$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143199.roa File: AS143199.roa (raw, json) Hash identifier: sQOAu1OiM4jUQxcmjseafkfCbPxJM8sZPdCYibrrEsY= Subject key identifier: 9D:09:3E:5E:33:63:0E:9D:F7:E2:9A:10:38:6E:0D:91:07:95:01:06 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 01D81EFFD98D93CFA2F5173A875ECF63BCB1AA72 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143199.roa Signing time: Wed 04 Mar 2026 06:05:47 +0000 ROA not before: Wed 04 Mar 2026 06:00:47 +0000 ROA not after: Wed 03 Mar 2027 06:05:47 +0000 asID: 143199 IP address blocks: 240a:a225::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:d8:1e:ff:d9:8d:93:cf:a2:f5:17:3a:87:5e:cf:63:bc:b1:aa:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:47 2026 GMT Not After : Mar 3 06:05:47 2027 GMT Subject: CN=9D093E5E33630E9DF7E29A10386E0D9107950106 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:fd:a2:25:12:02:56:12:34:ef:16:4f:a1:90: a5:67:65:e1:37:a7:07:5b:97:4c:5b:e7:06:73:85: dc:8e:16:ee:96:01:f9:14:68:c7:da:6e:15:d5:ab: 73:dd:fc:69:26:fa:14:a2:02:29:62:ca:a7:14:10: 9a:57:e6:aa:fc:ed:8c:9a:0b:47:b7:51:f7:7d:5b: a6:f8:cb:73:47:98:b9:3b:e6:f6:c5:53:38:29:6b: 03:4a:b8:45:71:1c:82:6e:d1:b1:65:92:c7:3e:9f: 40:74:dd:0a:55:75:9e:83:01:4d:89:ac:70:ef:19: 22:7a:c6:92:d8:aa:53:2d:61:93:75:cb:96:93:22: 83:cf:e2:90:18:08:fb:54:be:8e:f1:a3:61:70:0f: 3e:8b:20:47:fb:e9:42:db:2a:f5:46:7c:7e:5a:29: aa:44:45:f8:38:5e:e0:8b:af:6a:0c:48:f5:1e:64: dd:04:8f:a6:1a:ba:98:45:a6:c2:99:71:c1:a8:ef: 2f:fd:57:f2:23:89:6c:78:0f:d7:4d:17:ae:34:4f: 40:e1:e5:4b:d2:50:21:7e:a1:ba:86:9a:85:d4:a1: d3:0e:70:15:d4:88:10:a9:3b:35:a3:13:aa:e9:1d: 40:f8:34:55:4a:22:21:24:c5:59:00:15:7c:02:48: 03:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:09:3E:5E:33:63:0E:9D:F7:E2:9A:10:38:6E:0D:91:07:95:01:06 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143199.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a225::/32 Signature Algorithm: sha256WithRSAEncryption ad:37:e0:2b:a9:bc:b8:b1:7e:37:14:23:e8:59:73:9e:85:5f: a6:dc:22:23:98:ca:79:4e:bb:07:07:fd:5b:b4:1a:24:0b:99: fd:bd:e4:fb:a7:ae:4a:2b:9b:9f:58:8a:e9:95:b4:27:ce:26: b5:59:bf:38:16:c2:b2:a4:88:d7:02:a8:d9:f2:ef:d3:05:b5: 1d:3c:3b:8f:31:a7:d3:31:9f:50:66:e6:07:b3:8b:12:44:60: 3c:0b:81:7a:3e:ae:da:73:d7:cf:dd:13:7f:22:91:cf:78:54: 41:34:ee:69:f4:47:bc:66:ec:23:1d:46:2a:6e:a8:df:cf:a8: 8e:56:ec:55:c7:ff:9c:67:74:1c:73:46:07:f6:06:ea:22:39: b2:69:4f:40:a7:03:b9:4a:fb:84:59:42:ac:cb:1b:49:25:a4: 83:bd:2a:14:cb:0f:39:df:10:56:41:a5:ad:79:1b:98:bc:f8: 37:42:80:11:49:a9:89:2c:ef:4d:c7:56:1e:b2:b3:32:f9:5e: 5a:2a:30:3e:bb:36:44:ec:1f:58:bb:a8:69:51:ff:31:8f:06: 16:f5:15:a2:8c:71:21:8d:a6:eb:26:08:14:e5:41:43:27:a3: a4:51:f6:2c:1c:ab:e3:72:f9:87:d9:fb:91:91:13:49:63:dd: 8b:18:dd:74 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUAdge/9mNk8+i9Rc6h17PY7yxqnIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA0N1oX DTI3MDMwMzA2MDU0N1owMzExMC8GA1UEAxMoOUQwOTNFNUUzMzYzMEU5REY3RTI5 QTEwMzg2RTBEOTEwNzk1MDEwNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOz9oiUSAlYSNO8WT6GQpWdl4TenB1uXTFvnBnOF3I4W7pYB+RRox9puFdWr c938aSb6FKICKWLKpxQQmlfmqvztjJoLR7dR931bpvjLc0eYuTvm9sVTOClrA0q4 RXEcgm7RsWWSxz6fQHTdClV1noMBTYmscO8ZInrGktiqUy1hk3XLlpMig8/ikBgI +1S+jvGjYXAPPosgR/vpQtsq9UZ8flopqkRF+Dhe4IuvagxI9R5k3QSPphq6mEWm wplxwajvL/1X8iOJbHgP100XrjRPQOHlS9JQIX6huoaahdSh0w5wFdSIEKk7NaMT qukdQPg0VUoiISTFWQAVfAJIA1sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSdCT5e M2MOnffimhA4bg2RB5UBBjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzE5OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oiUwDQYJKoZIhvcNAQELBQADggEBAK034CupvLixfjcUI+hZc56FX6bcIiOYynlO uwcH/Vu0GiQLmf295Punrkorm59YiumVtCfOJrVZvzgWwrKkiNcCqNny79MFtR08 O48xp9Mxn1Bm5gezixJEYDwLgXo+rtpz18/dE38ikc94VEE07mn0R7xm7CMdRipu qN/PqI5W7FXH/5xndBxzRgf2BuoiObJpT0CnA7lK+4RZQqzLG0klpIO9KhTLDznf EFZBpa15G5i8+DdCgBFJqYks703HVh6yszL5XloqMD67NkTsH1i7qGlR/zGPBhb1 FaKMcSGNpusmCBTlQUMno6RR9iwcq+Ny+YfZ+5GRE0lj3YsY3XQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:08 2026 by rpki-client