:d1:cd:19:44:12:3d:cc: d9:37:49:9e:20:7f:8e:4e:cc:50:c5:b2:59:e4:cd:7e:de:97: 6c:19:0e:99:05:1b:46:c1:12:ed:82:72:1d:88:b2:90:b9:d9: c4:3b:30:3f:b5:d5:8a:0c:c5:59:db:63:cd:e1:87:c5:a4:76: 9e:62:40:ed:4f:56:99:5b:99:5e:98:aa:79:84:91:63:bc:03: 26:6c:b6:43:6a:c9:0e:1a:ee:ac:47:71:64:62:88:fe:b9:52: 3f:4f:82:96:ee:8f:fb:9f:75:cc:f1:2b:12:ce:be:73:b2:a6: 8a:28:07:07:96:4e:d6:71:83:14:bb:0d:83:34:67:12:1d:71: 9f:b6:ea:56:b7:cd:b2:f8:c4:fd:aa:d2:72:50:9a:8f:25:d9: 67:b7:b7:3e:c2:46:18:3c:68:df:5c:fc:4c:98:b0:65:ef:9a: bc:e8:73:44:c0:c9:48:27:99:b8:3c:d0:5b:cb:ae:1d:ea:6c: 3c:19:16:03:22:e6:8f:39:f9:42:73:16:41:a1:b7:ab:c1:68: 79:64:d1:98 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUW9OG0CWUYq2eqOtpC0PTsdxVWzgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA0NFoX DTI3MDMwMzA2MDU0NFowMzExMC8GA1UEAxMoNjVDQzI3REQ1Qzk5RDNERERENUU1 RUREQTkwRjhCREE2NTZGNjAzMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMsTjgj6VZAD7LYsQPgmmcAOih6xRvnFZ3LVapAe8rQ0noiOBf/pIY+2XnrN /J/kzKOPG8Z1sSnAWlb40NasePSI9rSxy7AiDMtjJiKE0R60riyxeU5n5zo3Vnew wXBisuDmq8AjKbvEZaNGYNLV5ekvu3374c8RbWr4Wbil5Fnrtl0ojPnmtG8LeWml Pegh33h3QlTkrodJN3OGtUC0ag/sjlWxBNzXPn9Onzb1OXV71PAt6Bj9lOQdgdyn +0AoQmf12BHr3sgYbKP3QX+ImQo9gT+/HCTx/Gl3R53TuHzN/GRzyed6yKKCv+yg yOk80KeahnXoasD1zYyryNKoem8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRlzCfd XJnT3d1eXt2pD4vaZW9gMzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzE5MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ohwwDQYJKoZIhvcNAQELBQADggEBALIIeDauxkQeXysKteIZu6oEXBndhm1jCRax droRcpQYvA01VLFfIzf5QCArIO4Q0c0ZRBI9zNk3SZ4gf45OzFDFslnkzX7el2wZ DpkFG0bBEu2Cch2IspC52cQ7MD+11YoMxVnbY83hh8Wkdp5iQO1PVplbmV6YqnmE kWO8AyZstkNqyQ4a7qxHcWRiiP65Uj9Pgpbuj/ufdczxKxLOvnOypoooBweWTtZx gxS7DYM0ZxIdcZ+26la3zbL4xP2q0nJQmo8l2We3tz7CRhg8aN9c/EyYsGXvmrzo c0TAyUgnmbg80FvLrh3qbDwZFgMi5o85+UJzFkGht6vBaHlk0Zg= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:40 2026 by rpki-client