$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143261.roa File: AS143261.roa (raw, json) Hash identifier: 6k7ucII0uThITksBCgChaOzLRlgwQwn96c88j7Gw07g= Subject key identifier: E2:15:2C:1B:07:68:C9:45:3A:6D:A7:44:1B:25:E7:D1:55:B9:2A:C0 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1A16D0A70EE077C8DE143BA135D9148A307AA19C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143261.roa Signing time: Wed 04 Mar 2026 06:07:05 +0000 ROA not before: Wed 04 Mar 2026 06:02:05 +0000 ROA not after: Wed 03 Mar 2027 06:07:05 +0000 asID: 143261 IP address blocks: 240a:a263::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:16:d0:a7:0e:e0:77:c8:de:14:3b:a1:35:d9:14:8a:30:7a:a1:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:05 2026 GMT Not After : Mar 3 06:07:05 2027 GMT Subject: CN=E2152C1B0768C9453A6DA7441B25E7D155B92AC0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:8a:a9:59:75:4a:b8:8a:b2:2a:84:62:e0:bd: 76:90:15:49:ba:05:f2:b9:0c:0e:15:fd:89:f6:b1: ea:96:b7:d9:14:89:4a:e2:a2:71:cc:8f:6b:46:7f: aa:72:c7:ba:65:68:6d:c2:36:dc:25:47:7e:3d:1b: be:34:cf:7d:5a:b3:42:94:6c:6d:11:0d:28:ee:28: 3f:db:c7:54:9c:93:92:fb:e5:38:e9:67:43:08:fd: 43:09:7b:a0:8c:e3:d9:7f:7d:37:8e:05:6c:5c:46: f5:00:3e:d2:59:b5:0e:65:64:55:83:57:fc:8a:19: 1a:8e:e6:61:74:67:26:32:f2:ec:6e:f2:38:dd:83: a2:44:4c:3e:61:a5:1e:79:11:13:19:1e:78:cb:f0: 4c:4a:00:b3:26:2d:c2:68:86:47:07:19:cb:cd:c2: 24:8f:7c:fd:43:53:57:77:0d:86:41:06:f5:6d:30: 24:53:11:17:4a:ce:5f:6a:e1:90:45:a4:2f:a1:69: c7:b3:b9:57:56:2e:7b:cb:44:e2:2d:c7:ad:f6:d5: 24:1b:a3:88:d9:09:2e:da:4d:66:31:e8:6f:71:a4: bd:bb:ef:56:9d:c1:a5:31:2f:c5:41:a2:d7:74:34: 90:cd:29:6e:a4:58:ef:6b:27:ef:fb:ef:33:8b:0b: b3:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:15:2C:1B:07:68:C9:45:3A:6D:A7:44:1B:25:E7:D1:55:B9:2A:C0 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143261.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a263::/32 Signature Algorithm: sha256WithRSAEncryption 97:db:01:80:63:2d:0b:5f:70:c9:ab:84:f6:9c:27:2e:ef:0e: 9a:f3:30:7b:b1:d5:70:2c:54:f3:37:a4:b7:e3:a7:e0:84:50: c5:be:11:f8:f1:35:b6:f8:ff:9a:c8:49:e5:aa:c5:63:59:4c: 02:3a:2a:ed:11:f7:2e:75:4f:4d:b3:0b:3e:29:2e:6a:b5:8e: e7:fd:a1:36:68:73:3f:bf:cf:84:ee:5a:b3:d0:6a:e5:e9:d3: ba:08:3b:9c:5f:15:f7:7b:65:81:83:08:b5:6a:8c:b1:89:c5: 4b:b9:34:cd:c4:b2:1f:c1:17:b9:07:a0:e2:c8:63:91:8e:ec: 53:08:5e:f4:35:5e:80:2c:b1:b2:ec:1c:d7:be:32:1e:cc:0b: b7:f2:d0:2c:bc:40:1d:b1:eb:e5:62:87:b7:fa:82:f7:52:e2: c0:3e:e6:db:18:2e:9d:b3:5b:df:dc:ea:37:58:f3:79:a4:78: e5:2f:4c:f5:da:8a:33:fb:19:76:0d:3d:2e:e6:03:ba:61:05: 78:79:6f:f5:bf:70:72:c4:eb:59:26:83:c1:bf:33:ce:c2:98: 1e:f2:09:b5:86:b1:40:02:43:47:d2:0a:ee:5c:03:81:21:8c: 11:3a:b4:3a:34:f8:1f:9f:e1:da:f2:85:ee:4a:8e:e1:aa:3d: c5:f5:fd:ee -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUGhbQpw7gd8jeFDuhNdkUijB6oZwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIwNVoX DTI3MDMwMzA2MDcwNVowMzExMC8GA1UEAxMoRTIxNTJDMUIwNzY4Qzk0NTNBNkRB NzQ0MUIyNUU3RDE1NUI5MkFDMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKeKqVl1SriKsiqEYuC9dpAVSboF8rkMDhX9ifax6pa32RSJSuKiccyPa0Z/ qnLHumVobcI23CVHfj0bvjTPfVqzQpRsbRENKO4oP9vHVJyTkvvlOOlnQwj9Qwl7 oIzj2X99N44FbFxG9QA+0lm1DmVkVYNX/IoZGo7mYXRnJjLy7G7yON2DokRMPmGl HnkRExkeeMvwTEoAsyYtwmiGRwcZy83CJI98/UNTV3cNhkEG9W0wJFMRF0rOX2rh kEWkL6Fpx7O5V1Yue8tE4i3HrfbVJBujiNkJLtpNZjHob3GkvbvvVp3BpTEvxUGi 13Q0kM0pbqRY72sn7/vvM4sLszMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTiFSwb B2jJRTptp0QbJefRVbkqwDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzI2MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK omMwDQYJKoZIhvcNAQELBQADggEBAJfbAYBjLQtfcMmrhPacJy7vDprzMHux1XAs VPM3pLfjp+CEUMW+EfjxNbb4/5rISeWqxWNZTAI6Ku0R9y51T02zCz4pLmq1juf9 oTZocz+/z4TuWrPQauXp07oIO5xfFfd7ZYGDCLVqjLGJxUu5NM3Esh/BF7kHoOLI Y5GO7FMIXvQ1XoAssbLsHNe+Mh7MC7fy0Cy8QB2x6+Vih7f6gvdS4sA+5tsYLp2z W9/c6jdY83mkeOUvTPXaijP7GXYNPS7mA7phBXh5b/W/cHLE61kmg8G/M87CmB7y CbWGsUACQ0fSCu5cA4EhjBE6tDo0+B+f4dryhe5KjuGqPcX1/e4= -----END CERTIFICATE-----Generated at Sat Mar 28 14:30:44 2026 by rpki-client