$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143219.roa File: AS143219.roa (raw, json) Hash identifier: vOMB/50ZndyJxOd8o763MfN0F89r7i8eP8ZAqajzg7k= Subject key identifier: 20:A7:65:B6:05:61:35:54:C5:D4:24:24:B8:88:A6:5B:A7:BA:2C:3C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6F002642BFD068C544E3BE15D7AD4DA649EE310E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143219.roa Signing time: Wed 04 Mar 2026 06:05:56 +0000 ROA not before: Wed 04 Mar 2026 06:00:56 +0000 ROA not after: Wed 03 Mar 2027 06:05:56 +0000 asID: 143219 IP address blocks: 240a:a239::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:00:26:42:bf:d0:68:c5:44:e3:be:15:d7:ad:4d:a6:49:ee:31:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:56 2026 GMT Not After : Mar 3 06:05:56 2027 GMT Subject: CN=20A765B605613554C5D42424B888A65BA7BA2C3C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:75:45:b4:70:1a:be:76:30:df:4d:82:e5:18: 9c:86:07:ce:a0:74:69:9c:ca:76:8d:a9:b9:d8:f6: 4b:53:a0:a9:80:f6:87:f2:4f:c9:12:8e:f8:21:09: 3b:ad:c1:6f:02:0f:7f:4c:e8:f3:94:6a:e7:07:70: a9:67:94:62:20:85:79:97:2e:7c:5c:4c:ba:57:9b: a0:d6:09:72:0c:6b:5f:25:29:15:5e:9b:80:35:a9: 70:d8:cf:3c:6c:8b:fe:85:10:4c:73:12:83:23:37: b5:18:7e:b9:8e:18:41:7a:fc:99:50:6f:4a:ed:08: 48:43:ab:01:fe:e3:54:46:1f:84:93:cf:0e:f2:93: 13:23:06:bc:1a:8d:11:81:4c:87:48:cd:53:90:f8: 22:3f:ba:94:0a:b6:8e:e6:65:9e:08:e3:c1:a8:4b: a0:8f:41:5d:01:3c:3e:0e:a3:da:ef:22:9e:91:2e: 11:a8:51:9d:44:0d:a9:5d:a9:35:8b:02:cb:0a:34: 1b:fe:53:08:00:cc:da:c6:85:b2:72:ac:b5:8a:df: d7:d0:57:1d:53:ae:92:d8:ca:32:0b:7d:e0:9e:1e: 29:d8:b0:c7:08:c4:da:60:18:91:54:18:5f:79:da: a6:55:a8:dc:33:aa:5e:18:32:8f:0b:f3:5a:6e:53: e5:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:A7:65:B6:05:61:35:54:C5:D4:24:24:B8:88:A6:5B:A7:BA:2C:3C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143219.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a239::/32 Signature Algorithm: sha256WithRSAEncryption d2:80:5f:cc:ce:ee:3d:86:db:e2:91:a9:f0:80:17:47:3e:e3: 8e:5a:66:f1:71:23:3f:0a:58:b2:46:81:e4:3c:d2:e8:7a:ea: b6:eb:d6:ea:0b:2f:16:49:e7:9b:c1:2a:94:42:00:f8:17:03: b6:ef:dd:5a:a0:dc:07:7a:e6:3c:9f:3c:cc:b3:7c:52:d0:8a: a0:ac:9b:58:ca:c5:65:2c:98:ab:58:72:0e:e1:a3:0c:72:bd: 69:43:85:b9:31:b5:39:72:68:5b:41:1e:62:f4:7a:43:60:e7: 7f:9c:39:e3:35:3b:8e:1b:da:cd:26:bd:d9:17:f0:ec:e1:02: 83:68:84:8d:34:4b:eb:e9:0d:b2:cf:5b:32:ad:6c:bf:85:14: df:e4:a0:f2:90:e1:d3:d7:ee:1b:7a:e8:60:5e:de:f8:3a:64: dc:e3:85:12:92:64:e7:88:9c:37:81:26:7e:68:c9:a6:27:38: cc:2b:64:ac:af:4c:20:27:fe:cf:01:c9:28:7d:21:00:a5:ef: ef:12:8f:f3:f7:12:8c:bc:2c:fd:bb:13:22:fb:bb:44:f4:c3: 6d:f6:4a:78:1f:8b:bc:1d:0f:c5:1a:69:70:3f:10:fd:65:5d: d2:09:bb:10:71:e5:9e:33:76:15:e2:69:96:8a:5b:cc:0e:c6: 28:1e:c7:23 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUbwAmQr/QaMVE474V161NpknuMQ4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA1NloX DTI3MDMwMzA2MDU1NlowMzExMC8GA1UEAxMoMjBBNzY1QjYwNTYxMzU1NEM1RDQy NDI0Qjg4OEE2NUJBN0JBMkMzQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN11RbRwGr52MN9NguUYnIYHzqB0aZzKdo2pudj2S1OgqYD2h/JPyRKO+CEJ O63BbwIPf0zo85Rq5wdwqWeUYiCFeZcufFxMuleboNYJcgxrXyUpFV6bgDWpcNjP PGyL/oUQTHMSgyM3tRh+uY4YQXr8mVBvSu0ISEOrAf7jVEYfhJPPDvKTEyMGvBqN EYFMh0jNU5D4Ij+6lAq2juZlngjjwahLoI9BXQE8Pg6j2u8inpEuEahRnUQNqV2p NYsCywo0G/5TCADM2saFsnKstYrf19BXHVOuktjKMgt94J4eKdiwxwjE2mAYkVQY X3naplWo3DOqXhgyjwvzWm5T5akCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQgp2W2 BWE1VMXUJCS4iKZbp7osPDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzIxOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ojkwDQYJKoZIhvcNAQELBQADggEBANKAX8zO7j2G2+KRqfCAF0c+445aZvFxIz8K WLJGgeQ80uh66rbr1uoLLxZJ55vBKpRCAPgXA7bv3Vqg3Ad65jyfPMyzfFLQiqCs m1jKxWUsmKtYcg7howxyvWlDhbkxtTlyaFtBHmL0ekNg53+cOeM1O44b2s0mvdkX 8OzhAoNohI00S+vpDbLPWzKtbL+FFN/koPKQ4dPX7ht66GBe3vg6ZNzjhRKSZOeI nDeBJn5oyaYnOMwrZKyvTCAn/s8BySh9IQCl7+8Sj/P3Eoy8LP27EyL7u0T0w232 Sngfi7wdD8UaaXA/EP1lXdIJuxBx5Z4zdhXiaZaKW8wOxigexyM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:09 2026 by rpki-client