$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143198.roa File: AS143198.roa (raw, json) Hash identifier: 9Nl7iCMx0SGVIG4MGCmipJB5dkXptVHCwkG6kloUGcc= Subject key identifier: D7:B3:B2:80:55:92:85:72:59:73:79:DA:DD:21:C0:C0:18:F4:D6:6A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4C2E583B7891CC9D3606086912735D03D76762FC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143198.roa Signing time: Wed 04 Mar 2026 06:05:23 +0000 ROA not before: Wed 04 Mar 2026 06:00:23 +0000 ROA not after: Wed 03 Mar 2027 06:05:23 +0000 asID: 143198 IP address blocks: 240a:a224::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:2e:58:3b:78:91:cc:9d:36:06:08:69:12:73:5d:03:d7:67:62:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:23 2026 GMT Not After : Mar 3 06:05:23 2027 GMT Subject: CN=D7B3B28055928572597379DADD21C0C018F4D66A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:d3:1b:b1:40:9f:63:1a:08:62:7c:c7:af:b9: fa:5c:57:1e:75:73:5a:6a:bc:22:39:44:79:48:6e: 8d:d8:16:09:ac:ac:32:41:8d:f4:f2:d7:3d:fc:a9: b1:ed:17:b5:0d:cd:1d:28:a0:82:9b:de:66:31:08: 5d:64:ec:3c:44:5e:76:5f:2c:15:35:8e:db:3a:09: 8c:f6:19:03:96:86:a5:e4:28:ab:dc:25:e2:85:66: 0e:5a:ed:90:0a:5f:3a:32:a5:16:19:9e:95:44:a8: fe:ae:e4:d7:63:30:dd:34:a6:03:2b:7b:a9:58:81: cd:28:b9:94:d9:9f:64:3a:6f:3a:46:a8:21:3f:e4: f6:bb:ff:89:11:d3:bd:2c:ae:60:63:d4:f3:35:14: fe:7d:77:3d:ca:f0:b0:08:54:4f:7c:3f:d3:02:30: 68:e8:24:aa:6c:e7:57:6c:e4:44:4f:e6:33:25:cc: 0b:e0:ed:be:a1:45:c1:5b:6f:48:02:9b:56:d3:72: 6b:27:bb:13:14:d8:5d:0a:c7:af:ef:a9:d1:30:ca: 73:f4:8c:02:fc:60:d0:21:5b:cd:fa:2d:c7:08:87: 88:2c:da:6b:bc:1b:a2:6d:13:04:ce:65:b1:28:ce: 80:1e:d8:bf:9f:08:b6:52:87:33:9f:02:24:19:57: f7:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:B3:B2:80:55:92:85:72:59:73:79:DA:DD:21:C0:C0:18:F4:D6:6A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143198.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a224::/32 Signature Algorithm: sha256WithRSAEncryption 64:16:2a:9a:3c:fc:6c:7e:05:b0:1c:d8:36:cd:20:a4:24:9f: 5a:90:a8:14:6b:ab:b9:c2:9f:22:27:8e:38:19:a6:31:c7:98: fd:0e:3e:43:ac:e0:bb:fc:0e:4e:c2:eb:f2:92:dc:10:07:b0: e5:77:f4:d9:d5:b0:66:75:aa:f2:63:9c:98:f3:a2:cd:21:37: 9f:09:3b:6e:ba:39:5e:e3:a1:64:3f:5a:78:c9:86:16:73:16: 4d:52:dc:86:b5:cf:87:8a:df:03:e1:de:60:b2:28:d4:61:b1: d2:49:06:f3:34:17:6c:8f:ea:4b:c2:b6:43:30:72:e2:1f:2f: 13:b7:4c:89:4d:21:71:8e:29:d0:81:55:ad:73:e1:87:24:4a: 30:4b:8d:2f:fc:9f:99:28:47:2a:8c:72:5b:81:59:3a:f8:20: 5a:40:62:7c:70:f3:c1:25:e8:37:f3:1c:65:bd:ad:c9:f4:1f: 92:71:fe:41:97:b5:e7:79:9a:31:ef:56:62:82:11:2d:88:a6: 3e:f1:44:8d:3b:43:c2:5c:0a:98:ca:36:57:db:1a:0d:32:d1: 0f:66:c1:27:06:bc:a5:b8:f4:df:d5:50:ee:64:20:58:de:1e: 13:23:ea:40:2a:a3:60:a9:b4:e7:92:fd:b4:11:28:8e:bd:38: a5:d4:51:74 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTC5YO3iRzJ02BghpEnNdA9dnYvwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAyM1oX DTI3MDMwMzA2MDUyM1owMzExMC8GA1UEAxMoRDdCM0IyODA1NTkyODU3MjU5NzM3 OURBREQyMUMwQzAxOEY0RDY2QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKfTG7FAn2MaCGJ8x6+5+lxXHnVzWmq8IjlEeUhujdgWCaysMkGN9PLXPfyp se0XtQ3NHSiggpveZjEIXWTsPERedl8sFTWO2zoJjPYZA5aGpeQoq9wl4oVmDlrt kApfOjKlFhmelUSo/q7k12Mw3TSmAyt7qViBzSi5lNmfZDpvOkaoIT/k9rv/iRHT vSyuYGPU8zUU/n13PcrwsAhUT3w/0wIwaOgkqmznV2zkRE/mMyXMC+DtvqFFwVtv SAKbVtNyaye7ExTYXQrHr++p0TDKc/SMAvxg0CFbzfotxwiHiCzaa7wbom0TBM5l sSjOgB7Yv58ItlKHM58CJBlX920CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTXs7KA VZKFcllzedrdIcDAGPTWajAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzE5OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oiQwDQYJKoZIhvcNAQELBQADggEBAGQWKpo8/Gx+BbAc2DbNIKQkn1qQqBRrq7nC nyInjjgZpjHHmP0OPkOs4Lv8Dk7C6/KS3BAHsOV39NnVsGZ1qvJjnJjzos0hN58J O266OV7joWQ/WnjJhhZzFk1S3Ia1z4eK3wPh3mCyKNRhsdJJBvM0F2yP6kvCtkMw cuIfLxO3TIlNIXGOKdCBVa1z4YckSjBLjS/8n5koRyqMcluBWTr4IFpAYnxw88El 6DfzHGW9rcn0H5Jx/kGXted5mjHvVmKCES2Ipj7xRI07Q8JcCpjKNlfbGg0y0Q9m wScGvKW49N/VUO5kIFjeHhMj6kAqo2CptOeS/bQRKI69OKXUUXQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:39 2026 by rpki-client