$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143254.roa File: AS143254.roa (raw, json) Hash identifier: H3AEoMjLzbFGfVzJ0wH+p/fgX5ByBkqEUsI2gmOo8Y4= Subject key identifier: 23:D9:D5:C5:55:AA:48:14:7E:5C:ED:15:0F:BB:A5:EF:33:71:2B:F3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 719226C40AA5D455916C08FC3777E208C0AD728A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143254.roa Signing time: Wed 04 Mar 2026 06:07:53 +0000 ROA not before: Wed 04 Mar 2026 06:02:53 +0000 ROA not after: Wed 03 Mar 2027 06:07:53 +0000 asID: 143254 IP address blocks: 240a:a25c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:92:26:c4:0a:a5:d4:55:91:6c:08:fc:37:77:e2:08:c0:ad:72:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:53 2026 GMT Not After : Mar 3 06:07:53 2027 GMT Subject: CN=23D9D5C555AA48147E5CED150FBBA5EF33712BF3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:f1:15:8b:9d:f5:ac:12:f1:2d:16:10:b4:90: f3:ab:e1:7e:66:4d:59:e5:65:ed:c1:5c:ae:41:03: 65:4f:8d:96:42:06:14:55:41:3a:8f:87:e4:65:93: 04:81:7e:74:b3:aa:0c:26:31:02:24:9b:cf:2f:02: c6:78:6a:9d:46:2a:63:45:c9:a6:bf:b6:62:b3:34: 1f:75:74:11:c9:8d:32:a4:a7:44:6f:b9:13:ab:a6: a4:5e:41:7c:f4:98:fe:2a:05:96:3c:7b:34:0f:9c: ab:d6:2a:18:b7:eb:09:00:1c:06:d8:f6:0e:86:53: 1e:89:07:cf:b0:91:45:fb:96:ce:82:cb:bb:b7:8a: e2:45:b9:b2:ec:07:25:95:f0:26:ae:40:8f:b5:da: 2a:99:2b:e3:9c:31:38:e8:6a:28:ae:5f:36:23:96: 1e:4b:77:7d:28:09:5e:aa:d1:17:33:e1:f3:a3:f2: 3d:12:c5:23:14:9b:29:62:39:ac:b6:7d:55:1f:c0: 41:d9:9d:9f:84:79:dd:d4:8e:c2:de:5e:73:0f:0a: 67:dc:e6:3b:9e:8d:7b:26:11:47:5f:fb:84:64:f5: a3:de:7b:14:6e:13:cd:e0:82:31:60:bd:5d:56:ce: 00:7f:b6:3d:9a:54:69:56:ad:ca:af:a0:b7:83:33: a9:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:D9:D5:C5:55:AA:48:14:7E:5C:ED:15:0F:BB:A5:EF:33:71:2B:F3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143254.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a25c::/32 Signature Algorithm: sha256WithRSAEncryption c9:53:70:18:76:67:7b:76:f0:a4:13:85:b4:51:f1:79:1a:16: 36:ae:c3:6e:0f:19:9a:3c:fa:77:73:b8:e8:3d:51:7e:d0:cb: 1b:59:74:85:0f:12:31:c7:6e:04:2d:ca:dc:0f:84:02:73:bc: 42:1b:53:72:ec:63:26:b7:59:2c:68:0b:07:32:91:be:b3:f4: 68:ac:e3:9e:d0:42:85:f5:b7:7b:e3:49:40:2c:52:73:f0:8f: cc:2e:4e:7d:3c:24:24:25:c9:6b:9e:59:89:6a:e0:06:53:6d: 62:c2:ee:9d:8c:28:45:18:d7:90:b9:35:d9:f2:0e:b1:f1:71: 7a:cf:c7:68:26:9b:f6:48:4e:83:c7:3b:05:ad:c1:cb:d1:6d: 0b:54:49:41:cc:e3:ec:1e:aa:4f:ca:39:28:30:f8:83:92:dd: 94:e0:61:2f:ae:d0:3c:f0:ad:55:3b:ed:32:b1:fb:41:e3:de: 82:81:7c:28:15:a3:ca:b4:46:d1:e3:cb:38:09:44:db:9e:1b: 2e:7f:f8:db:b0:d6:d2:1f:4b:b7:d9:ad:ed:7e:41:6e:7e:88: d0:1c:cd:56:e5:9f:2f:74:f2:39:25:9f:d6:05:21:0e:9e:65: 70:4d:7b:cb:ba:e6:ea:4f:da:93:4f:e7:c5:a7:7d:9f:aa:7b: 0e:07:c1:60 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUcZImxAql1FWRbAj8N3fiCMCtcoowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI1M1oX DTI3MDMwMzA2MDc1M1owMzExMC8GA1UEAxMoMjNEOUQ1QzU1NUFBNDgxNDdFNUNF RDE1MEZCQkE1RUYzMzcxMkJGMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANfxFYud9awS8S0WELSQ86vhfmZNWeVl7cFcrkEDZU+NlkIGFFVBOo+H5GWT BIF+dLOqDCYxAiSbzy8CxnhqnUYqY0XJpr+2YrM0H3V0EcmNMqSnRG+5E6umpF5B fPSY/ioFljx7NA+cq9YqGLfrCQAcBtj2DoZTHokHz7CRRfuWzoLLu7eK4kW5suwH JZXwJq5Aj7XaKpkr45wxOOhqKK5fNiOWHkt3fSgJXqrRFzPh86PyPRLFIxSbKWI5 rLZ9VR/AQdmdn4R53dSOwt5ecw8KZ9zmO56NeyYRR1/7hGT1o957FG4TzeCCMWC9 XVbOAH+2PZpUaVatyq+gt4MzqUsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQj2dXF VapIFH5c7RUPu6XvM3Er8zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzI1NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK olwwDQYJKoZIhvcNAQELBQADggEBAMlTcBh2Z3t28KQThbRR8XkaFjauw24PGZo8 +ndzuOg9UX7QyxtZdIUPEjHHbgQtytwPhAJzvEIbU3LsYya3WSxoCwcykb6z9Gis 457QQoX1t3vjSUAsUnPwj8wuTn08JCQlyWueWYlq4AZTbWLC7p2MKEUY15C5Ndny DrHxcXrPx2gmm/ZIToPHOwWtwcvRbQtUSUHM4+weqk/KOSgw+IOS3ZTgYS+u0Dzw rVU77TKx+0Hj3oKBfCgVo8q0RtHjyzgJRNueGy5/+Nuw1tIfS7fZre1+QW5+iNAc zVblny908jkln9YFIQ6eZXBNe8u65upP2pNP58WnfZ+qew4HwWA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:51 2026 by rpki-client