$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143273.roa File: AS143273.roa (raw, json) Hash identifier: PFTpZRdH6aF03eQAjYZfBHYiqI8ieNHjjF+d2Bj+CoM= Subject key identifier: AD:E1:90:9E:67:32:3F:96:9E:D0:0F:7C:E8:6E:5F:BD:7E:53:B1:1C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0CEAAE9720F7E84F34E5AF808B56AABC036D8098 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143273.roa Signing time: Wed 04 Mar 2026 06:06:42 +0000 ROA not before: Wed 04 Mar 2026 06:01:42 +0000 ROA not after: Wed 03 Mar 2027 06:06:42 +0000 asID: 143273 IP address blocks: 240a:a26f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:ea:ae:97:20:f7:e8:4f:34:e5:af:80:8b:56:aa:bc:03:6d:80:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:42 2026 GMT Not After : Mar 3 06:06:42 2027 GMT Subject: CN=ADE1909E67323F969ED00F7CE86E5FBD7E53B11C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:a4:5d:f4:53:01:a3:b9:95:1d:98:3e:68:3e: a6:60:ed:16:92:cd:3f:09:c8:04:a3:96:7f:d3:6e: e2:4c:cf:14:b5:da:11:1e:a2:36:f8:a5:a7:c9:a7: fc:2c:b1:cf:5b:75:12:f5:9a:bd:da:26:1b:ef:50: e3:d3:4f:48:61:f9:84:06:3c:f4:b4:01:cf:09:62: be:d3:10:c6:1e:50:dd:68:e5:35:8e:a0:2a:2a:79: b1:e3:35:b5:40:4d:9f:86:4d:fc:27:b1:e9:9a:01: 63:06:b7:3c:f2:c4:83:cf:ce:dc:55:3e:09:60:93: 23:e8:73:ee:d1:24:5f:93:f3:4d:8a:6e:df:73:da: dc:aa:3c:a4:0c:68:94:3c:42:9a:3e:d3:1f:fb:0e: 0f:42:d7:fe:7c:00:18:94:2b:10:7b:d2:cc:e3:0f: c1:75:e6:36:a9:6f:f7:64:02:e7:7a:af:5f:7c:4f: fe:0f:64:96:05:f7:1c:b7:3b:07:51:42:14:e7:d1: 95:b4:93:75:50:9d:5a:3f:8a:08:f1:70:f1:29:27: 79:cb:39:5c:ae:ad:a2:28:70:6d:3d:28:68:9e:94: e9:e7:eb:83:93:8d:68:7f:e3:87:42:ca:f8:d1:f0: 4a:1a:40:8d:23:07:a4:63:ce:ff:e8:fd:36:63:80: d0:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:E1:90:9E:67:32:3F:96:9E:D0:0F:7C:E8:6E:5F:BD:7E:53:B1:1C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143273.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a26f::/32 Signature Algorithm: sha256WithRSAEncryption 0c:17:89:d3:c7:3f:50:67:5a:1f:3f:e1:05:b0:30:ca:09:42: 4d:e7:ec:fd:26:eb:33:f6:f2:36:f4:f8:30:a3:af:5f:67:a8: e0:d9:85:2c:fa:e6:10:b6:06:b5:9e:fa:6d:19:d0:4b:dd:9e: 40:10:56:cf:e9:54:91:1a:be:c8:51:aa:f1:08:17:5a:a4:f4: 7c:c9:ae:dd:18:4a:cb:4a:46:50:d1:b7:e1:5b:cd:23:2c:d6: c5:52:6e:f6:86:00:bd:66:ea:4f:a7:81:5b:8f:91:8a:8c:8b: 68:60:6b:ad:c0:aa:1b:18:14:9e:e8:0b:a4:de:08:4c:a7:dc: a9:b7:ed:0d:91:a4:14:ac:34:fa:d4:9e:28:aa:b1:a2:f3:34: d7:d0:e0:c6:65:ff:64:3d:22:02:4a:1f:55:1a:92:cd:dc:0b: 5e:bd:f0:fa:17:fe:e9:46:4b:60:ac:05:a9:41:5c:e5:26:93: d5:34:1e:53:71:ae:35:c2:82:0f:7f:94:14:6b:72:1e:6a:82: a2:bc:20:fb:4b:eb:a1:31:e0:93:05:3a:0d:6e:2c:bf:cd:88: 7d:5c:41:4e:77:8b:8a:87:8d:9b:08:8a:b9:ff:ac:bd:03:3e: 24:7f:6e:b8:07:0b:84:b6:7d:ed:0d:d8:63:a3:76:7e:50:fc: 26:b3:84:37 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDOqulyD36E805a+Ai1aqvANtgJgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE0MloX DTI3MDMwMzA2MDY0MlowMzExMC8GA1UEAxMoQURFMTkwOUU2NzMyM0Y5NjlFRDAw RjdDRTg2RTVGQkQ3RTUzQjExQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKSkXfRTAaO5lR2YPmg+pmDtFpLNPwnIBKOWf9Nu4kzPFLXaER6iNvilp8mn /Cyxz1t1EvWavdomG+9Q49NPSGH5hAY89LQBzwlivtMQxh5Q3WjlNY6gKip5seM1 tUBNn4ZN/Cex6ZoBYwa3PPLEg8/O3FU+CWCTI+hz7tEkX5PzTYpu33Pa3Ko8pAxo lDxCmj7TH/sOD0LX/nwAGJQrEHvSzOMPwXXmNqlv92QC53qvX3xP/g9klgX3HLc7 B1FCFOfRlbSTdVCdWj+KCPFw8Sknecs5XK6toihwbT0oaJ6U6efrg5ONaH/jh0LK +NHwShpAjSMHpGPO/+j9NmOA0IUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSt4ZCe ZzI/lp7QD3zobl+9flOxHDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzI3My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK om8wDQYJKoZIhvcNAQELBQADggEBAAwXidPHP1BnWh8/4QWwMMoJQk3n7P0m6zP2 8jb0+DCjr19nqODZhSz65hC2BrWe+m0Z0EvdnkAQVs/pVJEavshRqvEIF1qk9HzJ rt0YSstKRlDRt+FbzSMs1sVSbvaGAL1m6k+ngVuPkYqMi2hga63AqhsYFJ7oC6Te CEyn3Km37Q2RpBSsNPrUniiqsaLzNNfQ4MZl/2Q9IgJKH1Uaks3cC1698PoX/ulG S2CsBalBXOUmk9U0HlNxrjXCgg9/lBRrch5qgqK8IPtL66Ex4JMFOg1uLL/NiH1c QU53i4qHjZsIirn/rL0DPiR/brgHC4S2fe0N2GOjdn5Q/CazhDc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:12 2026 by rpki-client