$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143215.roa File: AS143215.roa (raw, json) Hash identifier: 45jYtZi3Hun2e2CaPERk3RDp+uHX89s/PsHUUAzW/b8= Subject key identifier: 58:15:72:F1:1F:33:2C:C3:EA:E3:D1:9E:05:C4:BF:38:22:40:AE:AC Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 642806B9D54AF8CAB90615934F573CC7964F9E81 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143215.roa Signing time: Wed 04 Mar 2026 06:07:14 +0000 ROA not before: Wed 04 Mar 2026 06:02:14 +0000 ROA not after: Wed 03 Mar 2027 06:07:14 +0000 asID: 143215 IP address blocks: 240a:a235::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:28:06:b9:d5:4a:f8:ca:b9:06:15:93:4f:57:3c:c7:96:4f:9e:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:14 2026 GMT Not After : Mar 3 06:07:14 2027 GMT Subject: CN=581572F11F332CC3EAE3D19E05C4BF382240AEAC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:a3:84:57:b2:92:cf:97:e6:c6:3d:c8:82:5e: bc:35:75:20:bd:28:6c:5a:03:b1:3e:7b:98:5d:42: 7d:9f:25:aa:69:fa:bc:e7:fd:f9:0d:01:21:1b:2a: 17:47:da:47:b4:d0:48:d9:bd:cb:d3:42:bb:00:94: 1d:9f:2b:a0:cd:3a:9a:df:f2:4c:8e:e8:70:cf:0b: 48:e2:ab:dc:cb:98:7f:7a:c4:48:d8:a6:4f:b4:df: 3c:4a:31:30:f8:00:fd:c4:c7:1b:1e:a8:0e:a1:03: 69:d0:26:b1:34:b7:fa:63:f9:33:8e:66:17:5f:f7: 8d:7b:68:7e:b3:77:f6:c7:37:12:a0:aa:a9:37:d5: 76:18:3f:99:05:7c:b8:9f:d9:b3:d8:af:e6:a9:cd: 9b:bd:f6:77:56:f6:90:29:f9:85:ab:ba:b3:07:a1: 4d:93:64:97:28:fa:35:da:8a:b7:fe:fc:74:e7:a1: 8f:bc:18:b5:87:8c:d3:1b:0e:bb:95:70:51:3b:13: af:97:0b:b3:e2:f9:a6:38:3a:65:2c:1f:b2:6c:3a: e9:96:d7:58:92:be:ad:8b:28:76:4a:6e:df:3f:d5: ac:d0:22:7a:af:7d:69:67:bf:a1:b1:38:99:6b:9f: 58:86:47:22:75:65:30:03:91:b0:fb:42:3b:2f:29: 3f:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:15:72:F1:1F:33:2C:C3:EA:E3:D1:9E:05:C4:BF:38:22:40:AE:AC X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143215.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a235::/32 Signature Algorithm: sha256WithRSAEncryption 72:11:e4:57:94:60:ae:e9:b4:60:02:24:08:46:aa:fb:f4:62: 63:ec:8f:0b:a4:3c:9e:ab:d8:d5:a4:85:10:1e:c3:b4:94:b2: ad:00:dc:4c:e5:c5:21:39:c5:17:96:5e:61:c1:f8:5a:b3:11: 3e:b7:3c:54:2a:b0:ee:23:28:ec:8b:98:e9:f6:d5:e5:97:ef: bc:ce:30:f1:ee:70:25:e6:2f:c3:9d:3f:7b:aa:2c:85:40:3f: 3a:c0:37:a6:28:1b:b1:fa:d4:67:83:11:ae:31:b3:9b:29:b5: e6:0d:85:d8:a6:1c:95:1a:46:8c:7d:40:7b:e2:d4:75:59:1b: 8d:d0:a4:ae:1e:7f:64:05:fd:94:a2:2f:0b:03:51:25:ac:41: 77:e4:e6:48:aa:93:a0:0f:b3:2b:ee:0c:74:2b:9f:21:d4:e9: 73:85:e9:0b:11:68:d4:64:f1:bc:ca:c0:82:1a:60:a6:8f:8c: 40:46:b0:78:c7:ef:73:b6:0f:ca:54:9a:00:4a:72:53:60:a0: be:28:60:e7:e8:c0:d9:87:f1:5c:77:3c:7e:76:58:d2:f6:cb: f8:47:b9:19:c6:22:91:e1:69:4a:ef:80:40:93:9f:f4:fa:61: ed:96:30:2d:fc:2f:3e:db:f4:c2:8b:25:55:d9:d9:e6:e0:7b: 90:13:57:68 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZCgGudVK+Mq5BhWTT1c8x5ZPnoEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIxNFoX DTI3MDMwMzA2MDcxNFowMzExMC8GA1UEAxMoNTgxNTcyRjExRjMzMkNDM0VBRTNE MTlFMDVDNEJGMzgyMjQwQUVBQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJKjhFeyks+X5sY9yIJevDV1IL0obFoDsT57mF1CfZ8lqmn6vOf9+Q0BIRsq F0faR7TQSNm9y9NCuwCUHZ8roM06mt/yTI7ocM8LSOKr3MuYf3rESNimT7TfPEox MPgA/cTHGx6oDqEDadAmsTS3+mP5M45mF1/3jXtofrN39sc3EqCqqTfVdhg/mQV8 uJ/Zs9iv5qnNm732d1b2kCn5hau6swehTZNklyj6NdqKt/78dOehj7wYtYeM0xsO u5VwUTsTr5cLs+L5pjg6ZSwfsmw66ZbXWJK+rYsodkpu3z/VrNAieq99aWe/obE4 mWufWIZHInVlMAORsPtCOy8pP00CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRYFXLx HzMsw+rj0Z4FxL84IkCurDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzIxNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ojUwDQYJKoZIhvcNAQELBQADggEBAHIR5FeUYK7ptGACJAhGqvv0YmPsjwukPJ6r 2NWkhRAew7SUsq0A3EzlxSE5xReWXmHB+FqzET63PFQqsO4jKOyLmOn21eWX77zO MPHucCXmL8OdP3uqLIVAPzrAN6YoG7H61GeDEa4xs5spteYNhdimHJUaRox9QHvi 1HVZG43QpK4ef2QF/ZSiLwsDUSWsQXfk5kiqk6APsyvuDHQrnyHU6XOF6QsRaNRk 8bzKwIIaYKaPjEBGsHjH73O2D8pUmgBKclNgoL4oYOfowNmH8Vx3PH52WNL2y/hH uRnGIpHhaUrvgECTn/T6Ye2WMC38Lz7b9MKLJVXZ2ebge5ATV2g= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:16 2026 by rpki-client