$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143259.roa File: AS143259.roa (raw, json) Hash identifier: Kzpfn2Ic0JF2/9MjqAvgGwUxNbcTfTvFNkdjZWYwDts= Subject key identifier: 3F:B4:65:60:34:C4:F5:88:B7:09:BB:1C:4A:BB:CF:6C:37:52:01:3C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6F9B8420D5DF50EC024C9C8950E513F7731F68BD Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143259.roa Signing time: Wed 04 Mar 2026 06:05:31 +0000 ROA not before: Wed 04 Mar 2026 06:00:31 +0000 ROA not after: Wed 03 Mar 2027 06:05:31 +0000 asID: 143259 IP address blocks: 240a:a261::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:9b:84:20:d5:df:50:ec:02:4c:9c:89:50:e5:13:f7:73:1f:68:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:31 2026 GMT Not After : Mar 3 06:05:31 2027 GMT Subject: CN=3FB4656034C4F588B709BB1C4ABBCF6C3752013C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:6a:8f:31:73:60:c9:77:c2:1a:f6:2f:9b:73: 0d:da:ad:44:f1:4a:9c:90:de:da:d7:23:77:f5:58: c5:e0:96:c2:83:13:c9:40:99:0b:b1:64:9c:d0:3a: 59:93:9a:33:6b:fe:e6:a9:54:69:7e:b3:2f:03:43: 62:90:a7:ff:bd:6d:4b:98:64:69:62:19:c9:f7:6e: 55:14:57:42:cf:6e:71:fc:9f:d1:e2:b9:60:84:2b: 1d:c3:27:35:b3:cd:25:ea:65:1b:17:d3:7c:34:3b: bc:21:7e:de:6d:0c:76:08:f5:5a:bb:fa:ed:9c:7c: 1a:d3:b4:2c:32:3c:d5:d7:fd:1c:9e:b9:85:dc:6a: 33:57:a4:ca:fd:28:bd:75:5c:6d:70:8c:0d:bb:07: e2:54:bf:12:a0:50:7a:54:3b:27:7c:be:14:03:bc: 43:6d:f5:8c:e9:b3:60:e2:41:cf:16:c6:8b:e3:39: c2:ab:f8:4f:2b:0a:7a:a5:19:ee:e5:47:b8:3b:ae: 27:5f:ad:19:9b:59:96:01:19:4d:08:e4:b8:24:f2: ec:15:f1:a7:06:62:5f:3c:f3:86:dc:ca:ec:b0:34: 52:69:66:a2:56:f0:6a:8f:f4:ee:70:84:ea:b1:c6: 30:2d:d4:0a:83:23:79:57:9a:11:e8:f3:a4:cd:65: 07:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:B4:65:60:34:C4:F5:88:B7:09:BB:1C:4A:BB:CF:6C:37:52:01:3C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143259.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a261::/32 Signature Algorithm: sha256WithRSAEncryption 30:4a:1d:60:97:9b:50:e1:70:9f:e4:d3:7d:65:7f:74:a6:48: 75:c2:c0:b7:1f:52:e8:d4:47:ef:1b:31:06:00:b7:c7:7e:8b: 31:14:41:0c:4a:03:c3:aa:89:08:c7:24:c7:82:a2:88:81:7a: cc:c1:2a:04:67:ab:f6:dc:6e:ad:e5:16:91:75:f0:f0:36:de: 5e:c0:62:87:70:2e:b9:6d:95:17:bf:9b:0a:e2:e6:f3:5b:d5: a7:26:db:e5:a3:28:18:25:ff:ad:b7:4f:56:b0:b8:80:49:4d: 2a:22:84:70:9a:56:0f:8b:33:24:1e:68:2b:db:05:4b:3c:20: 62:35:42:a6:f1:78:f3:c0:b0:c2:66:71:ee:44:90:b4:d7:a9: f6:4c:ad:3f:30:4e:0a:b8:30:02:3e:f6:0c:91:de:d0:4f:1a: 2a:5b:b9:fa:c2:05:4f:0c:81:e7:b4:8a:a7:0f:2d:37:d3:19: 8e:a5:1c:e2:e6:70:55:55:78:20:f0:b5:44:9d:a6:9a:34:cd: d3:e8:bf:20:48:0c:04:60:40:0f:a5:51:04:22:ca:1c:c2:d7: 47:c8:00:96:71:67:79:27:6c:9a:38:f9:34:08:d4:cd:eb:f2: e6:8c:8d:50:b9:fc:ca:1f:d1:b1:bc:16:e4:30:c5:b7:ec:ad: 95:52:cd:6e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUb5uEINXfUOwCTJyJUOUT93MfaL0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAzMVoX DTI3MDMwMzA2MDUzMVowMzExMC8GA1UEAxMoM0ZCNDY1NjAzNEM0RjU4OEI3MDlC QjFDNEFCQkNGNkMzNzUyMDEzQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMZqjzFzYMl3whr2L5tzDdqtRPFKnJDe2tcjd/VYxeCWwoMTyUCZC7FknNA6 WZOaM2v+5qlUaX6zLwNDYpCn/71tS5hkaWIZyfduVRRXQs9ucfyf0eK5YIQrHcMn NbPNJeplGxfTfDQ7vCF+3m0Mdgj1Wrv67Zx8GtO0LDI81df9HJ65hdxqM1ekyv0o vXVcbXCMDbsH4lS/EqBQelQ7J3y+FAO8Q231jOmzYOJBzxbGi+M5wqv4TysKeqUZ 7uVHuDuuJ1+tGZtZlgEZTQjkuCTy7BXxpwZiXzzzhtzK7LA0Umlmolbwao/07nCE 6rHGMC3UCoMjeVeaEejzpM1lB0ECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ/tGVg NMT1iLcJuxxKu89sN1IBPDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzI1OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK omEwDQYJKoZIhvcNAQELBQADggEBADBKHWCXm1DhcJ/k031lf3SmSHXCwLcfUujU R+8bMQYAt8d+izEUQQxKA8OqiQjHJMeCooiBeszBKgRnq/bcbq3lFpF18PA23l7A YodwLrltlRe/mwri5vNb1acm2+WjKBgl/623T1awuIBJTSoihHCaVg+LMyQeaCvb BUs8IGI1QqbxePPAsMJmce5EkLTXqfZMrT8wTgq4MAI+9gyR3tBPGipbufrCBU8M gee0iqcPLTfTGY6lHOLmcFVVeCDwtUSdppo0zdPovyBIDARgQA+lUQQiyhzC10fI AJZxZ3knbJo4+TQI1M3r8uaMjVC5/Mof0bG8FuQwxbfsrZVSzW4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:24 2026 by rpki-client