$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143285.roa File: AS143285.roa (raw, json) Hash identifier: AD9SaVXSw/yydFdhnB5Igi98hwxof76EqhFkR4L3Knc= Subject key identifier: 16:B8:29:F4:9D:58:B3:99:9B:D9:FD:58:54:96:57:22:68:69:AF:F5 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 59D63885DF7E712CA943448C8677D2DAED37C641 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143285.roa Signing time: Wed 04 Mar 2026 06:07:16 +0000 ROA not before: Wed 04 Mar 2026 06:02:16 +0000 ROA not after: Wed 03 Mar 2027 06:07:16 +0000 asID: 143285 IP address blocks: 240a:a27b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:d6:38:85:df:7e:71:2c:a9:43:44:8c:86:77:d2:da:ed:37:c6:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:16 2026 GMT Not After : Mar 3 06:07:16 2027 GMT Subject: CN=16B829F49D58B3999BD9FD58549657226869AFF5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:c7:3c:f8:c4:27:24:9f:76:7c:e2:08:92:4b: 56:49:bc:87:53:fa:0c:23:70:c3:1e:32:6f:ee:dc: 86:dd:5e:ae:1d:30:aa:da:e0:fe:8f:47:1c:0f:9d: 0b:6b:4a:38:35:18:a4:ea:ed:2e:75:01:ec:1b:b4: 24:4c:51:91:89:8f:27:c8:6e:45:2f:79:72:b3:5b: 6b:01:51:79:a6:16:86:2c:0d:5f:de:75:ab:8e:d8: 67:be:85:f1:5c:4e:d8:99:6b:f8:75:dc:ae:04:ef: 27:c2:89:35:cf:3a:33:3f:d6:06:d4:4d:61:4a:66: d5:1b:4d:3b:28:45:f0:2d:7f:30:20:3f:a2:0b:04: 91:7e:a3:8e:5c:01:a8:5c:66:08:3c:81:fd:82:09: 24:f2:19:a7:ee:6e:df:dc:dd:f7:67:bb:aa:5c:fb: e4:f0:e5:63:1d:17:e6:d9:8a:17:c2:13:26:de:34: fb:23:76:cb:5c:34:5a:69:02:51:ae:f6:28:e4:8d: 20:a9:29:1e:19:f5:b6:0c:c3:d3:23:63:b2:e8:d9: f5:ac:d0:ca:da:9d:62:f3:51:a6:f9:01:a8:98:34: 89:b5:43:04:04:cf:d0:03:15:8d:48:7a:d9:18:b7: 9f:2d:ac:6b:55:dd:80:b2:a4:71:9f:ad:d0:72:dc: cd:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:B8:29:F4:9D:58:B3:99:9B:D9:FD:58:54:96:57:22:68:69:AF:F5 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143285.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a27b::/32 Signature Algorithm: sha256WithRSAEncryption 9a:54:fa:b7:69:24:33:f9:78:79:34:94:27:a0:05:b4:04:0c: b8:81:86:1f:dc:ae:2f:ac:b0:5f:e9:b1:af:23:b6:1d:59:78: b9:19:c4:be:c4:b2:56:a5:87:57:b2:21:05:b4:a6:6d:b1:ef: ed:a1:b5:24:9a:01:a3:56:e5:eb:8f:5c:ba:26:ff:1b:e8:cd: 60:b2:2f:b5:5c:15:07:5c:b2:cb:24:2e:d6:72:c0:74:d4:18: 72:e7:68:42:96:4f:5a:a9:bd:9e:f0:c2:c8:b7:27:2f:04:1d: 44:04:54:7a:61:62:a1:8e:cc:3d:d9:6f:8f:7b:34:fb:30:f7: 1b:58:13:2d:58:9f:d2:4e:aa:95:1c:56:2b:de:bf:f7:31:4b: 62:26:67:48:60:4e:bd:b7:3e:73:4c:e0:c7:44:e7:b3:a8:b7: 64:0a:38:98:34:db:65:d4:90:82:d9:6d:15:de:bb:b1:91:8b: 4a:da:b7:7c:6e:81:b7:7c:69:ab:ab:f9:40:73:96:e0:9a:0f: c8:a1:d2:de:88:01:86:da:44:b3:5e:54:6e:85:4a:45:1b:6c: 79:26:36:c8:55:f7:ce:da:18:10:40:17:4d:ef:83:ee:be:b6: fe:6d:ed:c6:a9:2b:b6:7e:23:c9:e1:ab:5d:49:36:4e:f4:d5: 3f:9b:af:b4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWdY4hd9+cSypQ0SMhnfS2u03xkEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIxNloX DTI3MDMwMzA2MDcxNlowMzExMC8GA1UEAxMoMTZCODI5RjQ5RDU4QjM5OTlCRDlG RDU4NTQ5NjU3MjI2ODY5QUZGNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKfHPPjEJySfdnziCJJLVkm8h1P6DCNwwx4yb+7cht1erh0wqtrg/o9HHA+d C2tKODUYpOrtLnUB7Bu0JExRkYmPJ8huRS95crNbawFReaYWhiwNX951q47YZ76F 8VxO2Jlr+HXcrgTvJ8KJNc86Mz/WBtRNYUpm1RtNOyhF8C1/MCA/ogsEkX6jjlwB qFxmCDyB/YIJJPIZp+5u39zd92e7qlz75PDlYx0X5tmKF8ITJt40+yN2y1w0WmkC Ua72KOSNIKkpHhn1tgzD0yNjsujZ9azQytqdYvNRpvkBqJg0ibVDBATP0AMVjUh6 2Ri3ny2sa1XdgLKkcZ+t0HLczSsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQWuCn0 nVizmZvZ/VhUllciaGmv9TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzI4NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK onswDQYJKoZIhvcNAQELBQADggEBAJpU+rdpJDP5eHk0lCegBbQEDLiBhh/cri+s sF/psa8jth1ZeLkZxL7Eslalh1eyIQW0pm2x7+2htSSaAaNW5euPXLom/xvozWCy L7VcFQdcssskLtZywHTUGHLnaEKWT1qpvZ7wwsi3Jy8EHUQEVHphYqGOzD3Zb497 NPsw9xtYEy1Yn9JOqpUcVivev/cxS2ImZ0hgTr23PnNM4MdE57Oot2QKOJg022XU kILZbRXeu7GRi0rat3xugbd8aaur+UBzluCaD8ih0t6IAYbaRLNeVG6FSkUbbHkm NshV987aGBBAF03vg+6+tv5t7capK7Z+I8nhq11JNk701T+br7Q= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:36 2026 by rpki-client