$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143197.roa File: AS143197.roa (raw, json) Hash identifier: iA72sryMq8AsiapksOTYWXS/Vv70R7dI3rz3tt9ndjk= Subject key identifier: 1C:DF:5E:99:0B:07:1A:EA:02:BA:92:C9:78:32:4B:CE:AB:11:AE:0B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5B24FEF8364F54DC42856381FFD3B07904445588 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143197.roa Signing time: Wed 04 Mar 2026 06:06:24 +0000 ROA not before: Wed 04 Mar 2026 06:01:24 +0000 ROA not after: Wed 03 Mar 2027 06:06:24 +0000 asID: 143197 IP address blocks: 240a:a223::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:24:fe:f8:36:4f:54:dc:42:85:63:81:ff:d3:b0:79:04:44:55:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:24 2026 GMT Not After : Mar 3 06:06:24 2027 GMT Subject: CN=1CDF5E990B071AEA02BA92C978324BCEAB11AE0B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:51:b1:21:9c:cf:38:2c:7b:e7:58:1b:83:4f: b0:94:3e:9a:84:55:2c:78:8f:85:1f:43:b4:c6:39: ea:b7:b2:a5:83:69:91:51:9b:61:58:f9:ce:c3:d4: ce:bb:fe:2a:a5:90:f2:6d:7a:4d:1b:5f:25:80:3d: fe:23:5e:70:f5:ed:3f:bc:de:60:b4:88:40:fb:38: b7:26:4e:22:e6:97:3b:bf:3c:c6:70:08:25:4e:19: e0:5b:80:c0:6d:36:30:ae:4a:29:e5:7d:0b:75:59: ef:93:f5:b9:18:2a:98:8d:e1:94:bd:bf:3a:45:73: cf:6e:02:48:a4:b9:85:bd:91:ce:07:a8:2b:8d:1d: 34:84:06:89:f1:c0:1a:6d:db:dc:82:36:86:b3:24: 54:a6:dd:03:63:ac:68:fc:7e:ff:5e:45:40:65:d5: d2:d8:50:70:83:9d:aa:ff:02:31:7a:27:f6:bd:34: 21:b3:57:1a:2d:09:3b:ea:13:fc:b2:bf:87:c7:da: 11:55:9c:d8:7b:28:37:2e:02:c7:a9:1a:92:54:fa: 8c:be:5b:52:59:46:ef:c7:40:c3:07:a0:60:93:67: 4e:8b:d3:df:be:d9:29:4a:02:f1:a7:df:bb:6c:65: 55:ed:f6:3a:51:a7:c1:e0:ca:55:7e:1e:a3:34:9e: 39:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:DF:5E:99:0B:07:1A:EA:02:BA:92:C9:78:32:4B:CE:AB:11:AE:0B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143197.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a223::/32 Signature Algorithm: sha256WithRSAEncryption 3f:f4:11:0b:1e:cb:5e:2e:85:8a:c1:74:9a:2f:99:e4:c5:c3: 98:94:65:f5:e7:9d:01:1b:79:be:a8:67:a7:78:18:5c:82:36: c3:5d:16:83:d1:a8:3f:b7:51:66:8a:de:84:34:a9:bd:ee:3d: 25:aa:e2:83:96:c4:e7:0e:de:76:1a:6b:1e:34:6a:4c:09:eb: f7:56:08:fc:49:ae:5a:4a:01:b1:0c:0b:1f:d6:53:41:8d:46: 7f:71:0b:90:10:14:4e:03:44:8f:85:a6:b7:29:16:37:a8:58: 7d:6d:7c:9b:87:5c:58:28:c1:a9:08:91:29:8f:a6:f7:df:d3: 11:79:2b:d4:c1:4c:a0:46:2f:7b:83:45:78:cd:b5:74:43:fb: ff:fe:f6:31:52:b1:a4:48:9e:97:92:41:e5:27:cc:e2:e5:b4: 5b:28:b7:e7:e3:5f:da:3b:47:00:63:fa:88:c1:93:32:8a:f1: 4c:57:ac:e2:dc:0e:ea:fe:20:22:8f:5e:44:a9:93:05:c3:06: 30:8c:ab:10:d5:49:a4:8a:0d:13:c4:ba:e0:d9:52:01:bc:d5: c9:91:cf:53:5c:57:72:bf:63:f0:9a:c7:66:a1:00:4d:48:b8: d3:94:85:44:a6:8c:63:50:47:9c:ec:2e:f9:51:4d:4c:34:bd: ae:c2:d5:59 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWyT++DZPVNxChWOB/9OweQREVYgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEyNFoX DTI3MDMwMzA2MDYyNFowMzExMC8GA1UEAxMoMUNERjVFOTkwQjA3MUFFQTAyQkE5 MkM5NzgzMjRCQ0VBQjExQUUwQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK5RsSGczzgse+dYG4NPsJQ+moRVLHiPhR9DtMY56reypYNpkVGbYVj5zsPU zrv+KqWQ8m16TRtfJYA9/iNecPXtP7zeYLSIQPs4tyZOIuaXO788xnAIJU4Z4FuA wG02MK5KKeV9C3VZ75P1uRgqmI3hlL2/OkVzz24CSKS5hb2RzgeoK40dNIQGifHA Gm3b3II2hrMkVKbdA2OsaPx+/15FQGXV0thQcIOdqv8CMXon9r00IbNXGi0JO+oT /LK/h8faEVWc2HsoNy4Cx6kaklT6jL5bUllG78dAwwegYJNnTovT377ZKUoC8aff u2xlVe32OlGnweDKVX4eozSeOccCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQc316Z Cwca6gK6ksl4MkvOqxGuCzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzE5Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oiMwDQYJKoZIhvcNAQELBQADggEBAD/0EQsey14uhYrBdJovmeTFw5iUZfXnnQEb eb6oZ6d4GFyCNsNdFoPRqD+3UWaK3oQ0qb3uPSWq4oOWxOcO3nYaax40akwJ6/dW CPxJrlpKAbEMCx/WU0GNRn9xC5AQFE4DRI+FprcpFjeoWH1tfJuHXFgowakIkSmP pvff0xF5K9TBTKBGL3uDRXjNtXRD+//+9jFSsaRInpeSQeUnzOLltFsot+fjX9o7 RwBj+ojBkzKK8UxXrOLcDur+ICKPXkSpkwXDBjCMqxDVSaSKDRPEuuDZUgG81cmR z1NcV3K/Y/Cax2ahAE1IuNOUhUSmjGNQR5zsLvlRTUw0va7C1Vk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:04 2026 by rpki-client