$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143512.roa File: AS143512.roa (raw, json) Hash identifier: otQToi1hD9l2uPkcoRslHX3GBtJP5wbAGkqkgc9lN54= Subject key identifier: F9:E0:4D:28:C9:6F:B7:4B:2E:A1:C3:18:30:80:24:8C:23:5E:04:83 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2F839FF3804E243F94FE90FEFB93A8B18222C568 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143512.roa Signing time: Wed 04 Mar 2026 06:15:05 +0000 ROA not before: Wed 04 Mar 2026 06:10:05 +0000 ROA not after: Wed 03 Mar 2027 06:15:05 +0000 asID: 143512 IP address blocks: 240a:a35e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:83:9f:f3:80:4e:24:3f:94:fe:90:fe:fb:93:a8:b1:82:22:c5:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:05 2026 GMT Not After : Mar 3 06:15:05 2027 GMT Subject: CN=F9E04D28C96FB74B2EA1C3183080248C235E0483 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:16:fa:39:3d:8a:6d:5d:7e:3b:31:4e:40:0c: f3:d7:e5:c7:85:67:74:be:af:e7:ca:87:87:59:04: eb:ee:63:17:89:fb:fe:ac:17:11:b9:1f:0d:e0:0f: 86:49:30:9e:4b:95:b9:54:9d:8c:bb:30:4a:c2:f0: 04:13:09:aa:44:d2:0e:f0:b4:4c:43:d5:d5:32:89: dd:d9:2b:d6:5f:d7:96:9d:06:e0:8c:ed:22:ed:0b: 22:b4:ef:17:70:a0:3a:27:7c:f1:65:5c:7b:27:86: 7f:78:dd:ec:0e:12:f6:d6:d9:48:ab:6c:38:d4:e1: 5d:76:f0:97:6d:42:c5:3a:a6:bc:51:75:da:a6:39: 49:b2:02:33:0c:2c:09:9a:b0:43:f9:e1:cf:d6:ec: ed:60:62:d1:95:49:b5:c5:36:26:cc:ef:3a:4d:70: b9:51:73:9f:3f:f7:70:02:90:c2:d1:ba:64:85:2e: f9:99:5f:1f:2f:99:3d:65:5f:50:af:33:bc:77:36: b3:49:1a:a4:77:32:5e:27:b2:84:c0:39:1e:91:f0: 41:80:00:18:f2:5a:c6:4e:f7:6c:1c:d9:9a:1b:dc: c5:d4:0d:b5:e1:2d:a7:92:b6:54:34:44:53:f8:eb: 58:2d:7f:25:6d:ee:85:9f:02:cc:c1:dd:77:ef:be: 5f:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:E0:4D:28:C9:6F:B7:4B:2E:A1:C3:18:30:80:24:8C:23:5E:04:83 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143512.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a35e::/32 Signature Algorithm: sha256WithRSAEncryption 03:4f:2e:84:5a:9c:64:ec:ef:70:40:6e:44:cd:56:63:98:ed: 0a:49:1d:2c:7c:e7:5f:fc:8a:4c:78:f6:89:da:30:b7:45:04: 4a:cb:0c:d6:32:17:98:50:9e:2b:a4:21:c2:1d:82:ef:7c:d9: 67:f7:97:98:4e:16:c5:1b:7a:d6:74:14:25:78:8c:20:7e:01: 39:19:a5:4f:18:af:6f:d8:91:e4:a3:b0:c1:ee:3e:3e:5e:a5: 8e:0a:6d:85:65:45:dd:60:d9:83:47:6e:38:eb:a8:19:9c:f6: 21:90:03:5c:71:27:fe:88:a4:53:4a:b9:cc:2e:24:d8:a7:42: f2:20:d1:15:65:0e:f0:d4:ec:77:c1:a0:fa:23:b9:6c:80:48: 59:ef:7c:c4:5d:f9:e5:3b:65:f5:de:9f:f4:8d:64:48:51:f6: 29:93:01:ae:2c:5f:b9:9e:cf:98:9c:96:a8:ed:64:c7:b9:ea: c3:c7:f8:03:37:af:57:55:04:1b:f3:ea:07:cc:23:77:7c:c9: 65:f6:5f:8c:75:68:f2:19:b2:79:36:9b:f1:f6:ac:3e:7f:34: 90:cb:6b:26:91:7b:ce:4d:46:47:ad:3d:c8:fd:a4:25:6d:9a: f0:aa:7d:f3:ca:0e:19:72:06:2c:4b:2e:22:9e:0a:17:2e:4a: 69:0b:8c:32 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUL4Of84BOJD+U/pD++5OosYIixWgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAwNVoX DTI3MDMwMzA2MTUwNVowMzExMC8GA1UEAxMoRjlFMDREMjhDOTZGQjc0QjJFQTFD MzE4MzA4MDI0OEMyMzVFMDQ4MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOEW+jk9im1dfjsxTkAM89flx4VndL6v58qHh1kE6+5jF4n7/qwXEbkfDeAP hkkwnkuVuVSdjLswSsLwBBMJqkTSDvC0TEPV1TKJ3dkr1l/Xlp0G4IztIu0LIrTv F3CgOid88WVceyeGf3jd7A4S9tbZSKtsONThXXbwl21CxTqmvFF12qY5SbICMwws CZqwQ/nhz9bs7WBi0ZVJtcU2JszvOk1wuVFznz/3cAKQwtG6ZIUu+ZlfHy+ZPWVf UK8zvHc2s0kapHcyXieyhMA5HpHwQYAAGPJaxk73bBzZmhvcxdQNteEtp5K2VDRE U/jrWC1/JW3uhZ8CzMHdd+++X5kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT54E0o yW+3Sy6hwxgwgCSMI14EgzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzUxMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o14wDQYJKoZIhvcNAQELBQADggEBAANPLoRanGTs73BAbkTNVmOY7QpJHSx851/8 ikx49onaMLdFBErLDNYyF5hQniukIcIdgu982Wf3l5hOFsUbetZ0FCV4jCB+ATkZ pU8Yr2/YkeSjsMHuPj5epY4KbYVlRd1g2YNHbjjrqBmc9iGQA1xxJ/6IpFNKucwu JNinQvIg0RVlDvDU7HfBoPojuWyASFnvfMRd+eU7ZfXen/SNZEhR9imTAa4sX7me z5iclqjtZMe56sPH+AM3r1dVBBvz6gfMI3d8yWX2X4x1aPIZsnk2m/H2rD5/NJDL ayaRe85NRketPcj9pCVtmvCqffPKDhlyBixLLiKeChcuSmkLjDI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:33 2026 by rpki-client