$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143088.roa File: AS143088.roa (raw, json) Hash identifier: sRObqr1gPJaPAIPtO3JbNM+XSuj+dRGM8NDFKpTwmgU= Subject key identifier: FD:DD:82:1A:98:39:28:C0:F4:EA:72:E4:CC:4A:B0:33:F4:C8:03:E7 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 42600D809626B7E8239CE8E44243C30276EEA72D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143088.roa Signing time: Wed 04 Mar 2026 06:06:06 +0000 ROA not before: Wed 04 Mar 2026 06:01:06 +0000 ROA not after: Wed 03 Mar 2027 06:06:06 +0000 asID: 143088 IP address blocks: 240a:a1b6::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:60:0d:80:96:26:b7:e8:23:9c:e8:e4:42:43:c3:02:76:ee:a7:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:06 2026 GMT Not After : Mar 3 06:06:06 2027 GMT Subject: CN=FDDD821A983928C0F4EA72E4CC4AB033F4C803E7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:38:9f:9d:0c:27:e0:09:ab:22:eb:9e:50:80: 28:82:96:40:5e:c5:ef:b9:3c:32:64:53:93:89:2c: c7:8a:34:92:2b:4a:b0:37:e6:19:96:67:0c:9c:bf: 9d:66:e4:23:39:f4:e9:36:bb:18:f6:e5:05:10:fe: fe:40:82:4f:88:82:e8:80:d2:d1:73:f9:02:83:f7: 24:29:6b:81:df:7f:74:43:3e:f3:8e:fb:b6:46:85: 48:7e:fe:54:28:b3:90:4a:48:9e:77:7a:d7:15:7d: b9:4b:9f:09:9a:05:4a:0c:4b:a9:7c:60:e4:49:62: 11:3f:ec:83:cb:1a:c8:33:b7:ce:a5:e7:5c:3b:25: 5f:6c:a8:8b:ab:d0:66:5c:ba:54:52:bb:b0:06:51: c0:e9:9b:9f:57:cf:ca:de:af:15:7c:25:0c:f0:cf: 10:7c:4c:8d:75:d7:20:e3:24:46:be:2b:36:2d:54: 49:9f:01:e7:43:86:c1:62:0a:5d:1f:3e:77:23:89: da:04:6e:10:42:33:54:f5:83:72:92:a0:d3:79:b0: 70:b6:de:26:d7:de:1c:6c:af:b1:c0:0e:ed:fd:b2: 36:29:38:ca:fe:55:22:6b:6b:0a:eb:df:23:2e:a0: 0d:19:dd:09:50:e4:69:fc:a8:a1:0c:82:a2:a5:29: fd:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:DD:82:1A:98:39:28:C0:F4:EA:72:E4:CC:4A:B0:33:F4:C8:03:E7 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143088.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1b6::/32 Signature Algorithm: sha256WithRSAEncryption 6d:42:c0:3b:42:4f:f2:86:3f:74:21:74:49:26:d3:8c:a1:93: 13:eb:03:da:43:0b:ef:f2:56:30:28:89:d2:63:12:55:64:41: e5:58:95:58:e6:00:15:55:2b:bf:60:82:3e:c9:22:7c:38:ca: 37:68:b4:a2:f0:11:f3:f1:80:2d:e8:86:b4:ea:39:c4:de:7b: dc:8f:fc:e9:5c:15:e1:fd:25:ab:ce:f1:bd:02:25:0d:18:a4: a5:5a:9e:0e:d7:97:d3:f3:06:af:01:df:40:59:00:e3:3d:dd: 73:52:e0:6e:d0:17:fa:0a:a3:d3:f7:e4:47:d0:3b:7b:05:1f: 5e:a2:af:87:d0:90:b5:87:18:20:31:2d:48:f2:f8:e2:77:ee: 9c:54:e4:ca:7a:38:d7:95:bf:ad:06:cc:79:13:24:63:39:16: f1:3e:b3:7c:0d:29:b0:6b:b6:8e:2a:a0:5c:d3:4e:f7:ab:0b: 6b:2c:14:68:8d:d2:af:b7:84:9e:64:85:47:e7:a5:82:73:77: 2b:4c:6c:1b:c7:f8:7f:71:c3:2f:70:a2:e3:9a:5d:54:5e:c7: 78:41:6c:b2:4d:4a:b7:53:bb:fc:76:92:36:cc:4e:4e:c4:9d: f8:f8:30:0c:71:a5:f8:38:7a:0c:f4:f5:34:64:76:9d:43:ff: ee:f9:10:1e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQmANgJYmt+gjnOjkQkPDAnbupy0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEwNloX DTI3MDMwMzA2MDYwNlowMzExMC8GA1UEAxMoRkRERDgyMUE5ODM5MjhDMEY0RUE3 MkU0Q0M0QUIwMzNGNEM4MDNFNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK44n50MJ+AJqyLrnlCAKIKWQF7F77k8MmRTk4ksx4o0kitKsDfmGZZnDJy/ nWbkIzn06Ta7GPblBRD+/kCCT4iC6IDS0XP5AoP3JClrgd9/dEM+8477tkaFSH7+ VCizkEpInnd61xV9uUufCZoFSgxLqXxg5EliET/sg8sayDO3zqXnXDslX2yoi6vQ Zly6VFK7sAZRwOmbn1fPyt6vFXwlDPDPEHxMjXXXIOMkRr4rNi1USZ8B50OGwWIK XR8+dyOJ2gRuEEIzVPWDcpKg03mwcLbeJtfeHGyvscAO7f2yNik4yv5VImtrCuvf Iy6gDRndCVDkafyooQyCoqUp/dECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT93YIa mDkowPTqcuTMSrAz9MgD5zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzA4OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK obYwDQYJKoZIhvcNAQELBQADggEBAG1CwDtCT/KGP3QhdEkm04yhkxPrA9pDC+/y VjAoidJjElVkQeVYlVjmABVVK79ggj7JInw4yjdotKLwEfPxgC3ohrTqOcTee9yP /OlcFeH9JavO8b0CJQ0YpKVang7Xl9PzBq8B30BZAOM93XNS4G7QF/oKo9P35EfQ O3sFH16ir4fQkLWHGCAxLUjy+OJ37pxU5Mp6ONeVv60GzHkTJGM5FvE+s3wNKbBr to4qoFzTTverC2ssFGiN0q+3hJ5khUfnpYJzdytMbBvH+H9xwy9wouOaXVRex3hB bLJNSrdTu/x2kjbMTk7Enfj4MAxxpfg4egz09TRkdp1D/+75EB4= -----END CERTIFICATE-----Generated at Sat Mar 28 13:06:14 2026 by rpki-client