$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143225.roa File: AS143225.roa (raw, json) Hash identifier: hkdGML4F0knSE2C9cqIMDvGd1ZwJ0G5wZ1WLU+onho0= Subject key identifier: 78:7F:D1:B4:0A:87:8E:0C:91:63:8F:79:BE:0A:59:7E:61:2D:CF:97 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 088A932154E6C63D49464221E437011A87F7B3F7 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143225.roa Signing time: Wed 04 Mar 2026 06:07:58 +0000 ROA not before: Wed 04 Mar 2026 06:02:58 +0000 ROA not after: Wed 03 Mar 2027 06:07:58 +0000 asID: 143225 IP address blocks: 240a:a23f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:8a:93:21:54:e6:c6:3d:49:46:42:21:e4:37:01:1a:87:f7:b3:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:58 2026 GMT Not After : Mar 3 06:07:58 2027 GMT Subject: CN=787FD1B40A878E0C91638F79BE0A597E612DCF97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:22:70:aa:a7:1c:47:d9:f8:fb:b0:9b:bf:d2: 17:bf:9c:c9:23:e0:1a:90:ec:80:ed:14:76:2f:b8: 31:f1:ae:bd:4b:ae:86:f2:55:50:53:a9:5c:22:cf: 23:29:52:4b:8c:c5:c7:e4:a4:e1:c7:54:08:e5:4c: 53:73:94:d9:ef:ba:93:c3:60:44:6f:00:10:c5:a7: 7e:da:a5:ca:e9:00:3f:dc:02:d9:a0:08:1a:2f:48: ca:d0:4b:93:27:50:7c:1b:2e:c5:ec:1b:6f:14:01: 3d:43:82:03:f3:be:fc:e8:a7:9d:5d:c9:1a:fb:05: 42:c1:bd:20:29:b4:00:7a:f9:7d:77:19:53:74:b5: 53:5c:4c:eb:2f:32:75:e3:07:4a:3b:36:2c:8d:e0: 20:9d:4a:9e:4a:8b:ac:8d:42:e1:5a:4e:92:fa:28: a5:05:ec:13:5b:44:b3:ee:fe:a0:6b:9b:b6:7c:bc: 3e:d9:a1:e4:59:96:94:26:58:2b:17:b3:73:10:e6: f1:73:e3:41:ba:c4:29:7f:f2:a5:c9:31:4d:e3:e4: 32:71:5d:38:79:79:8d:44:0b:1d:08:26:49:e5:26: 97:e3:c9:59:99:71:9d:94:a4:5e:25:7c:ce:95:07: 81:f5:20:d9:05:3f:74:38:43:87:86:21:eb:47:38: 1b:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:7F:D1:B4:0A:87:8E:0C:91:63:8F:79:BE:0A:59:7E:61:2D:CF:97 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143225.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a23f::/32 Signature Algorithm: sha256WithRSAEncryption b7:8f:e3:59:b8:cd:53:4f:9c:e9:2a:36:6c:45:da:ff:de:af: e9:33:a3:86:b1:20:fd:b5:ec:be:7e:47:30:13:15:b2:0f:3b: ad:04:70:7a:8b:2f:be:11:55:bf:88:ec:c1:14:e7:15:71:09: ee:84:5b:62:bb:9e:c9:7e:b4:e5:b1:fc:9c:bc:f9:5d:48:ba: bb:b3:f7:1c:e6:92:ef:d5:b7:48:f8:77:e2:66:d3:f1:37:a7: e6:f4:6b:c8:68:f1:a9:28:f9:63:ce:5d:b4:f2:08:52:ce:24: 0e:2f:77:1b:e1:6c:a5:17:54:45:e3:31:e0:de:69:94:46:2b: 5d:98:74:f9:97:51:96:dc:8c:7e:48:e5:39:6c:97:db:71:01: e4:36:27:6d:63:f7:e4:f4:a8:6b:c6:80:7c:03:a7:63:2e:b8: 60:b0:d3:1d:9f:89:ae:e2:f4:f7:d2:c6:c3:f8:18:cc:16:91: 69:24:c2:1a:a6:72:13:82:2e:66:2d:f9:2e:7e:26:9c:80:bb: ba:83:25:d0:11:27:ae:f3:25:84:85:a4:b0:47:d7:ed:b8:a9: c6:cc:d5:ff:c7:f3:4a:82:85:4f:f4:51:5d:08:84:8e:54:5f: 58:eb:63:6c:fd:dc:88:85:64:52:d2:c3:f8:4f:0d:b2:2e:35: d9:83:0a:c7 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUCIqTIVTmxj1JRkIh5DcBGof3s/cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI1OFoX DTI3MDMwMzA2MDc1OFowMzExMC8GA1UEAxMoNzg3RkQxQjQwQTg3OEUwQzkxNjM4 Rjc5QkUwQTU5N0U2MTJEQ0Y5NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJcicKqnHEfZ+Puwm7/SF7+cySPgGpDsgO0Udi+4MfGuvUuuhvJVUFOpXCLP IylSS4zFx+Sk4cdUCOVMU3OU2e+6k8NgRG8AEMWnftqlyukAP9wC2aAIGi9IytBL kydQfBsuxewbbxQBPUOCA/O+/OinnV3JGvsFQsG9ICm0AHr5fXcZU3S1U1xM6y8y deMHSjs2LI3gIJ1KnkqLrI1C4VpOkvoopQXsE1tEs+7+oGubtny8Ptmh5FmWlCZY KxezcxDm8XPjQbrEKX/ypckxTePkMnFdOHl5jUQLHQgmSeUml+PJWZlxnZSkXiV8 zpUHgfUg2QU/dDhDh4Yh60c4G5sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR4f9G0 CoeODJFjj3m+Cll+YS3PlzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzIyNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oj8wDQYJKoZIhvcNAQELBQADggEBALeP41m4zVNPnOkqNmxF2v/er+kzo4axIP21 7L5+RzATFbIPO60EcHqLL74RVb+I7MEU5xVxCe6EW2K7nsl+tOWx/Jy8+V1Iuruz 9xzmku/Vt0j4d+Jm0/E3p+b0a8ho8ako+WPOXbTyCFLOJA4vdxvhbKUXVEXjMeDe aZRGK12YdPmXUZbcjH5I5Tlsl9txAeQ2J21j9+T0qGvGgHwDp2MuuGCw0x2fia7i 9PfSxsP4GMwWkWkkwhqmchOCLmYt+S5+JpyAu7qDJdARJ67zJYSFpLBH1+24qcbM 1f/H80qChU/0UV0IhI5UX1jrY2z93IiFZFLSw/hPDbIuNdmDCsc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:51 2026 by rpki-client