$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143194.roa File: AS143194.roa (raw, json) Hash identifier: Wdr6OkXDRkthk4q7o0kqb8lytFI3emwyi19xNAxNtCI= Subject key identifier: 04:F7:7C:A3:67:2D:0A:02:9C:DC:9A:67:04:DD:E9:AA:83:4E:74:D1 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6A301789FCA0789C274CB053E83BABA8D927FCCA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143194.roa Signing time: Wed 04 Mar 2026 06:07:37 +0000 ROA not before: Wed 04 Mar 2026 06:02:37 +0000 ROA not after: Wed 03 Mar 2027 06:07:37 +0000 asID: 143194 IP address blocks: 240a:a220::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:30:17:89:fc:a0:78:9c:27:4c:b0:53:e8:3b:ab:a8:d9:27:fc:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:37 2026 GMT Not After : Mar 3 06:07:37 2027 GMT Subject: CN=04F77CA3672D0A029CDC9A6704DDE9AA834E74D1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:34:e7:9f:93:ad:c5:12:f9:fb:dc:e7:b6:35: d1:9c:7e:4b:e1:03:27:54:73:86:00:12:e6:ab:c8: 34:91:9f:e4:ff:9f:c5:b7:6c:22:4e:ec:0a:fc:34: 08:e2:a8:54:94:66:85:21:ee:21:2e:fd:37:93:b5: be:e5:75:97:4f:dd:10:09:da:84:9f:c4:f8:fc:37: 0e:f1:18:b0:e3:50:95:6e:14:41:be:bc:c5:c0:24: 2f:a0:c7:27:30:f0:d5:90:97:ad:36:f8:4e:fa:25: 7d:14:6f:5f:30:a2:b5:61:c9:4c:fe:05:17:2f:79: 91:4e:69:36:0e:55:6b:72:b6:61:17:8f:5b:9e:ea: 8c:8f:39:de:2e:be:3d:2b:d0:b9:4c:a5:0b:ae:9c: 8f:df:2b:07:69:68:8c:6c:0b:12:a3:97:64:a6:ac: d9:56:14:b7:1c:6a:bb:73:23:ef:ae:7f:59:c2:38: b1:9c:80:45:e8:38:95:81:58:13:29:d8:f5:12:14: 63:8d:dd:36:b5:19:a1:de:ea:22:cc:10:a0:40:07: b0:56:54:10:47:23:28:6f:50:dc:e3:39:50:24:d0: b6:c6:72:ec:be:91:8e:5c:2d:72:a1:00:5a:28:4c: 78:d3:ab:2b:a9:8a:46:af:ee:d8:7f:ce:0a:42:21: 08:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:F7:7C:A3:67:2D:0A:02:9C:DC:9A:67:04:DD:E9:AA:83:4E:74:D1 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143194.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a220::/32 Signature Algorithm: sha256WithRSAEncryption 16:cc:33:11:b1:99:53:a6:14:8f:05:bd:6a:94:41:65:81:8f: 90:2e:9e:9a:be:db:a5:0a:5e:f6:25:4f:0c:5b:ca:1e:58:02: 96:8a:de:a3:3c:59:48:36:2b:35:6e:49:44:19:43:26:41:5d: 8f:4b:82:5c:11:ed:07:68:e9:78:f6:0b:45:ef:61:80:4a:8c: a6:79:7e:dd:b0:33:52:8d:fc:3b:a7:b7:14:b7:78:b4:1c:da: 4f:3e:d4:d0:f5:67:77:c5:6f:70:9c:60:5d:cc:cd:cd:a3:a5: dc:3d:6f:2c:14:3c:06:05:aa:c6:ce:22:f5:2a:67:75:f9:c6: af:5c:2f:96:b2:c7:07:39:33:85:7c:e1:0f:7b:1b:a2:3f:fb: 37:69:f7:7c:6e:40:7d:67:43:5a:ee:5c:f3:42:ec:93:16:4a: 4b:ab:f0:68:49:39:6f:c2:aa:e7:57:14:71:d1:a1:4d:35:7c: 59:da:cf:e9:fa:09:2c:71:15:b1:13:05:72:83:1b:48:91:87: f7:c9:b8:8c:dc:e0:8c:90:ab:fd:5e:03:d4:20:a7:6f:d9:ac: b5:c8:d8:6b:9e:22:11:2a:e4:89:b3:a9:fb:07:eb:57:b3:6e: 29:a4:66:bf:ce:d6:b3:7b:df:c2:1f:85:2b:30:de:0a:0a:4d: 71:8a:be:b7 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUajAXifygeJwnTLBT6DurqNkn/MowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIzN1oX DTI3MDMwMzA2MDczN1owMzExMC8GA1UEAxMoMDRGNzdDQTM2NzJEMEEwMjlDREM5 QTY3MDREREU5QUE4MzRFNzREMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMU055+TrcUS+fvc57Y10Zx+S+EDJ1RzhgAS5qvINJGf5P+fxbdsIk7sCvw0 COKoVJRmhSHuIS79N5O1vuV1l0/dEAnahJ/E+Pw3DvEYsONQlW4UQb68xcAkL6DH JzDw1ZCXrTb4TvolfRRvXzCitWHJTP4FFy95kU5pNg5Va3K2YRePW57qjI853i6+ PSvQuUylC66cj98rB2lojGwLEqOXZKas2VYUtxxqu3Mj765/WcI4sZyAReg4lYFY EynY9RIUY43dNrUZod7qIswQoEAHsFZUEEcjKG9Q3OM5UCTQtsZy7L6RjlwtcqEA WihMeNOrK6mKRq/u2H/OCkIhCPkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQE93yj Zy0KApzcmmcE3emqg0500TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzE5NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oiAwDQYJKoZIhvcNAQELBQADggEBABbMMxGxmVOmFI8FvWqUQWWBj5Aunpq+26UK XvYlTwxbyh5YApaK3qM8WUg2KzVuSUQZQyZBXY9LglwR7Qdo6Xj2C0XvYYBKjKZ5 ft2wM1KN/DuntxS3eLQc2k8+1ND1Z3fFb3CcYF3Mzc2jpdw9bywUPAYFqsbOIvUq Z3X5xq9cL5ayxwc5M4V84Q97G6I/+zdp93xuQH1nQ1ruXPNC7JMWSkur8GhJOW/C qudXFHHRoU01fFnaz+n6CSxxFbETBXKDG0iRh/fJuIzc4IyQq/1eA9Qgp2/ZrLXI 2GueIhEq5ImzqfsH61ezbimkZr/O1rN738IfhSsw3goKTXGKvrc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:33 2026 by rpki-client