$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143251.roa File: AS143251.roa (raw, json) Hash identifier: wxpNEJOBl3sc6P5YqPbfWSPXaAGjU/7OnH8He2qlcCM= Subject key identifier: 65:09:5D:96:5E:8C:0B:73:9F:9D:F3:F7:14:95:A6:A3:19:4B:EB:D7 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 371DDE1CF5A0290BBF5A83704B3166708E7A2399 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143251.roa Signing time: Wed 04 Mar 2026 06:05:29 +0000 ROA not before: Wed 04 Mar 2026 06:00:29 +0000 ROA not after: Wed 03 Mar 2027 06:05:29 +0000 asID: 143251 IP address blocks: 240a:a259::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:1d:de:1c:f5:a0:29:0b:bf:5a:83:70:4b:31:66:70:8e:7a:23:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:29 2026 GMT Not After : Mar 3 06:05:29 2027 GMT Subject: CN=65095D965E8C0B739F9DF3F71495A6A3194BEBD7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:66:38:cb:d4:c7:a5:ab:bb:a7:4c:e6:53:ef: d3:76:0b:8c:bc:c8:15:ca:5c:16:7a:eb:93:e2:c4: c9:cc:45:99:7b:43:46:59:75:df:e2:b8:42:fa:94: cd:9d:aa:7b:a1:8a:a8:5f:e7:79:35:77:52:ec:b8: d7:a8:07:4f:1f:74:b2:e2:e7:08:02:0e:bf:41:a1: 3f:33:33:26:25:6f:40:5a:60:1c:0f:58:d7:cc:55: 99:df:0a:f0:9c:29:d6:29:ed:89:18:b8:9e:8c:03: 80:66:0a:44:9a:b7:1d:90:2c:7c:68:16:1d:f6:63: d3:0a:0f:0e:63:3f:95:84:f2:88:4a:4e:ab:8d:86: 0a:17:b3:9f:63:f6:49:f9:15:31:d5:df:eb:3b:01: 0a:73:68:6c:27:6a:cd:b1:42:8d:09:3d:94:60:a6: c2:a4:bc:02:78:74:18:73:49:bb:1b:dc:de:bf:69: 9a:cd:65:c2:9f:df:c5:ba:91:69:d3:be:1a:65:b6: 8e:0a:02:fa:75:ab:30:c0:63:e0:34:c6:14:87:d9: 4f:16:53:12:d9:76:ff:54:62:6d:15:92:e6:a5:9c: 1c:b6:70:7f:d1:64:33:93:57:21:e5:d8:a0:87:4d: 61:23:81:2a:3e:54:48:3c:75:1d:e6:4c:ba:22:2d: b2:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:09:5D:96:5E:8C:0B:73:9F:9D:F3:F7:14:95:A6:A3:19:4B:EB:D7 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143251.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a259::/32 Signature Algorithm: sha256WithRSAEncryption bb:74:db:bb:91:56:4e:c1:e4:ee:a9:b8:cb:99:b2:8a:cb:34: ce:69:8d:7a:fd:46:86:aa:78:d0:0d:0b:24:8f:8d:9c:b4:30: ec:d6:d1:14:a5:a4:a9:53:c9:aa:70:7f:e3:91:5c:12:59:5f: 48:06:35:a8:a1:15:5e:ee:ad:c4:05:3c:0e:99:3f:9b:8b:d0: d1:3c:a1:e3:f6:85:d4:06:93:08:b6:7c:9b:26:a5:c3:c1:ba: f1:01:2a:eb:d1:50:60:1b:b3:97:97:2a:e4:c4:27:26:23:7d: 61:09:27:0c:c9:14:23:16:93:e6:2c:ea:4c:95:29:69:0e:bb: d1:35:6c:6d:45:b3:af:0f:3e:2a:dc:38:ec:ba:72:ee:54:f9: 53:e7:92:90:61:11:6d:52:f3:5d:08:32:4d:b2:1f:6f:a9:b7: 04:5d:f0:32:21:1a:ec:bc:b9:33:2b:82:e1:69:fd:a1:c2:fd: f5:72:13:ac:e6:cb:cb:c4:70:bf:d1:e2:b4:64:06:e2:48:69: b8:a6:85:6d:a2:8b:8f:60:38:cd:d7:bf:35:87:bb:79:f9:44: 13:1d:97:90:a6:d0:48:2c:98:27:2b:a1:43:13:57:ca:a4:8c: ff:ab:81:18:bb:80:94:bd:ee:4d:35:0f:b2:69:7c:f6:6d:20: 56:9f:f5:c9 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNx3eHPWgKQu/WoNwSzFmcI56I5kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAyOVoX DTI3MDMwMzA2MDUyOVowMzExMC8GA1UEAxMoNjUwOTVEOTY1RThDMEI3MzlGOURG M0Y3MTQ5NUE2QTMxOTRCRUJENzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMFmOMvUx6Wru6dM5lPv03YLjLzIFcpcFnrrk+LEycxFmXtDRll13+K4QvqU zZ2qe6GKqF/neTV3Uuy416gHTx90suLnCAIOv0GhPzMzJiVvQFpgHA9Y18xVmd8K 8Jwp1intiRi4nowDgGYKRJq3HZAsfGgWHfZj0woPDmM/lYTyiEpOq42GChezn2P2 SfkVMdXf6zsBCnNobCdqzbFCjQk9lGCmwqS8Anh0GHNJuxvc3r9pms1lwp/fxbqR adO+GmW2jgoC+nWrMMBj4DTGFIfZTxZTEtl2/1RibRWS5qWcHLZwf9FkM5NXIeXY oIdNYSOBKj5USDx1HeZMuiItsucCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRlCV2W XowLc5+d8/cUlaajGUvr1zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzI1MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK olkwDQYJKoZIhvcNAQELBQADggEBALt027uRVk7B5O6puMuZsorLNM5pjXr9Roaq eNANCySPjZy0MOzW0RSlpKlTyapwf+ORXBJZX0gGNaihFV7urcQFPA6ZP5uL0NE8 oeP2hdQGkwi2fJsmpcPBuvEBKuvRUGAbs5eXKuTEJyYjfWEJJwzJFCMWk+Ys6kyV KWkOu9E1bG1Fs68PPircOOy6cu5U+VPnkpBhEW1S810IMk2yH2+ptwRd8DIhGuy8 uTMrguFp/aHC/fVyE6zmy8vEcL/R4rRkBuJIabimhW2ii49gOM3XvzWHu3n5RBMd l5Cm0EgsmCcroUMTV8qkjP+rgRi7gJS97k01D7JpfPZtIFaf9ck= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:47 2026 by rpki-client