$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143241.roa File: AS143241.roa (raw, json) Hash identifier: lmnjBOojbuW1nWgJxOoTbuCj8SndUAX8C74sS6Q9vEE= Subject key identifier: 67:C6:70:0F:A8:49:58:31:FA:72:FA:04:8C:BA:BA:F6:74:1D:C3:C9 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 05BD326C21717747B03E5B3219754F54F9E58A4A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143241.roa Signing time: Wed 04 Mar 2026 06:07:40 +0000 ROA not before: Wed 04 Mar 2026 06:02:40 +0000 ROA not after: Wed 03 Mar 2027 06:07:40 +0000 asID: 143241 IP address blocks: 240a:a24f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:bd:32:6c:21:71:77:47:b0:3e:5b:32:19:75:4f:54:f9:e5:8a:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:40 2026 GMT Not After : Mar 3 06:07:40 2027 GMT Subject: CN=67C6700FA8495831FA72FA048CBABAF6741DC3C9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:38:7e:22:0c:ce:e1:29:1c:2a:0c:11:ba:d6: 0d:ae:40:0a:68:b4:ac:90:1a:01:05:cf:84:dd:85: de:b7:a4:b5:5f:a8:ff:83:cd:22:8c:13:22:17:76: 74:7b:16:f0:7e:29:73:9a:4b:26:37:45:bd:e0:9e: 63:7a:e0:21:ac:bf:0f:5f:44:8e:a4:2a:f7:f9:8f: ef:da:df:7d:09:f1:50:86:48:5d:5d:a3:38:8f:c5: 44:2b:0b:2f:b4:0a:7e:d9:88:b0:ce:b8:78:19:da: 1c:ff:12:93:5a:b0:ce:b1:b5:2a:d8:13:99:28:2c: d2:17:a8:86:34:48:09:a1:a0:12:3f:56:e1:bc:1b: 8b:e0:2d:d4:27:0b:0b:7d:d1:7f:a6:60:e6:98:08: ce:92:44:4d:36:49:8e:bf:88:e7:dc:5e:ec:74:d1: a3:37:e5:b3:e6:78:15:8c:07:ff:b3:de:c4:95:76: 74:74:da:44:15:77:7e:69:03:01:06:9e:80:26:1f: b7:36:b4:fd:8a:aa:62:9c:d9:7d:eb:b9:72:82:1b: 5a:74:f7:ed:83:44:fd:67:2a:26:47:f4:47:e8:89: fc:fc:f6:ee:57:8c:fa:ed:6a:15:f9:43:c0:82:f2: 9c:e1:ed:e4:df:ca:e8:b8:bf:3c:33:df:07:49:db: 10:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:C6:70:0F:A8:49:58:31:FA:72:FA:04:8C:BA:BA:F6:74:1D:C3:C9 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143241.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a24f::/32 Signature Algorithm: sha256WithRSAEncryption 6d:a1:64:cd:e7:07:90:f3:1b:d0:43:60:cb:09:ac:a1:fc:f8: f4:5c:57:56:a2:7b:c4:91:df:7b:bf:ec:75:26:64:e7:a5:93: a3:d2:a2:70:34:69:0b:4e:fa:d9:ae:9c:88:77:f9:c3:d9:ad: 55:90:95:22:92:c5:f0:f7:bc:47:89:ec:2c:2b:44:e1:41:6f: 14:92:48:8b:e6:fd:3d:ef:08:55:66:e5:71:b9:dd:4c:0a:2a: 7c:11:8f:a4:bd:f3:bf:1d:d9:3a:e0:fd:1b:d0:c4:d9:5a:42: 5e:6d:03:4b:e6:46:d7:41:0e:29:df:ff:69:9b:3e:36:24:91: 9e:3a:0e:36:a3:24:b6:d6:d0:4c:84:3f:1e:65:76:3c:78:28: a3:6a:3d:27:72:47:ad:d3:ad:79:32:cf:64:dd:c6:57:75:5a: 87:6e:c0:c6:71:85:e5:84:69:7d:ce:a4:cf:73:30:43:7d:4a: 3d:71:ee:66:ff:db:50:d7:8c:93:f2:82:e6:61:3e:ad:b1:cd: 25:d1:bb:06:2a:c5:20:3e:b2:76:56:d8:19:aa:6b:b8:cc:33: 97:bc:50:90:5c:a0:85:26:b6:9a:fc:a5:f9:e6:ad:7a:34:a7: 5a:6a:03:4c:43:2d:18:94:51:8d:1e:e7:f3:57:66:99:78:0f: c4:9e:40:88 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBb0ybCFxd0ewPlsyGXVPVPnlikowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI0MFoX DTI3MDMwMzA2MDc0MFowMzExMC8GA1UEAxMoNjdDNjcwMEZBODQ5NTgzMUZBNzJG QTA0OENCQUJBRjY3NDFEQzNDOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKY4fiIMzuEpHCoMEbrWDa5ACmi0rJAaAQXPhN2F3rektV+o/4PNIowTIhd2 dHsW8H4pc5pLJjdFveCeY3rgIay/D19EjqQq9/mP79rffQnxUIZIXV2jOI/FRCsL L7QKftmIsM64eBnaHP8Sk1qwzrG1KtgTmSgs0heohjRICaGgEj9W4bwbi+At1CcL C33Rf6Zg5pgIzpJETTZJjr+I59xe7HTRozfls+Z4FYwH/7PexJV2dHTaRBV3fmkD AQaegCYftza0/YqqYpzZfeu5coIbWnT37YNE/WcqJkf0R+iJ/Pz27leM+u1qFflD wILynOHt5N/K6Li/PDPfB0nbEPcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRnxnAP qElYMfpy+gSMurr2dB3DyTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzI0MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ok8wDQYJKoZIhvcNAQELBQADggEBAG2hZM3nB5DzG9BDYMsJrKH8+PRcV1aie8SR 33u/7HUmZOelk6PSonA0aQtO+tmunIh3+cPZrVWQlSKSxfD3vEeJ7CwrROFBbxSS SIvm/T3vCFVm5XG53UwKKnwRj6S9878d2Trg/RvQxNlaQl5tA0vmRtdBDinf/2mb PjYkkZ46DjajJLbW0EyEPx5ldjx4KKNqPSdyR63TrXkyz2Tdxld1WoduwMZxheWE aX3OpM9zMEN9Sj1x7mb/21DXjJPyguZhPq2xzSXRuwYqxSA+snZW2Bmqa7jMM5e8 UJBcoIUmtpr8pfnmrXo0p1pqA0xDLRiUUY0e5/NXZpl4D8SeQIg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:09 2026 by rpki-client