$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143211.roa File: AS143211.roa (raw, json) Hash identifier: RTXRLL0b+5qUpvpVHY0+xhOaJd4y70izFIzfLgDW5Qc= Subject key identifier: 4E:AB:6E:D1:2D:C6:F4:31:57:82:5B:E0:5F:07:62:6C:E3:3D:46:B6 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 29686A8F9DA63B6F56A3110192CE887890B52ED9 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143211.roa Signing time: Wed 04 Mar 2026 06:07:22 +0000 ROA not before: Wed 04 Mar 2026 06:02:22 +0000 ROA not after: Wed 03 Mar 2027 06:07:22 +0000 asID: 143211 IP address blocks: 240a:a231::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:68:6a:8f:9d:a6:3b:6f:56:a3:11:01:92:ce:88:78:90:b5:2e:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:22 2026 GMT Not After : Mar 3 06:07:22 2027 GMT Subject: CN=4EAB6ED12DC6F43157825BE05F07626CE33D46B6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:82:28:cd:a5:de:44:26:c1:e5:e1:04:5c:7e: 24:14:40:11:c0:31:0f:d7:e1:e6:60:22:b2:2c:28: 6f:69:76:4a:59:97:f6:32:b0:da:bf:47:a3:b6:8d: e9:6a:ff:1a:da:d6:cc:e6:2d:fc:a3:af:da:ee:ef: 8f:06:08:c3:b0:4f:77:60:8b:5a:66:cf:32:f9:6c: 07:2b:4f:0a:8a:6a:a4:47:5d:8e:7e:90:55:89:f2: 5e:d0:09:63:aa:5e:d4:d4:aa:da:16:8b:82:fe:66: a8:47:08:3e:61:20:37:2e:30:97:dc:72:a3:8e:3c: 2b:3b:a4:d7:47:5a:d5:5b:6f:55:b2:ca:a9:d3:8c: 46:9b:e3:0c:e7:cd:cc:04:42:89:cb:36:40:2e:5d: 99:eb:44:80:83:be:cf:e1:ab:d4:1d:51:53:d0:e7: 95:71:35:df:2b:bf:d4:55:3b:2c:a9:67:9e:d4:33: c6:13:6e:4c:da:46:54:dc:da:58:31:a1:96:6e:0e: bb:7e:ad:e3:d3:ed:be:f0:dc:7a:d0:aa:f2:7e:0c: 53:c9:cc:f9:3b:31:fa:62:3c:12:a7:39:83:c9:ef: e5:6d:50:00:75:c6:db:12:d6:b2:d1:ea:30:3a:fb: 59:ec:db:4a:0d:14:85:72:1c:8f:a1:3c:ba:e8:36: b7:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:AB:6E:D1:2D:C6:F4:31:57:82:5B:E0:5F:07:62:6C:E3:3D:46:B6 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143211.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a231::/32 Signature Algorithm: sha256WithRSAEncryption 73:e1:1e:c9:cb:a2:58:20:e5:e3:2c:c7:14:5b:16:2d:be:e7: 51:72:f5:fb:80:b8:7c:3e:78:ea:e4:ea:ea:d6:fb:46:50:8b: f4:f3:4c:58:50:a7:aa:7f:cb:64:bc:e6:3e:6a:95:51:22:32: f5:55:48:fd:86:8c:3b:e6:0f:7f:f7:58:8e:0f:a3:92:42:68: e9:29:26:45:3f:19:fa:b4:a6:29:74:0c:be:b2:75:2a:2c:02: 03:c6:27:46:db:12:19:95:60:dd:80:af:ed:ef:cd:6f:05:cf: 8d:26:5e:b7:97:db:1e:e4:86:47:7e:73:0a:02:ee:c1:10:7d: 09:5b:ac:15:0f:00:b6:75:81:60:d5:9d:be:a3:20:a7:ec:e9: f3:02:6f:43:fd:21:58:78:b8:dc:05:5a:da:db:b1:fa:c3:1e: 16:e1:91:13:1f:ce:c7:af:1d:ac:58:38:f5:91:27:86:a3:12: bd:80:77:03:62:9f:81:24:ef:88:7d:7c:30:35:67:6c:0c:63: 6c:bd:05:af:5f:3e:4e:ba:aa:d0:d7:cf:b8:05:08:88:de:d3: 89:24:8e:41:e3:0c:f8:45:d1:38:4d:90:c7:22:d3:c3:56:81: 40:8c:48:28:cc:7c:52:bf:24:cf:07:4e:d7:5e:5f:b0:b1:02: ac:37:c0:95 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKWhqj52mO29WoxEBks6IeJC1LtkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIyMloX DTI3MDMwMzA2MDcyMlowMzExMC8GA1UEAxMoNEVBQjZFRDEyREM2RjQzMTU3ODI1 QkUwNUYwNzYyNkNFMzNENDZCNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANSCKM2l3kQmweXhBFx+JBRAEcAxD9fh5mAisiwob2l2SlmX9jKw2r9Ho7aN 6Wr/GtrWzOYt/KOv2u7vjwYIw7BPd2CLWmbPMvlsBytPCopqpEddjn6QVYnyXtAJ Y6pe1NSq2haLgv5mqEcIPmEgNy4wl9xyo448Kzuk10da1VtvVbLKqdOMRpvjDOfN zARCics2QC5dmetEgIO+z+Gr1B1RU9DnlXE13yu/1FU7LKlnntQzxhNuTNpGVNza WDGhlm4Ou36t49PtvvDcetCq8n4MU8nM+Tsx+mI8Eqc5g8nv5W1QAHXG2xLWstHq MDr7WezbSg0UhXIcj6E8uug2t4sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBROq27R Lcb0MVeCW+BfB2Js4z1GtjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzIxMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ojEwDQYJKoZIhvcNAQELBQADggEBAHPhHsnLolgg5eMsxxRbFi2+51Fy9fuAuHw+ eOrk6urW+0ZQi/TzTFhQp6p/y2S85j5qlVEiMvVVSP2GjDvmD3/3WI4Po5JCaOkp JkU/Gfq0pil0DL6ydSosAgPGJ0bbEhmVYN2Ar+3vzW8Fz40mXreX2x7khkd+cwoC 7sEQfQlbrBUPALZ1gWDVnb6jIKfs6fMCb0P9IVh4uNwFWtrbsfrDHhbhkRMfzsev HaxYOPWRJ4ajEr2AdwNin4Ek74h9fDA1Z2wMY2y9Ba9fPk66qtDXz7gFCIje04kk jkHjDPhF0ThNkMci08NWgUCMSCjMfFK/JM8HTtdeX7CxAqw3wJU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:08 2026 by rpki-client