$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143271.roa File: AS143271.roa (raw, json) Hash identifier: RPqvWrIav2GBqYAcUvECUaxZpqjoet2RIpGdvZMxNzg= Subject key identifier: 4E:5F:59:E3:BB:5A:33:80:B6:38:7E:D9:24:D9:55:8B:E6:F3:98:57 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1FC4D12D1753939F7A0CB3BC381EE75864B22403 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143271.roa Signing time: Wed 04 Mar 2026 06:07:50 +0000 ROA not before: Wed 04 Mar 2026 06:02:50 +0000 ROA not after: Wed 03 Mar 2027 06:07:50 +0000 asID: 143271 IP address blocks: 240a:a26d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:c4:d1:2d:17:53:93:9f:7a:0c:b3:bc:38:1e:e7:58:64:b2:24:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:50 2026 GMT Not After : Mar 3 06:07:50 2027 GMT Subject: CN=4E5F59E3BB5A3380B6387ED924D9558BE6F39857 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:ed:91:cf:4a:63:a7:30:1d:5b:2b:bd:b1:a9: ed:c7:af:87:68:bd:0a:8d:1d:8f:2c:3c:d2:b5:d0: a2:0e:fc:5f:3e:60:2e:80:2d:8f:19:20:45:a7:84: 87:60:e6:3f:25:94:0e:4d:95:ce:06:c8:6c:39:26: 2f:b2:20:0a:d9:f0:e9:eb:46:9e:48:0f:60:17:a5: 4b:f8:1a:6d:7d:60:a3:d5:50:fe:26:0b:02:cc:e1: a2:b4:64:95:d7:74:1f:b4:94:8d:ab:bb:7c:48:ef: 88:ef:2d:d1:6f:a3:70:7a:f2:e0:e8:10:a0:3e:b3: 8b:cc:95:be:cf:7a:e6:f0:75:4c:63:4e:07:c3:11: 65:51:77:0f:a5:94:6f:05:2b:b4:57:fe:21:b4:54: 6c:95:bd:fd:5f:29:52:d5:51:4c:56:ce:2a:f5:b6: 9d:aa:c1:3c:1d:fc:fc:b2:4b:d5:e4:1c:89:75:fc: 97:95:7d:b0:71:e5:bc:92:84:5a:61:37:61:25:a1: 9c:d1:a2:2a:7a:e5:e4:6a:9c:8b:9e:28:8e:e9:16: fd:2a:fe:85:6f:43:89:83:d3:7c:93:0c:bf:e0:be: 3e:a3:27:1a:50:21:9a:b2:ca:ea:8f:2c:56:f5:89: e0:0c:a1:39:06:a9:d7:0d:03:67:96:83:76:98:94: bf:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:5F:59:E3:BB:5A:33:80:B6:38:7E:D9:24:D9:55:8B:E6:F3:98:57 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143271.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a26d::/32 Signature Algorithm: sha256WithRSAEncryption 29:75:0a:56:93:1b:60:cd:6c:34:88:61:23:0e:63:b1:14:66: 18:6b:34:63:5f:13:c1:39:ae:46:5f:2a:d9:77:7e:d9:be:88: 8f:bd:e2:bd:ba:98:ba:47:bf:98:c4:01:a7:9b:4f:de:96:42: d9:8f:d4:e5:8e:a1:f9:13:87:ed:80:ff:b1:9e:dc:30:e3:bd: 28:12:68:88:54:7e:3a:20:94:9a:5a:f8:73:bc:ec:81:eb:ea: 18:66:2f:d6:56:ec:6e:32:19:f5:8d:ac:69:9e:78:9a:65:52: 6a:61:2d:06:7c:f9:c0:c5:a7:d4:8c:1a:7d:77:53:98:8b:83: 17:8b:ca:65:6c:3f:a9:1c:93:6c:0f:a1:81:4c:59:f3:7d:95: f2:db:91:bc:32:20:ad:0f:eb:e6:c8:8d:7d:36:d2:86:a7:c3: cd:cf:42:26:0d:2b:21:6e:bb:20:bb:23:b7:7c:ee:b7:c0:30: ba:1d:c4:de:9c:7f:4f:66:35:79:ae:78:9a:cb:05:b3:80:fa: 93:df:73:2b:23:64:b2:de:71:2b:4e:87:1c:77:4a:91:68:d4: 75:5b:26:e5:a4:6d:a9:d5:53:d7:32:b2:e5:ea:5a:f1:c0:4e: 75:0c:6d:d7:1e:5f:48:7e:a3:fe:92:a2:a5:02:e4:17:5a:c4: ce:cb:71:a9 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUH8TRLRdTk596DLO8OB7nWGSyJAMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI1MFoX DTI3MDMwMzA2MDc1MFowMzExMC8GA1UEAxMoNEU1RjU5RTNCQjVBMzM4MEI2Mzg3 RUQ5MjREOTU1OEJFNkYzOTg1NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKLtkc9KY6cwHVsrvbGp7cevh2i9Co0djyw80rXQog78Xz5gLoAtjxkgRaeE h2DmPyWUDk2VzgbIbDkmL7IgCtnw6etGnkgPYBelS/gabX1go9VQ/iYLAszhorRk ldd0H7SUjau7fEjviO8t0W+jcHry4OgQoD6zi8yVvs965vB1TGNOB8MRZVF3D6WU bwUrtFf+IbRUbJW9/V8pUtVRTFbOKvW2narBPB38/LJL1eQciXX8l5V9sHHlvJKE WmE3YSWhnNGiKnrl5Gqci54ojukW/Sr+hW9DiYPTfJMMv+C+PqMnGlAhmrLK6o8s VvWJ4AyhOQap1w0DZ5aDdpiUv0UCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBROX1nj u1ozgLY4ftkk2VWL5vOYVzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzI3MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK om0wDQYJKoZIhvcNAQELBQADggEBACl1ClaTG2DNbDSIYSMOY7EUZhhrNGNfE8E5 rkZfKtl3ftm+iI+94r26mLpHv5jEAaebT96WQtmP1OWOofkTh+2A/7Ge3DDjvSgS aIhUfjoglJpa+HO87IHr6hhmL9ZW7G4yGfWNrGmeeJplUmphLQZ8+cDFp9SMGn13 U5iLgxeLymVsP6kck2wPoYFMWfN9lfLbkbwyIK0P6+bIjX020oanw83PQiYNKyFu uyC7I7d87rfAMLodxN6cf09mNXmueJrLBbOA+pPfcysjZLLecStOhxx3SpFo1HVb JuWkbanVU9cysuXqWvHATnUMbdceX0h+o/6SoqUC5BdaxM7Lcak= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:13 2026 by rpki-client