$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143227.roa File: AS143227.roa (raw, json) Hash identifier: sNQY7yfybze4oN0gmc3EMn9G/28uys0IF6FAYVVon4c= Subject key identifier: 9D:EE:D4:CE:8E:6B:0B:83:A9:34:BD:C8:32:9E:DA:C7:ED:DA:86:D5 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2661A39ED7BBBA6150D234EEB8177AE88C46AE8A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143227.roa Signing time: Wed 04 Mar 2026 06:07:59 +0000 ROA not before: Wed 04 Mar 2026 06:02:59 +0000 ROA not after: Wed 03 Mar 2027 06:07:59 +0000 asID: 143227 IP address blocks: 240a:a241::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:61:a3:9e:d7:bb:ba:61:50:d2:34:ee:b8:17:7a:e8:8c:46:ae:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:59 2026 GMT Not After : Mar 3 06:07:59 2027 GMT Subject: CN=9DEED4CE8E6B0B83A934BDC8329EDAC7EDDA86D5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:d3:37:35:88:25:2d:00:ea:e7:89:0e:de:c7: 2e:7d:10:2d:ae:b4:12:5b:86:0f:81:95:11:91:34: 36:31:3c:11:63:27:74:6b:f3:bf:89:75:d9:92:e8: cb:44:60:b3:16:83:c6:fb:d9:a0:9b:83:f0:2a:87: 3c:0e:cf:d1:71:62:b8:70:2d:08:86:e6:4b:bc:30: 7a:d0:10:a7:7a:0c:e1:b1:33:f5:eb:52:9f:b7:51: 53:79:8c:c3:ef:b0:85:8f:b1:49:72:cf:e3:9e:0d: de:90:d6:28:7f:38:02:b2:18:22:b0:e3:e4:b2:e1: 34:3a:81:c6:9e:eb:37:69:46:8f:ca:4e:1e:79:d9: 09:ef:19:c6:6a:18:52:b1:87:a2:ef:de:bc:24:18: 31:f5:5a:c7:ce:90:cd:0e:d8:50:b4:dd:a7:13:2d: 92:39:ee:9a:01:f4:6f:04:95:71:6e:15:5f:04:7d: 0c:9e:0e:ee:a3:9c:0c:29:4a:a8:29:ea:f3:cd:16: 2a:49:ac:c9:77:cb:94:81:c2:8f:05:0e:51:a2:fd: c7:e5:98:51:58:1d:34:1c:9e:8e:0c:eb:0f:73:3d: f5:29:3e:f0:ce:96:df:c2:f9:ba:28:ce:6d:d8:01: 51:a1:45:f1:2d:e3:f1:bd:a3:1b:e3:fd:dd:07:19: ee:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:EE:D4:CE:8E:6B:0B:83:A9:34:BD:C8:32:9E:DA:C7:ED:DA:86:D5 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143227.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a241::/32 Signature Algorithm: sha256WithRSAEncryption bb:c3:26:2f:f3:ca:43:e9:67:7f:23:9c:4b:80:b3:30:be:0b: 22:4f:50:de:aa:42:24:cf:54:ec:03:f5:3d:a8:a7:3c:5a:cb: 55:48:50:c5:a4:e6:c0:af:ef:49:4d:bd:ff:c0:ab:4f:c5:9e: 43:5f:d6:6e:32:b8:1e:43:16:51:e5:d4:3a:69:7e:48:81:a1: c4:ff:e0:e2:f1:63:ce:72:3e:75:39:6f:e5:5d:ab:82:c6:64: 2c:9a:89:8f:cd:37:38:49:8a:82:6d:5f:c4:15:1f:38:bd:52: 29:e0:eb:1c:db:66:14:74:57:a4:5d:8f:7d:21:8c:df:5b:37: 1b:88:86:50:f0:49:93:51:01:f0:dd:fe:5a:c3:28:28:ff:7f: 2c:5e:91:ba:f8:9b:a9:3f:91:bb:4c:49:09:2b:44:9d:84:8b: 69:45:e0:89:80:98:6c:50:f8:20:4c:36:fd:2d:cd:c9:a7:92: 01:a6:d2:94:62:ef:a7:b0:8e:45:90:19:ae:3b:77:5d:77:60: 05:fe:e3:29:e8:72:17:55:fa:39:c4:d5:e3:a7:c0:ce:5f:ac: 41:5a:67:53:c7:7b:9d:9d:72:ee:2a:32:4d:9b:4a:01:0d:39: 29:7d:a1:ef:25:70:00:52:df:03:6e:16:aa:26:9e:f7:e6:93: 9a:2c:3d:3c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJmGjnte7umFQ0jTuuBd66IxGroowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI1OVoX DTI3MDMwMzA2MDc1OVowMzExMC8GA1UEAxMoOURFRUQ0Q0U4RTZCMEI4M0E5MzRC REM4MzI5RURBQzdFRERBODZENTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJfTNzWIJS0A6ueJDt7HLn0QLa60EluGD4GVEZE0NjE8EWMndGvzv4l12ZLo y0RgsxaDxvvZoJuD8CqHPA7P0XFiuHAtCIbmS7wwetAQp3oM4bEz9etSn7dRU3mM w++whY+xSXLP454N3pDWKH84ArIYIrDj5LLhNDqBxp7rN2lGj8pOHnnZCe8ZxmoY UrGHou/evCQYMfVax86QzQ7YULTdpxMtkjnumgH0bwSVcW4VXwR9DJ4O7qOcDClK qCnq880WKkmsyXfLlIHCjwUOUaL9x+WYUVgdNByejgzrD3M99Sk+8M6W38L5uijO bdgBUaFF8S3j8b2jG+P93QcZ7tsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSd7tTO jmsLg6k0vcgyntrH7dqG1TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzIyNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK okEwDQYJKoZIhvcNAQELBQADggEBALvDJi/zykPpZ38jnEuAszC+CyJPUN6qQiTP VOwD9T2opzxay1VIUMWk5sCv70lNvf/Aq0/FnkNf1m4yuB5DFlHl1DppfkiBocT/ 4OLxY85yPnU5b+Vdq4LGZCyaiY/NNzhJioJtX8QVHzi9Uing6xzbZhR0V6Rdj30h jN9bNxuIhlDwSZNRAfDd/lrDKCj/fyxekbr4m6k/kbtMSQkrRJ2Ei2lF4ImAmGxQ +CBMNv0tzcmnkgGm0pRi76ewjkWQGa47d113YAX+4ynochdV+jnE1eOnwM5frEFa Z1PHe52dcu4qMk2bSgENOSl9oe8lcABS3wNuFqomnvfmk5osPTw= -----END CERTIFICATE-----Generated at Sat Mar 28 13:14:20 2026 by rpki-client