$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143084.roa File: AS143084.roa (raw, json) Hash identifier: 3UPtASBkQA5XNBpi6j5TMcF1E/+a37Z7f8rxgfuqZRY= Subject key identifier: BC:CD:D4:B0:F6:CF:04:48:68:F7:66:C3:F1:CC:B2:41:A3:1C:30:10 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 749E80CF5C31838372CF48001B82947C43CA4FBF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143084.roa Signing time: Wed 04 Mar 2026 06:05:25 +0000 ROA not before: Wed 04 Mar 2026 06:00:25 +0000 ROA not after: Wed 03 Mar 2027 06:05:25 +0000 asID: 143084 IP address blocks: 240a:a1b2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:9e:80:cf:5c:31:83:83:72:cf:48:00:1b:82:94:7c:43:ca:4f:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:25 2026 GMT Not After : Mar 3 06:05:25 2027 GMT Subject: CN=BCCDD4B0F6CF044868F766C3F1CCB241A31C3010 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:f6:01:4c:83:24:84:36:92:e7:64:99:28:a3: 59:4d:20:aa:0c:8c:17:0e:29:cd:aa:26:4d:c4:99: d5:93:32:ba:29:b0:de:5d:55:a5:31:50:4d:68:dd: 60:99:52:82:db:05:c1:dc:30:87:18:cc:47:15:ae: ef:16:bb:31:d1:d0:d6:43:85:22:87:0a:e4:48:06: a2:67:de:f9:7a:87:e7:4b:36:89:df:de:11:36:f0: 36:2c:af:c8:29:8a:5d:fb:48:bd:35:df:d9:fb:dd: 4c:c4:fe:d7:6e:6e:3d:94:34:3e:ab:2f:1c:68:06: 8a:21:36:53:9f:d3:6b:a5:be:96:c2:25:12:0f:d1: d8:4c:74:55:05:97:fe:ed:21:8a:ac:f1:e4:85:7a: 12:1f:32:47:65:88:1e:3a:bf:80:67:aa:20:a5:f9: ce:60:4d:f2:20:ab:6e:f2:13:b8:85:62:35:d2:5e: 08:5b:37:3f:31:c1:a2:9b:49:2d:94:4c:ab:0c:4c: a7:ec:27:6c:c3:e0:2b:a5:d6:e2:95:29:19:6a:76: 59:86:90:d8:7f:1b:e2:89:c9:3e:8c:59:78:f2:e2: ae:16:8a:b2:00:13:41:ff:1c:12:45:df:4f:db:ff: 2c:f2:ac:41:76:66:ab:c6:d5:5c:da:cd:ca:1d:c7: e1:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:CD:D4:B0:F6:CF:04:48:68:F7:66:C3:F1:CC:B2:41:A3:1C:30:10 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143084.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1b2::/32 Signature Algorithm: sha256WithRSAEncryption 58:37:eb:f2:05:3f:4d:77:73:56:dd:d2:fa:44:05:8f:9d:65: a0:c8:88:36:d2:df:46:ee:ef:c9:c2:2a:3d:d6:2e:da:8b:e3: d5:4e:10:91:05:60:0f:af:4d:7d:0a:9c:26:97:94:9d:97:0a: af:40:9d:4d:f8:15:7b:df:02:78:9a:fa:85:1f:84:38:0c:e5: 84:2b:91:6f:d4:5c:59:10:a1:77:73:6a:39:ff:71:71:83:59: 63:4a:d4:d2:ff:f0:ae:61:11:87:0e:5f:85:7b:a7:da:74:66: 34:a2:ec:50:f9:de:51:f7:13:27:0a:c5:f3:b6:c7:50:d9:b5: b9:12:91:9d:54:0e:db:5d:bb:26:2a:ad:51:fe:b6:e8:e8:20: 4d:d9:d2:0d:d8:fd:cb:9a:a3:b9:09:7f:e7:b2:38:4e:78:3c: b9:c2:be:ff:f7:48:24:50:47:67:94:ba:e7:0b:96:5b:6b:bb: 06:d6:57:8b:d3:27:ed:48:a9:a1:5d:77:e1:fa:f2:3c:80:2a: 70:89:d2:cf:40:ae:22:bb:3e:05:5f:b1:72:18:e6:42:f6:d3: 85:89:44:3c:09:3b:8d:6e:42:38:e2:d2:e0:c4:10:8a:d8:95: 85:12:ac:3b:e6:3e:67:3e:27:e8:e8:e9:32:f4:92:ef:55:4c: 5c:22:ea:58 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUdJ6Az1wxg4Nyz0gAG4KUfEPKT78wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAyNVoX DTI3MDMwMzA2MDUyNVowMzExMC8GA1UEAxMoQkNDREQ0QjBGNkNGMDQ0ODY4Rjc2 NkMzRjFDQ0IyNDFBMzFDMzAxMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALP2AUyDJIQ2kudkmSijWU0gqgyMFw4pzaomTcSZ1ZMyuimw3l1VpTFQTWjd YJlSgtsFwdwwhxjMRxWu7xa7MdHQ1kOFIocK5EgGomfe+XqH50s2id/eETbwNiyv yCmKXftIvTXf2fvdTMT+125uPZQ0PqsvHGgGiiE2U5/Ta6W+lsIlEg/R2Ex0VQWX /u0hiqzx5IV6Eh8yR2WIHjq/gGeqIKX5zmBN8iCrbvITuIViNdJeCFs3PzHBoptJ LZRMqwxMp+wnbMPgK6XW4pUpGWp2WYaQ2H8b4onJPoxZePLirhaKsgATQf8cEkXf T9v/LPKsQXZmq8bVXNrNyh3H4ZcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS8zdSw 9s8ESGj3ZsPxzLJBoxwwEDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzA4NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK obIwDQYJKoZIhvcNAQELBQADggEBAFg36/IFP013c1bd0vpEBY+dZaDIiDbS30bu 78nCKj3WLtqL49VOEJEFYA+vTX0KnCaXlJ2XCq9AnU34FXvfAnia+oUfhDgM5YQr kW/UXFkQoXdzajn/cXGDWWNK1NL/8K5hEYcOX4V7p9p0ZjSi7FD53lH3EycKxfO2 x1DZtbkSkZ1UDttduyYqrVH+tujoIE3Z0g3Y/cuao7kJf+eyOE54PLnCvv/3SCRQ R2eUuucLlltruwbWV4vTJ+1IqaFdd+H68jyAKnCJ0s9AriK7PgVfsXIY5kL204WJ RDwJO41uQjji0uDEEIrYlYUSrDvmPmc+J+jo6TL0ku9VTFwi6lg= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:14 2026 by rpki-client