$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143195.roa File: AS143195.roa (raw, json) Hash identifier: nf1yhTit476wzzLux/8VchiZ9eWH9ZeF5SebmUnnZjM= Subject key identifier: DF:C1:15:73:AE:CF:49:44:A9:B3:12:05:0A:B7:5E:D9:D8:D6:8C:83 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 35612EB4F89888D80B96F4289BC33D8C4CDB025B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143195.roa Signing time: Wed 04 Mar 2026 06:05:32 +0000 ROA not before: Wed 04 Mar 2026 06:00:32 +0000 ROA not after: Wed 03 Mar 2027 06:05:32 +0000 asID: 143195 IP address blocks: 240a:a221::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:61:2e:b4:f8:98:88:d8:0b:96:f4:28:9b:c3:3d:8c:4c:db:02:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:32 2026 GMT Not After : Mar 3 06:05:32 2027 GMT Subject: CN=DFC11573AECF4944A9B312050AB75ED9D8D68C83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:e0:bd:fc:db:7c:a1:72:0c:60:7f:b9:ea:f5: db:76:eb:58:40:50:58:7e:78:29:20:9a:00:e1:a3: 30:36:ea:17:c9:88:0a:b0:92:ff:01:7c:cc:33:dd: 48:d8:34:ce:86:90:d0:b8:fd:19:5e:6b:40:0f:31: f1:05:6d:d0:6c:49:7d:c7:06:3b:93:89:ff:c8:f3: 31:05:42:9d:4c:05:65:89:f6:d9:c9:09:ed:88:c6: 54:ab:cd:bd:b4:21:12:23:ba:55:c0:20:59:6e:6c: ad:25:51:a5:0f:9e:11:7d:94:13:b7:e3:7a:7e:8a: 0a:57:5c:d9:72:5d:0f:1a:f4:6f:b9:71:88:0e:e4: ee:61:70:d2:00:84:e6:bb:5b:db:31:2f:69:ed:ac: a7:57:24:d8:ac:ac:f7:d4:1d:8c:a4:08:91:bc:c6: ab:95:ef:3b:c4:d8:53:25:92:f4:d1:13:64:66:e1: 15:9c:d2:48:52:7f:84:70:02:c8:15:7f:ae:c7:1a: 9d:cc:cf:97:3b:fc:2d:6a:cd:03:9e:92:86:fc:ca: 4e:74:e6:81:1a:61:2d:f6:e5:4f:b2:f1:39:24:16: a3:1c:c9:47:a3:1f:69:21:7b:95:69:7c:83:44:09: 7f:da:2d:9e:f2:b5:1b:e7:ef:93:84:42:fe:7a:8e: 4f:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:C1:15:73:AE:CF:49:44:A9:B3:12:05:0A:B7:5E:D9:D8:D6:8C:83 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143195.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a221::/32 Signature Algorithm: sha256WithRSAEncryption d7:b5:28:ca:25:f2:27:40:79:3c:e8:79:36:c6:2d:d2:8e:c6: 54:53:5d:2b:65:bf:fa:1b:28:18:3d:6a:ba:89:4f:55:6f:04: 96:f6:ad:6f:de:89:48:fe:85:ff:4d:8b:bd:08:b0:5a:0d:d9: b0:f8:ff:88:60:e3:01:b3:bc:e6:ea:bd:c8:93:c8:5c:9b:6e: 83:9d:9d:e7:05:b3:84:f0:c7:12:30:13:fb:00:82:74:43:59: 50:b6:04:1b:e8:32:36:10:c5:0e:a7:35:d0:e4:33:39:5d:28: cf:ab:b9:db:45:e6:03:e3:8b:7b:6a:01:b9:f7:37:58:a3:a2: 70:75:e5:fb:aa:7f:33:a4:66:c9:b4:0a:81:7d:db:43:fb:5e: a4:76:76:78:45:44:9c:ea:c1:f3:0c:df:0d:3a:10:46:e3:3e: 5e:ac:73:55:86:41:4c:8a:4e:07:e8:0b:e7:ce:97:74:7f:0d: e7:7b:23:a4:8d:d3:4b:71:ed:68:9b:c6:f1:8d:c8:58:e7:d9: 10:16:b7:2d:a1:98:2d:b5:6d:6a:3d:10:dd:3e:91:4d:09:de: cd:fe:28:1e:88:c3:ce:3a:d9:5f:2f:e9:13:aa:1b:dc:23:56: 5c:12:72:91:87:d6:a3:1c:7f:62:7b:95:5a:f4:92:24:23:93: 4c:ae:da:f6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNWEutPiYiNgLlvQom8M9jEzbAlswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAzMloX DTI3MDMwMzA2MDUzMlowMzExMC8GA1UEAxMoREZDMTE1NzNBRUNGNDk0NEE5QjMx MjA1MEFCNzVFRDlEOEQ2OEM4MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKjgvfzbfKFyDGB/uer123brWEBQWH54KSCaAOGjMDbqF8mICrCS/wF8zDPd SNg0zoaQ0Lj9GV5rQA8x8QVt0GxJfccGO5OJ/8jzMQVCnUwFZYn22ckJ7YjGVKvN vbQhEiO6VcAgWW5srSVRpQ+eEX2UE7fjen6KCldc2XJdDxr0b7lxiA7k7mFw0gCE 5rtb2zEvae2sp1ck2Kys99QdjKQIkbzGq5XvO8TYUyWS9NETZGbhFZzSSFJ/hHAC yBV/rscanczPlzv8LWrNA56ShvzKTnTmgRphLfblT7LxOSQWoxzJR6MfaSF7lWl8 g0QJf9otnvK1G+fvk4RC/nqOT1kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTfwRVz rs9JRKmzEgUKt17Z2NaMgzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzE5NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oiEwDQYJKoZIhvcNAQELBQADggEBANe1KMol8idAeTzoeTbGLdKOxlRTXStlv/ob KBg9arqJT1VvBJb2rW/eiUj+hf9Ni70IsFoN2bD4/4hg4wGzvObqvciTyFybboOd necFs4TwxxIwE/sAgnRDWVC2BBvoMjYQxQ6nNdDkMzldKM+rudtF5gPji3tqAbn3 N1ijonB15fuqfzOkZsm0CoF920P7XqR2dnhFRJzqwfMM3w06EEbjPl6sc1WGQUyK TgfoC+fOl3R/Ded7I6SN00tx7WibxvGNyFjn2RAWty2hmC21bWo9EN0+kU0J3s3+ KB6Iw8462V8v6ROqG9wjVlwScpGH1qMcf2J7lVr0kiQjk0yu2vY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:33 2026 by rpki-client