$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143229.roa File: AS143229.roa (raw, json) Hash identifier: pIbkhu+XeujBeekASQOTITZNREtekgB5VDAMYnq1Gso= Subject key identifier: 80:90:13:98:7C:0E:8E:3A:0F:5D:FB:1A:A8:3D:4E:11:03:9C:80:26 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0F1603437FC3E269718B1425CA9BB5B5F14D4A56 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143229.roa Signing time: Wed 04 Mar 2026 06:06:39 +0000 ROA not before: Wed 04 Mar 2026 06:01:39 +0000 ROA not after: Wed 03 Mar 2027 06:06:39 +0000 asID: 143229 IP address blocks: 240a:a243::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:16:03:43:7f:c3:e2:69:71:8b:14:25:ca:9b:b5:b5:f1:4d:4a:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:39 2026 GMT Not After : Mar 3 06:06:39 2027 GMT Subject: CN=809013987C0E8E3A0F5DFB1AA83D4E11039C8026 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:8d:de:df:40:f4:95:e9:20:16:16:67:4f:e9: 53:b3:d3:ed:1e:c8:7d:79:ff:86:a3:a3:c6:87:9f: 60:2c:e1:b1:e4:29:67:ad:68:ed:30:63:b9:94:25: 09:1d:de:4c:39:09:ef:45:9e:ba:f5:4d:77:7e:8f: 28:38:d8:62:04:f2:41:17:13:45:d7:46:a7:bd:d1: cb:de:98:e4:3b:0c:9e:ec:0b:03:6e:fe:ae:9f:e9: 15:73:91:d2:e6:38:4a:9a:f9:29:1c:ea:20:f6:36: 0e:a0:99:44:97:dc:de:b1:69:25:95:10:d5:19:4f: 70:ed:fa:5b:f1:47:f8:5e:6c:27:2e:38:09:4c:79: b2:86:32:83:28:4e:dd:0a:04:b0:c3:c4:a9:07:26: 1f:89:e9:f5:59:98:ca:29:fc:e1:90:9c:b3:c1:9c: d5:3f:7e:0e:0f:99:f1:d2:60:41:f6:b0:f6:ab:23: a7:75:97:58:fc:27:8b:a3:64:2a:29:88:2f:54:3f: 40:f3:e3:57:c4:00:b3:d4:68:aa:d1:0f:69:24:e3: c8:34:4f:b9:95:78:fd:51:35:1b:58:7c:5a:d4:b6: ea:29:4e:1e:19:87:e4:9e:f8:f6:5b:82:3a:d8:59: f1:9b:89:a8:dd:28:01:16:31:d7:70:6c:89:4f:b5: a3:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:90:13:98:7C:0E:8E:3A:0F:5D:FB:1A:A8:3D:4E:11:03:9C:80:26 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143229.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a243::/32 Signature Algorithm: sha256WithRSAEncryption 25:f6:7f:38:d1:94:2c:00:f6:44:80:8e:79:9e:9b:6c:11:0b: 9e:8a:36:89:6e:66:56:59:38:02:3d:b4:51:a6:38:fa:72:36: 12:7b:9c:a1:0b:71:7e:2b:14:11:5b:5b:c0:9b:41:8d:ea:45: b5:bf:b7:6e:ba:01:3b:fa:9c:24:49:ff:b7:87:18:7a:83:d7: cf:fc:c9:ff:22:db:9f:7d:fb:0c:a2:f8:9e:ed:d0:ac:34:14: 6e:db:41:dd:11:d1:c8:78:60:17:af:b8:54:2e:52:3f:7d:9b: 9b:97:ed:f0:d0:08:58:86:70:e8:32:a3:6f:38:c5:29:e2:6a: 93:03:27:69:8b:3d:dd:d8:c2:25:1e:ef:42:bf:b4:33:a3:1b: 4e:37:f8:5f:31:b4:c0:94:7f:e7:fa:47:34:83:26:d2:80:55: 3b:48:a5:bd:3d:88:40:df:25:b8:70:3e:20:0d:12:75:07:4a: 96:d9:8e:6d:83:4c:59:44:94:99:b7:2e:44:b4:30:c5:79:0a: 2b:8c:cd:c3:57:d8:f3:11:3c:4e:28:22:79:61:3d:9f:d5:36: e4:a2:63:bf:08:e5:44:a2:46:b7:c7:d4:d6:e2:fc:50:1f:0b: 7f:7a:8d:93:97:f9:58:bf:e9:9a:87:2c:90:a7:a5:f0:e0:90: b5:88:d6:18 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDxYDQ3/D4mlxixQlypu1tfFNSlYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEzOVoX DTI3MDMwMzA2MDYzOVowMzExMC8GA1UEAxMoODA5MDEzOTg3QzBFOEUzQTBGNURG QjFBQTgzRDRFMTEwMzlDODAyNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMSN3t9A9JXpIBYWZ0/pU7PT7R7IfXn/hqOjxoefYCzhseQpZ61o7TBjuZQl CR3eTDkJ70WeuvVNd36PKDjYYgTyQRcTRddGp73Ry96Y5DsMnuwLA27+rp/pFXOR 0uY4Spr5KRzqIPY2DqCZRJfc3rFpJZUQ1RlPcO36W/FH+F5sJy44CUx5soYygyhO 3QoEsMPEqQcmH4np9VmYyin84ZCcs8Gc1T9+Dg+Z8dJgQfaw9qsjp3WXWPwni6Nk KimIL1Q/QPPjV8QAs9RoqtEPaSTjyDRPuZV4/VE1G1h8WtS26ilOHhmH5J749luC OthZ8ZuJqN0oARYx13BsiU+1o7MCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSAkBOY fA6OOg9d+xqoPU4RA5yAJjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzIyOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK okMwDQYJKoZIhvcNAQELBQADggEBACX2fzjRlCwA9kSAjnmem2wRC56KNoluZlZZ OAI9tFGmOPpyNhJ7nKELcX4rFBFbW8CbQY3qRbW/t266ATv6nCRJ/7eHGHqD18/8 yf8i2599+wyi+J7t0Kw0FG7bQd0R0ch4YBevuFQuUj99m5uX7fDQCFiGcOgyo284 xSniapMDJ2mLPd3YwiUe70K/tDOjG043+F8xtMCUf+f6RzSDJtKAVTtIpb09iEDf JbhwPiANEnUHSpbZjm2DTFlElJm3LkS0MMV5CiuMzcNX2PMRPE4oInlhPZ/VNuSi Y78I5USiRrfH1Nbi/FAfC396jZOX+Vi/6ZqHLJCnpfDgkLWI1hg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:32 2026 by rpki-client