$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143272.roa File: AS143272.roa (raw, json) Hash identifier: M91R1l4URDCjj8mz5jeZtBSo9LMTrg3pGo2QacLkbGs= Subject key identifier: EB:64:B7:18:42:47:7D:B8:70:BC:69:8C:ED:07:9B:28:6C:8E:D3:9D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0700219776AAD352B594D72C36AE61A7104AE854 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143272.roa Signing time: Wed 04 Mar 2026 06:07:28 +0000 ROA not before: Wed 04 Mar 2026 06:02:28 +0000 ROA not after: Wed 03 Mar 2027 06:07:28 +0000 asID: 143272 IP address blocks: 240a:a26e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:00:21:97:76:aa:d3:52:b5:94:d7:2c:36:ae:61:a7:10:4a:e8:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:28 2026 GMT Not After : Mar 3 06:07:28 2027 GMT Subject: CN=EB64B71842477DB870BC698CED079B286C8ED39D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:b7:b1:f0:27:1a:2a:96:d6:a4:3e:40:67:ff: 83:62:94:48:fc:1f:6f:cf:0d:cd:86:62:d1:64:c4: 85:10:3d:c9:58:80:85:99:42:7f:c7:14:8b:0c:b0: ce:91:37:50:c1:e3:90:4c:a7:9b:8a:ff:2a:fb:9c: 8e:c7:26:54:55:1b:9d:3d:e0:43:a9:af:27:50:d0: 0f:0c:5e:b6:cd:02:06:56:98:48:e6:97:e7:db:28: 0a:10:7a:ff:ad:ed:52:fe:2e:d9:02:b8:c1:7a:2b: 69:5e:bf:6a:28:dc:bf:ae:ef:b9:68:5f:bc:76:bf: a6:df:64:d6:60:f9:17:ad:7b:9e:71:f2:a9:65:3d: 4b:ba:96:be:44:66:44:12:98:0f:31:d7:23:f4:e4: d4:85:01:e1:4a:94:14:03:fe:b0:f5:c8:96:05:25: 58:b7:cf:de:16:11:62:0c:19:27:20:c9:ba:78:23: 3d:be:16:19:1a:54:6f:2b:2a:88:cb:c8:eb:dc:76: 47:3a:f6:9d:a7:45:c9:96:43:e2:89:59:1a:a0:cf: d1:8b:fc:d5:e6:4b:75:37:9f:7b:21:b1:73:a8:fd: 97:56:dd:3a:e3:86:0d:6f:d6:06:7f:d8:b1:2a:6e: 4b:70:38:8f:94:9a:d5:42:c8:0a:92:c6:bc:ad:b5: d8:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:64:B7:18:42:47:7D:B8:70:BC:69:8C:ED:07:9B:28:6C:8E:D3:9D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143272.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a26e::/32 Signature Algorithm: sha256WithRSAEncryption 96:f4:52:10:4d:a2:ec:60:3e:ce:b3:27:32:0e:0a:d7:8b:6e: f1:15:dd:73:1c:87:a8:d9:fb:ce:c6:99:1b:ca:6e:d4:99:59: af:fc:56:a9:c1:47:fc:7f:27:86:db:82:83:31:56:ac:d0:27: 7c:08:29:d0:e3:6e:c6:fa:71:5b:0d:d6:69:82:6f:0e:be:83: b0:3e:e5:5e:07:57:9c:60:5a:fb:7b:42:7d:53:92:ec:1f:77: 0b:b0:c5:b2:6a:56:d7:f1:d6:d5:d2:cb:21:f7:71:10:8c:b6: c8:07:b0:52:da:dc:86:b3:a2:45:49:4e:fd:eb:ee:24:05:0e: 8f:39:55:55:45:3f:5b:3c:4b:32:98:b8:1f:d3:f6:77:a1:97: 21:14:c6:3b:53:eb:0a:d3:2e:4b:0c:00:47:f6:57:fd:49:31: 90:23:e1:c9:11:b6:12:bb:84:86:ab:67:2d:53:4c:f7:3b:04: 42:eb:2f:d3:c7:b9:c8:fd:cf:1c:15:71:10:0f:be:73:6c:3c: 0e:af:fb:36:2a:f7:e8:13:33:a5:8c:89:b4:98:47:21:89:d1: 7e:82:6c:d9:fb:33:19:fc:cd:a2:0d:e8:27:f3:19:6b:e2:be: 9d:a2:f4:2b:1f:82:cd:22:11:f0:e2:5f:e2:77:d4:5b:eb:c4: d2:08:63:98 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBwAhl3aq01K1lNcsNq5hpxBK6FQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIyOFoX DTI3MDMwMzA2MDcyOFowMzExMC8GA1UEAxMoRUI2NEI3MTg0MjQ3N0RCODcwQkM2 OThDRUQwNzlCMjg2QzhFRDM5RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKG3sfAnGiqW1qQ+QGf/g2KUSPwfb88NzYZi0WTEhRA9yViAhZlCf8cUiwyw zpE3UMHjkEynm4r/KvucjscmVFUbnT3gQ6mvJ1DQDwxets0CBlaYSOaX59soChB6 /63tUv4u2QK4wXoraV6/aijcv67vuWhfvHa/pt9k1mD5F617nnHyqWU9S7qWvkRm RBKYDzHXI/Tk1IUB4UqUFAP+sPXIlgUlWLfP3hYRYgwZJyDJungjPb4WGRpUbysq iMvI69x2Rzr2nadFyZZD4olZGqDP0Yv81eZLdTefeyGxc6j9l1bdOuOGDW/WBn/Y sSpuS3A4j5Sa1ULICpLGvK212AUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTrZLcY Qkd9uHC8aYztB5sobI7TnTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzI3Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK om4wDQYJKoZIhvcNAQELBQADggEBAJb0UhBNouxgPs6zJzIOCteLbvEV3XMch6jZ +87GmRvKbtSZWa/8VqnBR/x/J4bbgoMxVqzQJ3wIKdDjbsb6cVsN1mmCbw6+g7A+ 5V4HV5xgWvt7Qn1TkuwfdwuwxbJqVtfx1tXSyyH3cRCMtsgHsFLa3IazokVJTv3r 7iQFDo85VVVFP1s8SzKYuB/T9nehlyEUxjtT6wrTLksMAEf2V/1JMZAj4ckRthK7 hIarZy1TTPc7BELrL9PHucj9zxwVcRAPvnNsPA6v+zYq9+gTM6WMibSYRyGJ0X6C bNn7Mxn8zaIN6CfzGWvivp2i9Csfgs0iEfDiX+J31FvrxNIIY5g= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:57 2026 by rpki-client