$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143231.roa File: AS143231.roa (raw, json) Hash identifier: VXIiSF5vezHk4ZF+zlpFIjJ9+4X95NuP2ORmORwSFqc= Subject key identifier: 71:CD:5B:1C:0C:BF:93:41:9B:41:40:E9:56:AD:1C:89:13:46:6F:30 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 28971BCE74BD2834D01C58F5B32B5C76B298F5BF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143231.roa Signing time: Wed 04 Mar 2026 06:06:41 +0000 ROA not before: Wed 04 Mar 2026 06:01:41 +0000 ROA not after: Wed 03 Mar 2027 06:06:41 +0000 asID: 143231 IP address blocks: 240a:a245::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:97:1b:ce:74:bd:28:34:d0:1c:58:f5:b3:2b:5c:76:b2:98:f5:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:41 2026 GMT Not After : Mar 3 06:06:41 2027 GMT Subject: CN=71CD5B1C0CBF93419B4140E956AD1C8913466F30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:16:ee:e3:5c:c1:55:9e:b3:9c:6c:fe:d0:be: f3:c2:05:34:24:8f:fd:ca:34:6c:a7:28:f0:c2:db: 80:73:9a:16:9e:27:97:30:58:c6:5d:d3:96:87:81: 04:4e:a1:18:47:01:5a:52:c5:7f:57:06:11:03:b6: 77:90:e6:54:1b:8d:bf:54:f3:02:6e:a9:f2:95:6d: c5:01:63:09:8a:94:bc:75:e9:d8:09:d7:e8:74:89: 75:0e:8b:cd:ff:a4:1c:09:43:8b:f1:c9:5c:86:e0: b5:c4:61:ca:f5:a7:3d:61:e8:1e:fb:93:4c:17:05: 56:3f:3c:c6:d5:ef:7e:cf:0c:a9:9c:4d:90:7b:53: a2:d6:05:e4:64:a0:7d:37:1d:62:9c:e6:31:ea:c6: 82:ec:91:38:3a:40:be:3e:a6:50:7b:95:57:d3:32: 02:c1:52:25:ed:2f:dc:c4:e8:4d:9e:ee:bc:c2:17: 8f:c7:9d:5d:86:f5:46:6c:7d:93:99:9e:bc:fa:a2: f8:85:9e:92:aa:78:11:c1:32:2d:2a:94:7b:ed:d8: a9:80:27:a9:14:ab:de:e6:a9:10:69:a4:df:4d:29: 96:2f:a4:5e:83:d9:db:f3:02:bb:e4:29:7e:d0:3f: 95:65:26:fb:51:11:3e:3d:ee:5b:c0:a7:c3:ae:fe: c4:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:CD:5B:1C:0C:BF:93:41:9B:41:40:E9:56:AD:1C:89:13:46:6F:30 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143231.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a245::/32 Signature Algorithm: sha256WithRSAEncryption 4a:ee:a0:a1:c0:17:7d:6d:76:ee:8e:32:a4:fc:ad:d1:7a:99: 49:5e:60:07:7d:9b:d0:9d:32:47:3d:ed:b7:dc:90:10:e4:87: 4d:29:35:4b:47:1b:7f:fb:c1:77:88:8b:df:44:c7:5e:a3:af: ea:3a:4f:fe:3c:7f:0f:89:f9:d9:25:96:80:fe:08:40:97:a1: a0:65:e5:20:5e:83:a3:12:91:aa:12:9c:1f:ab:00:57:c7:1b: 1c:ea:5b:af:19:59:a9:5d:59:3b:b1:a1:83:7b:9e:60:91:09: 3f:47:20:59:3a:b7:26:52:3e:56:f7:2a:ae:91:82:05:f4:c9: 03:c3:56:5e:cd:b6:a9:5b:cc:46:2b:d6:9b:de:92:1f:dc:98: 23:6e:56:8b:40:b9:55:c5:3b:34:ee:78:f3:46:64:ba:8c:c0: 62:b3:11:d4:f5:e3:60:b2:03:14:07:df:28:48:4e:80:02:a4: 4b:fa:e3:2c:3d:ee:cb:25:f1:00:ee:4f:94:d3:02:28:f8:17: 14:01:9c:cb:1a:e6:af:1b:59:65:6c:f3:c1:1d:28:1d:f3:27: 9e:ef:8c:79:6e:83:c7:32:ab:83:d2:d3:f0:da:c1:31:07:d2: 35:1c:0a:8a:42:54:ef:b8:0b:18:ed:56:59:0e:0a:37:3a:34: 25:2d:dc:1e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKJcbznS9KDTQHFj1sytcdrKY9b8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE0MVoX DTI3MDMwMzA2MDY0MVowMzExMC8GA1UEAxMoNzFDRDVCMUMwQ0JGOTM0MTlCNDE0 MEU5NTZBRDFDODkxMzQ2NkYzMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALoW7uNcwVWes5xs/tC+88IFNCSP/co0bKco8MLbgHOaFp4nlzBYxl3TloeB BE6hGEcBWlLFf1cGEQO2d5DmVBuNv1TzAm6p8pVtxQFjCYqUvHXp2AnX6HSJdQ6L zf+kHAlDi/HJXIbgtcRhyvWnPWHoHvuTTBcFVj88xtXvfs8MqZxNkHtTotYF5GSg fTcdYpzmMerGguyRODpAvj6mUHuVV9MyAsFSJe0v3MToTZ7uvMIXj8edXYb1Rmx9 k5mevPqi+IWekqp4EcEyLSqUe+3YqYAnqRSr3uapEGmk300pli+kXoPZ2/MCu+Qp ftA/lWUm+1ERPj3uW8Cnw67+xOECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRxzVsc DL+TQZtBQOlWrRyJE0ZvMDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzIzMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK okUwDQYJKoZIhvcNAQELBQADggEBAEruoKHAF31tdu6OMqT8rdF6mUleYAd9m9Cd Mkc97bfckBDkh00pNUtHG3/7wXeIi99Ex16jr+o6T/48fw+J+dklloD+CECXoaBl 5SBeg6MSkaoSnB+rAFfHGxzqW68ZWaldWTuxoYN7nmCRCT9HIFk6tyZSPlb3Kq6R ggX0yQPDVl7NtqlbzEYr1pvekh/cmCNuVotAuVXFOzTuePNGZLqMwGKzEdT142Cy AxQH3yhIToACpEv64yw97ssl8QDuT5TTAij4FxQBnMsa5q8bWWVs88EdKB3zJ57v jHlug8cyq4PS0/DawTEH0jUcCopCVO+4CxjtVlkOCjc6NCUt3B4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:12 2026 by rpki-client