$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143008.roa File: AS143008.roa (raw, json) Hash identifier: TJt5U1xMuHLuaXVGe25+KHVe+bVuCZPkJtdJyM51M3w= Subject key identifier: 0D:E3:70:C5:62:1A:6B:07:30:16:A3:79:0A:E0:65:C1:AE:C5:42:44 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 683844F193B00CE914BFD3EB6C890530EBCA238A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143008.roa Signing time: Wed 04 Mar 2026 06:07:10 +0000 ROA not before: Wed 04 Mar 2026 06:02:10 +0000 ROA not after: Wed 03 Mar 2027 06:07:10 +0000 asID: 143008 IP address blocks: 240a:a166::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:38:44:f1:93:b0:0c:e9:14:bf:d3:eb:6c:89:05:30:eb:ca:23:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:10 2026 GMT Not After : Mar 3 06:07:10 2027 GMT Subject: CN=0DE370C5621A6B073016A3790AE065C1AEC54244 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:ec:9e:40:93:18:d4:19:fc:a3:17:77:2d:f3: 3e:a1:60:a6:37:90:0c:04:c5:40:eb:1c:8e:b6:2b: 7f:d9:98:3e:86:00:c9:c7:a2:5d:88:6f:71:ec:2c: 69:db:d7:ea:ed:e9:c2:06:44:9a:6b:c4:a4:52:8c: b4:59:00:71:16:10:0f:c8:fd:e6:1f:44:33:fe:36: de:b8:13:99:f0:78:05:94:be:0f:e0:4a:69:cc:88: b1:dd:c8:1c:a2:f4:ce:29:3f:6b:41:ea:82:99:37: 87:23:c5:48:87:f4:49:cf:77:bf:97:29:56:84:f2: a0:f7:3c:10:6f:3e:74:2a:48:49:f7:d0:68:23:d0: 8b:81:c8:bc:ae:aa:ee:d7:3d:e4:f2:ca:23:19:36: bb:d1:83:13:8e:24:83:6c:99:4a:b4:f2:f6:c0:0b: 7a:c0:76:85:23:32:7a:1f:59:83:80:ce:ac:66:df: 0d:84:67:bc:2e:b6:c9:9a:a3:72:07:fa:75:f8:c7: 9f:64:3f:4d:54:6c:0f:57:94:65:61:82:8a:6d:be: e8:8e:3c:20:2c:41:f1:e2:8e:b8:37:dc:29:11:62: c3:40:24:b0:aa:03:f7:b5:f8:68:a2:5d:81:1b:18: 00:51:5b:58:79:00:27:9f:fb:df:6e:c8:ff:34:a1: 1d:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:E3:70:C5:62:1A:6B:07:30:16:A3:79:0A:E0:65:C1:AE:C5:42:44 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143008.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a166::/32 Signature Algorithm: sha256WithRSAEncryption c5:71:36:77:97:ee:11:46:3c:f8:bf:db:3c:d1:1c:41:8d:9c: eb:3e:f7:bb:d3:8a:d8:83:2b:8b:17:ed:52:9c:22:f6:54:dd: 3b:47:1e:ce:b2:55:74:45:de:36:30:62:93:92:68:2d:3a:74: 5a:b6:23:00:5d:5c:81:a3:02:e0:f7:b1:73:1b:15:b6:2a:5e: 5c:82:bc:8a:d7:df:01:51:4f:fd:37:de:82:9a:71:8b:bb:08: b0:17:78:ef:f9:bc:a9:59:f1:10:d3:e1:75:7e:57:fb:7f:83: 04:0e:9c:9f:22:84:b1:42:d7:19:6c:52:80:e4:fe:e3:fd:68: d5:e6:23:b3:30:d0:18:a1:ab:e3:ca:09:2f:37:1c:12:38:bc: f7:64:e3:67:ec:c4:0a:c2:e0:db:7c:a1:2f:b7:9a:37:25:dd: dd:a9:a6:6b:48:b8:3b:7c:31:bd:97:0c:e4:4b:1f:a1:15:f9: 23:a3:43:0f:e2:2a:5f:6f:71:f7:1a:d7:ea:ca:d7:5f:14:28: 3e:a4:7d:20:39:02:35:e2:65:9c:ae:0c:e8:ca:fd:f1:8a:a7: 2b:08:32:0e:c0:4c:c1:c0:f9:25:6a:f9:bf:6f:e3:ca:3d:0e: a6:43:19:18:29:e2:1d:19:45:a1:17:ce:4a:95:a9:f0:ad:0b: 2b:96:5f:43 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUaDhE8ZOwDOkUv9PrbIkFMOvKI4owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIxMFoX DTI3MDMwMzA2MDcxMFowMzExMC8GA1UEAxMoMERFMzcwQzU2MjFBNkIwNzMwMTZB Mzc5MEFFMDY1QzFBRUM1NDI0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOzsnkCTGNQZ/KMXdy3zPqFgpjeQDATFQOscjrYrf9mYPoYAyceiXYhvcews advX6u3pwgZEmmvEpFKMtFkAcRYQD8j95h9EM/423rgTmfB4BZS+D+BKacyIsd3I HKL0zik/a0Hqgpk3hyPFSIf0Sc93v5cpVoTyoPc8EG8+dCpISffQaCPQi4HIvK6q 7tc95PLKIxk2u9GDE44kg2yZSrTy9sALesB2hSMyeh9Zg4DOrGbfDYRnvC62yZqj cgf6dfjHn2Q/TVRsD1eUZWGCim2+6I48ICxB8eKOuDfcKRFiw0AksKoD97X4aKJd gRsYAFFbWHkAJ5/7327I/zShHbECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQN43DF YhprBzAWo3kK4GXBrsVCRDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzAwOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oWYwDQYJKoZIhvcNAQELBQADggEBAMVxNneX7hFGPPi/2zzRHEGNnOs+97vTitiD K4sX7VKcIvZU3TtHHs6yVXRF3jYwYpOSaC06dFq2IwBdXIGjAuD3sXMbFbYqXlyC vIrX3wFRT/033oKacYu7CLAXeO/5vKlZ8RDT4XV+V/t/gwQOnJ8ihLFC1xlsUoDk /uP9aNXmI7Mw0Bihq+PKCS83HBI4vPdk42fsxArC4Nt8oS+3mjcl3d2ppmtIuDt8 Mb2XDORLH6EV+SOjQw/iKl9vcfca1+rK118UKD6kfSA5AjXiZZyuDOjK/fGKpysI Mg7ATMHA+SVq+b9v48o9DqZDGRgp4h0ZRaEXzkqVqfCtCyuWX0M= -----END CERTIFICATE-----Generated at Sat Mar 28 13:11:24 2026 by rpki-client