$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143201.roa File: AS143201.roa (raw, json) Hash identifier: /Wa2K5VdDvBTmY86dUUJaqyyxxHtYGwy4P+4my9jX4g= Subject key identifier: 2A:D2:98:63:80:4A:31:2F:60:9B:F5:ED:CB:9A:C7:71:E0:50:97:17 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1C98B2812297C4B0812CDC6A568CF860EDE6657F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143201.roa Signing time: Wed 04 Mar 2026 06:06:16 +0000 ROA not before: Wed 04 Mar 2026 06:01:16 +0000 ROA not after: Wed 03 Mar 2027 06:06:16 +0000 asID: 143201 IP address blocks: 240a:a227::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:98:b2:81:22:97:c4:b0:81:2c:dc:6a:56:8c:f8:60:ed:e6:65:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:16 2026 GMT Not After : Mar 3 06:06:16 2027 GMT Subject: CN=2AD29863804A312F609BF5EDCB9AC771E0509717 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:84:90:46:2e:dc:43:ee:1a:3c:8b:79:67:c6: 9f:cf:44:1e:05:a6:b2:5d:8f:78:f3:83:41:23:28: c1:8a:3f:14:e9:88:58:cb:2e:b1:32:86:33:6b:a5: 07:6e:a8:e0:a4:2b:5e:ec:74:90:de:46:77:86:3d: 76:cd:6c:03:13:a6:99:38:52:69:9f:75:84:64:fe: 21:4b:96:c6:f9:58:f8:1f:ef:70:6f:fb:dd:e9:0d: 2f:37:f2:be:fa:d8:de:2f:5d:27:d4:a3:a0:2b:12: c2:ab:32:c8:17:2a:d4:9b:cf:a3:5c:dc:19:04:06: c3:d9:79:cd:64:7b:0c:d6:24:27:72:3f:88:d5:9f: 4b:44:9a:d2:09:67:11:aa:09:e7:d4:59:de:db:07: 91:f6:34:d2:0f:24:30:89:e5:9a:7d:c6:97:4e:b0: 0f:7f:c1:68:5c:81:28:85:f4:8d:f8:f5:8a:88:e4: d1:fa:00:16:c1:ee:ab:7f:ee:5a:b9:5d:d0:75:36: 07:1b:27:37:0c:d5:49:3a:50:ee:7a:50:6b:fb:3c: 29:bf:7a:91:58:cf:8d:cc:0c:e0:31:c2:3e:9b:17: 8f:b6:16:96:9d:af:83:66:29:ac:ee:38:1d:b4:5a: 82:e8:64:3d:9a:0e:76:28:72:d0:37:16:df:ef:f3: ce:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:D2:98:63:80:4A:31:2F:60:9B:F5:ED:CB:9A:C7:71:E0:50:97:17 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143201.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a227::/32 Signature Algorithm: sha256WithRSAEncryption 35:f5:da:b5:a8:c3:d9:11:58:f4:83:1b:24:c0:ec:ff:e3:13: d8:2f:b6:e3:5a:59:a5:55:13:de:e1:5b:07:9c:ea:dd:89:33: bb:9f:bd:a7:c6:72:70:31:0f:ec:7f:21:46:23:a2:da:b0:a9: 52:42:16:1c:40:50:83:fc:a4:dd:8e:ae:c9:54:ae:10:84:a4: bd:ec:39:b9:dc:23:be:7c:5a:94:a4:10:d6:ed:68:a0:d7:0a: 4d:20:11:c2:4f:30:ad:b1:cc:61:2b:48:7c:83:bf:7d:06:c2: a8:63:04:3d:fa:1d:e8:cf:71:6b:5f:e0:9e:cb:b2:ec:34:6a: 9a:41:54:8c:be:e0:44:a0:88:9c:c2:af:5d:b5:96:92:77:0b: a4:ca:cf:51:93:53:99:79:b4:b3:0c:9c:ad:6f:31:b2:b6:3f: df:8f:cf:63:22:01:db:f5:d9:24:4b:a2:5b:f0:1c:6a:d7:f5: 77:35:3f:b8:dc:84:81:fd:96:31:2e:ee:3d:a7:20:71:bd:38: e6:f1:df:73:df:8a:2f:e0:d9:b7:71:ee:91:ac:b1:e9:03:71: 34:d1:ac:13:8d:bd:8d:bf:d1:36:03:e6:0f:59:42:ef:c5:01: 6f:3d:37:12:30:58:7c:85:dd:17:3c:a5:9d:f1:eb:63:77:30: bd:66:9f:72 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUHJiygSKXxLCBLNxqVoz4YO3mZX8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDExNloX DTI3MDMwMzA2MDYxNlowMzExMC8GA1UEAxMoMkFEMjk4NjM4MDRBMzEyRjYwOUJG NUVEQ0I5QUM3NzFFMDUwOTcxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALWEkEYu3EPuGjyLeWfGn89EHgWmsl2PePODQSMowYo/FOmIWMsusTKGM2ul B26o4KQrXux0kN5Gd4Y9ds1sAxOmmThSaZ91hGT+IUuWxvlY+B/vcG/73ekNLzfy vvrY3i9dJ9SjoCsSwqsyyBcq1JvPo1zcGQQGw9l5zWR7DNYkJ3I/iNWfS0Sa0gln EaoJ59RZ3tsHkfY00g8kMInlmn3Gl06wD3/BaFyBKIX0jfj1iojk0foAFsHuq3/u Wrld0HU2BxsnNwzVSTpQ7npQa/s8Kb96kVjPjcwM4DHCPpsXj7YWlp2vg2YprO44 HbRaguhkPZoOdihy0DcW3+/zzn8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQq0phj gEoxL2Cb9e3Lmsdx4FCXFzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzIwMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oicwDQYJKoZIhvcNAQELBQADggEBADX12rWow9kRWPSDGyTA7P/jE9gvtuNaWaVV E97hWwec6t2JM7ufvafGcnAxD+x/IUYjotqwqVJCFhxAUIP8pN2OrslUrhCEpL3s ObncI758WpSkENbtaKDXCk0gEcJPMK2xzGErSHyDv30GwqhjBD36HejPcWtf4J7L suw0appBVIy+4ESgiJzCr121lpJ3C6TKz1GTU5l5tLMMnK1vMbK2P9+Pz2MiAdv1 2SRLolvwHGrX9Xc1P7jchIH9ljEu7j2nIHG9OObx33Pfii/g2bdx7pGssekDcTTR rBONvY2/0TYD5g9ZQu/FAW89NxIwWHyF3Rc8pZ3x62N3ML1mn3I= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:11 2026 by rpki-client