$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143267.roa File: AS143267.roa (raw, json) Hash identifier: XzLju8j28nVH5FteiQhtTFqEnLvIjKYhJAuKyX5CwNM= Subject key identifier: 74:65:CF:D0:B5:39:FE:FD:79:B5:C5:87:5E:3B:B6:99:9A:EC:92:03 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 438BC11AF04EB066EBF4CA2B94738C169F0F3E53 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143267.roa Signing time: Wed 04 Mar 2026 06:05:59 +0000 ROA not before: Wed 04 Mar 2026 06:00:59 +0000 ROA not after: Wed 03 Mar 2027 06:05:59 +0000 asID: 143267 IP address blocks: 240a:a269::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:8b:c1:1a:f0:4e:b0:66:eb:f4:ca:2b:94:73:8c:16:9f:0f:3e:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:59 2026 GMT Not After : Mar 3 06:05:59 2027 GMT Subject: CN=7465CFD0B539FEFD79B5C5875E3BB6999AEC9203 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:d2:4d:a1:12:49:53:3f:a2:a2:2e:0d:11:e2: 6c:b6:24:89:43:95:13:e1:e6:f4:bb:64:34:ff:45: 21:88:cb:43:2a:73:5f:cd:3c:dc:a5:bd:09:ab:56: ac:73:24:21:d3:2f:b9:b9:39:1f:01:a9:7d:5f:a5: cd:f8:49:af:e8:8e:82:c3:30:42:b5:31:0f:81:ca: ed:48:45:c6:3f:78:8f:24:15:53:bb:32:f3:52:ff: 2e:98:a1:60:32:a8:1b:46:a6:5f:26:32:82:b9:3a: 7d:c6:e8:44:8c:a1:38:06:46:b6:4a:02:f7:91:80: 5f:d9:dc:0d:4e:d9:ad:92:a4:89:a5:3f:66:ac:62: 93:68:a8:ea:f5:77:b9:0a:7a:2c:1c:38:f5:39:f6: 27:f5:84:64:84:bf:28:70:a3:6c:69:b0:1e:1b:6f: 26:49:cd:e5:eb:6d:2c:44:bd:f6:a8:96:a9:1d:50: 02:d0:fe:e2:73:cf:0d:8f:fe:4e:de:a4:7d:84:72: a9:98:5d:ca:47:c3:90:e5:dd:38:91:34:f1:14:ae: b1:4c:09:e4:78:e6:50:a6:a3:a5:26:83:13:ba:e0: 25:2c:1e:ab:31:13:84:e7:26:68:0f:79:71:b0:71: 7e:85:f5:e4:c5:9b:0e:47:13:4c:e7:5c:09:70:d4: 27:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:65:CF:D0:B5:39:FE:FD:79:B5:C5:87:5E:3B:B6:99:9A:EC:92:03 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143267.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a269::/32 Signature Algorithm: sha256WithRSAEncryption a6:83:e7:38:fb:b1:60:86:5f:f5:92:24:f2:89:fe:ff:81:9a: 18:1f:9e:54:02:65:bd:b7:f5:66:61:13:09:1d:06:a5:51:f3: 66:8a:eb:0e:a3:88:c7:44:ff:d9:e1:7c:0a:f5:e6:1f:18:80: 5e:d7:ef:d7:35:0d:02:87:db:47:92:51:68:4d:24:b5:69:75: 24:d0:98:29:5f:08:7c:5e:ee:db:a1:2c:c5:64:02:4b:b9:2c: a8:8f:f6:37:a3:fe:4e:27:ee:d3:87:45:cc:01:07:68:a4:a8: 9d:a1:60:5b:a7:be:45:3e:bf:45:a1:45:5b:08:63:b6:61:78: c8:75:fc:ee:78:bc:4e:1c:c6:dc:8d:f9:05:f1:ca:53:6b:7d: 8f:4f:86:16:69:d0:5f:ce:d8:3e:99:00:56:a8:72:83:43:40: 29:9e:c4:ae:6d:63:3f:3f:f7:62:16:80:5a:b3:bc:ce:00:6a: b0:0f:b4:91:8f:87:d3:f3:ec:a1:e0:b8:1b:42:18:d2:de:b4: 01:63:c5:b0:4f:bb:2d:77:25:71:4c:84:95:21:45:30:be:5e: e8:6a:ba:cc:1f:5b:6c:c6:b0:f5:34:ed:25:4c:fb:3d:43:a6: e2:01:48:0f:a3:05:52:0e:50:d3:f4:95:50:03:64:d7:e2:2b: 3f:4b:47:64 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQ4vBGvBOsGbr9MorlHOMFp8PPlMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA1OVoX DTI3MDMwMzA2MDU1OVowMzExMC8GA1UEAxMoNzQ2NUNGRDBCNTM5RkVGRDc5QjVD NTg3NUUzQkI2OTk5QUVDOTIwMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALrSTaESSVM/oqIuDRHibLYkiUOVE+Hm9LtkNP9FIYjLQypzX8083KW9CatW rHMkIdMvubk5HwGpfV+lzfhJr+iOgsMwQrUxD4HK7UhFxj94jyQVU7sy81L/Lpih YDKoG0amXyYygrk6fcboRIyhOAZGtkoC95GAX9ncDU7ZrZKkiaU/Zqxik2io6vV3 uQp6LBw49Tn2J/WEZIS/KHCjbGmwHhtvJknN5ettLES99qiWqR1QAtD+4nPPDY/+ Tt6kfYRyqZhdykfDkOXdOJE08RSusUwJ5HjmUKajpSaDE7rgJSweqzEThOcmaA95 cbBxfoX15MWbDkcTTOdcCXDUJ3cCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR0Zc/Q tTn+/Xm1xYdeO7aZmuySAzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzI2Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK omkwDQYJKoZIhvcNAQELBQADggEBAKaD5zj7sWCGX/WSJPKJ/v+BmhgfnlQCZb23 9WZhEwkdBqVR82aK6w6jiMdE/9nhfAr15h8YgF7X79c1DQKH20eSUWhNJLVpdSTQ mClfCHxe7tuhLMVkAku5LKiP9jej/k4n7tOHRcwBB2ikqJ2hYFunvkU+v0WhRVsI Y7ZheMh1/O54vE4cxtyN+QXxylNrfY9PhhZp0F/O2D6ZAFaocoNDQCmexK5tYz8/ 92IWgFqzvM4AarAPtJGPh9Pz7KHguBtCGNLetAFjxbBPuy13JXFMhJUhRTC+Xuhq uswfW2zGsPU07SVM+z1DpuIBSA+jBVIOUNP0lVADZNfiKz9LR2Q= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:01 2026 by rpki-client