$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143203.roa File: AS143203.roa (raw, json) Hash identifier: GbvkplXGbB5D8GaY0oauLxwWREquRWvR/eeCAD1mWvM= Subject key identifier: 98:E3:39:B3:A8:6C:C3:E4:59:44:8F:AD:F3:A5:C7:BB:27:DF:E5:8D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 33E6C7B516E1B57860C47AA7D8158509DF61F6EA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143203.roa Signing time: Wed 04 Mar 2026 06:07:56 +0000 ROA not before: Wed 04 Mar 2026 06:02:56 +0000 ROA not after: Wed 03 Mar 2027 06:07:56 +0000 asID: 143203 IP address blocks: 240a:a229::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:e6:c7:b5:16:e1:b5:78:60:c4:7a:a7:d8:15:85:09:df:61:f6:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:56 2026 GMT Not After : Mar 3 06:07:56 2027 GMT Subject: CN=98E339B3A86CC3E459448FADF3A5C7BB27DFE58D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:94:29:d2:83:49:b0:7b:da:e0:e9:db:4a:b1: 05:f2:81:92:5b:75:73:48:1d:98:22:c8:cb:70:24: fe:95:1b:8a:43:1c:93:48:a9:fa:9a:2d:0d:48:e2: e7:cd:0b:91:a1:94:86:ab:4f:91:e4:6c:d1:88:6c: 24:5e:cb:f7:a7:47:65:82:26:92:e2:bf:20:6f:14: 4a:75:47:62:82:95:a9:48:3d:92:a7:5b:aa:42:e8: 98:bd:99:6a:e8:8d:9e:8a:4c:1a:d9:63:0c:4f:f8: 07:00:9e:2c:94:5c:98:1c:7c:ad:69:be:72:ac:bb: dc:03:c5:a9:3f:1a:d4:62:32:e6:75:67:23:de:c5: aa:2a:7e:90:44:00:cd:51:b1:0f:2f:67:50:7d:5a: 90:b5:c3:fc:1a:c7:66:28:f3:a1:01:f4:dd:8b:35: 0e:39:a1:b4:7d:8b:f4:83:e9:fc:8e:2f:e3:86:67: 98:98:73:ad:92:af:12:ca:50:7f:5d:63:9e:39:95: 06:95:58:4f:9d:13:63:28:ac:f6:17:3d:f1:a9:6f: 33:7a:36:44:ac:ad:63:c0:1e:ec:94:5e:c9:9d:f1: cd:e7:06:7a:74:c6:4f:d3:74:66:c2:a7:a1:26:9d: be:25:ae:a1:07:5b:52:97:72:28:87:b0:6d:43:d5: 7f:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:E3:39:B3:A8:6C:C3:E4:59:44:8F:AD:F3:A5:C7:BB:27:DF:E5:8D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143203.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a229::/32 Signature Algorithm: sha256WithRSAEncryption 6c:37:1b:d5:48:d2:cc:f5:1b:a9:f0:80:84:09:f3:1a:20:50: 0a:4a:a8:a9:9c:1d:f5:a6:f5:82:9d:eb:7c:4f:3d:d0:5f:30: 0e:5e:36:3b:59:b3:0b:46:08:3a:d1:bf:a6:7d:91:65:06:bc: fa:e2:76:8b:28:2c:d9:10:d0:ca:dc:45:7f:22:66:ca:2a:af: ee:fe:fc:18:a7:f8:17:61:80:74:21:e0:a3:ba:89:75:e1:bf: 91:19:a3:08:ef:22:55:7d:9b:d5:ee:f0:2e:43:c2:fe:57:70: 7d:21:c9:46:f6:f4:73:ab:0f:96:6a:38:c6:b8:71:36:87:cd: 97:84:1c:2c:9c:26:8c:43:26:f5:c1:42:85:19:25:f6:e0:49: 07:17:e7:11:a8:71:e0:84:85:c3:89:d7:30:55:80:01:8e:f3: 4d:b8:d5:02:f2:0b:f8:31:57:0d:4b:04:78:44:ea:b4:f7:10: 18:96:58:36:41:f3:b5:3c:e7:36:51:68:63:06:be:34:4e:c1: 7d:df:7b:12:5c:2a:3e:c7:54:fa:44:73:51:1e:1b:95:60:6b: 82:c0:6c:65:d7:61:98:93:9b:d9:88:0f:b2:5e:bd:4d:ef:37: 30:96:c8:3e:5b:06:6e:63:09:0a:2e:c3:bd:cb:e5:09:d6:8b: 9d:0b:b1:72 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUM+bHtRbhtXhgxHqn2BWFCd9h9uowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI1NloX DTI3MDMwMzA2MDc1NlowMzExMC8GA1UEAxMoOThFMzM5QjNBODZDQzNFNDU5NDQ4 RkFERjNBNUM3QkIyN0RGRTU4RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALuUKdKDSbB72uDp20qxBfKBklt1c0gdmCLIy3Ak/pUbikMck0ip+potDUji 580LkaGUhqtPkeRs0YhsJF7L96dHZYImkuK/IG8USnVHYoKVqUg9kqdbqkLomL2Z auiNnopMGtljDE/4BwCeLJRcmBx8rWm+cqy73APFqT8a1GIy5nVnI97Fqip+kEQA zVGxDy9nUH1akLXD/BrHZijzoQH03Ys1DjmhtH2L9IPp/I4v44ZnmJhzrZKvEspQ f11jnjmVBpVYT50TYyis9hc98alvM3o2RKytY8Ae7JReyZ3xzecGenTGT9N0ZsKn oSadviWuoQdbUpdyKIewbUPVf9cCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSY4zmz qGzD5FlEj63zpce7J9/ljTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzIwMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oikwDQYJKoZIhvcNAQELBQADggEBAGw3G9VI0sz1G6nwgIQJ8xogUApKqKmcHfWm 9YKd63xPPdBfMA5eNjtZswtGCDrRv6Z9kWUGvPridosoLNkQ0MrcRX8iZsoqr+7+ /Bin+BdhgHQh4KO6iXXhv5EZowjvIlV9m9Xu8C5Dwv5XcH0hyUb29HOrD5ZqOMa4 cTaHzZeEHCycJoxDJvXBQoUZJfbgSQcX5xGoceCEhcOJ1zBVgAGO80241QLyC/gx Vw1LBHhE6rT3EBiWWDZB87U85zZRaGMGvjROwX3fexJcKj7HVPpEc1EeG5Vga4LA bGXXYZiTm9mID7JevU3vNzCWyD5bBm5jCQouw73L5QnWi50LsXI= -----END CERTIFICATE-----Generated at Sat Mar 28 13:15:11 2026 by rpki-client