$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143249.roa File: AS143249.roa (raw, json) Hash identifier: q85UTpuFQd2xs2AgFAKkEZyiwANjNwoOzSy+2/Ia8/0= Subject key identifier: FD:0E:DF:5F:6A:D5:0D:68:8E:E9:31:69:E8:33:EE:6B:64:4F:21:C7 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 469E0A54FE53FF612A8C274D77E6FB0EDC99E96A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143249.roa Signing time: Wed 04 Mar 2026 06:05:20 +0000 ROA not before: Wed 04 Mar 2026 06:00:20 +0000 ROA not after: Wed 03 Mar 2027 06:05:20 +0000 asID: 143249 IP address blocks: 240a:a257::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:9e:0a:54:fe:53:ff:61:2a:8c:27:4d:77:e6:fb:0e:dc:99:e9:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:20 2026 GMT Not After : Mar 3 06:05:20 2027 GMT Subject: CN=FD0EDF5F6AD50D688EE93169E833EE6B644F21C7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:a2:26:03:2f:5f:a8:2c:32:4e:f6:52:96:9b: 1f:26:4c:be:d4:48:61:1a:ae:ba:45:dd:5d:06:9d: 1a:3b:ef:c5:aa:80:2d:30:f5:d9:ea:73:12:ed:c9: 2e:0c:d2:24:6a:b5:b4:c2:34:1f:01:f8:14:06:45: 9a:83:fb:47:03:d5:cb:25:59:f2:5d:4a:16:8d:19: ea:51:c2:23:4d:0c:ca:28:80:ce:1e:6b:6e:9a:02: 75:36:90:a4:8a:83:e8:a2:43:17:f5:88:54:4f:c2: dc:48:eb:54:79:84:a4:ae:35:d2:30:ad:b4:f7:e5: c2:9c:12:2d:28:45:92:1a:0a:3f:1c:62:2a:68:42: 85:1d:71:e9:6b:76:fe:d1:f6:14:e7:ac:f4:29:aa: 8d:12:46:bd:35:eb:f3:a9:a3:75:38:fd:be:a9:61: 7e:8a:e5:49:d2:87:44:bd:3f:cc:3e:0c:de:e9:68: cd:7c:dd:7e:7c:d2:82:bd:f0:32:01:ed:e5:24:16: b7:51:8e:59:cc:4f:f7:02:5d:88:d2:03:0f:09:b6: 9f:fa:3b:16:87:df:2c:60:56:80:65:16:f4:53:61: 36:87:44:5b:15:b9:6a:02:3e:dd:22:55:30:0e:c5: bc:40:8c:f4:5b:12:0d:14:e6:37:58:5e:97:90:17: 0a:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:0E:DF:5F:6A:D5:0D:68:8E:E9:31:69:E8:33:EE:6B:64:4F:21:C7 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143249.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a257::/32 Signature Algorithm: sha256WithRSAEncryption 91:cb:09:15:97:cd:fe:45:ff:fd:ca:3d:54:2b:6a:9c:e1:90: 29:4c:3c:e3:21:17:89:99:94:31:31:ef:9f:91:db:58:32:99: 0c:fe:c7:0d:74:ae:9d:44:5a:7d:d8:31:b5:85:a3:31:fc:a9: 94:db:e6:6b:90:7d:c4:66:3c:08:be:28:6e:73:42:d3:22:ad: 2e:4a:db:4f:92:2d:4b:f4:85:57:dc:b1:12:74:bd:57:c8:eb: b9:fe:01:8f:34:b2:ae:f9:7a:d8:a4:df:d3:18:34:fd:7f:55: d9:65:2c:90:e7:65:3c:16:ba:5c:4e:e2:aa:e6:26:58:df:1b: 48:0d:2f:45:29:43:e4:fe:d7:2b:2c:9c:8f:40:b4:3b:92:16: 66:c9:14:6d:1a:61:5d:b6:0f:06:89:5b:02:76:c8:2d:bb:64: 69:3a:a0:87:a0:c5:52:a9:2d:76:99:33:7e:ab:fb:a3:38:b1: 89:47:3c:e4:22:3f:a1:fa:2f:98:82:d3:ae:36:6f:b2:e0:c7: d3:93:e3:db:e9:71:0c:d0:94:b1:9b:d2:1d:e2:0e:84:ae:bd: 5c:3f:55:2e:cc:12:91:69:e5:20:3e:b8:cd:aa:64:8e:e9:fe: c0:91:82:9e:14:21:10:30:cc:88:38:f8:c1:0d:24:22:d9:9e: 6c:0a:96:b5 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIURp4KVP5T/2EqjCdNd+b7DtyZ6WowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAyMFoX DTI3MDMwMzA2MDUyMFowMzExMC8GA1UEAxMoRkQwRURGNUY2QUQ1MEQ2ODhFRTkz MTY5RTgzM0VFNkI2NDRGMjFDNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALCiJgMvX6gsMk72UpabHyZMvtRIYRquukXdXQadGjvvxaqALTD12epzEu3J LgzSJGq1tMI0HwH4FAZFmoP7RwPVyyVZ8l1KFo0Z6lHCI00MyiiAzh5rbpoCdTaQ pIqD6KJDF/WIVE/C3EjrVHmEpK410jCttPflwpwSLShFkhoKPxxiKmhChR1x6Wt2 /tH2FOes9CmqjRJGvTXr86mjdTj9vqlhforlSdKHRL0/zD4M3ulozXzdfnzSgr3w MgHt5SQWt1GOWcxP9wJdiNIDDwm2n/o7FoffLGBWgGUW9FNhNodEWxW5agI+3SJV MA7FvECM9FsSDRTmN1hel5AXCjkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT9Dt9f atUNaI7pMWnoM+5rZE8hxzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzI0OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK olcwDQYJKoZIhvcNAQELBQADggEBAJHLCRWXzf5F//3KPVQrapzhkClMPOMhF4mZ lDEx75+R21gymQz+xw10rp1EWn3YMbWFozH8qZTb5muQfcRmPAi+KG5zQtMirS5K 20+SLUv0hVfcsRJ0vVfI67n+AY80sq75etik39MYNP1/VdllLJDnZTwWulxO4qrm JljfG0gNL0UpQ+T+1yssnI9AtDuSFmbJFG0aYV22DwaJWwJ2yC27ZGk6oIegxVKp LXaZM36r+6M4sYlHPOQiP6H6L5iC0642b7Lgx9OT49vpcQzQlLGb0h3iDoSuvVw/ VS7MEpFp5SA+uM2qZI7p/sCRgp4UIRAwzIg4+MENJCLZnmwKlrU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:28 2026 by rpki-client