$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143292.roa File: AS143292.roa (raw, json) Hash identifier: qeJjvTxDoo3zvuRsqruIGSKTbfbT5yGY8EICpAP832Q= Subject key identifier: 52:CC:23:2C:B6:5B:23:75:56:FB:B2:9E:7D:83:D4:9E:25:E2:A6:7E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 293EF8A1453D40A6393C91A66FCDEC4565829017 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143292.roa Signing time: Wed 04 Mar 2026 06:06:50 +0000 ROA not before: Wed 04 Mar 2026 06:01:50 +0000 ROA not after: Wed 03 Mar 2027 06:06:50 +0000 asID: 143292 IP address blocks: 240a:a282::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:3e:f8:a1:45:3d:40:a6:39:3c:91:a6:6f:cd:ec:45:65:82:90:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:50 2026 GMT Not After : Mar 3 06:06:50 2027 GMT Subject: CN=52CC232CB65B237556FBB29E7D83D49E25E2A67E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:33:33:62:3f:13:83:ef:13:02:32:7b:90:e7: 76:a4:65:12:9e:08:4a:79:31:a4:89:ea:b7:01:bb: 9a:8b:2d:7c:0e:cc:5e:d2:eb:3e:9d:85:c1:b5:8b: bd:23:e9:76:e3:53:2f:4a:8f:03:78:3e:25:f9:0c: 08:5b:8f:93:4c:ec:14:c0:cc:e7:c9:5e:44:90:4f: f8:0b:27:ec:11:0f:45:38:b3:89:c0:e0:d7:e1:30: 06:51:4d:88:c8:9b:3c:d5:e6:8b:35:b0:3b:7c:1e: da:1b:e6:29:fa:cc:37:88:fd:a2:5e:c4:5e:ba:3f: ff:a9:b9:b1:f2:da:4d:ea:53:8a:c6:59:0c:3c:b7: 1f:94:38:ad:be:18:9e:bd:b7:a6:2f:c5:1b:67:80: 1c:a5:69:79:39:c9:f7:ea:0b:2b:f3:c0:e1:73:b3: 74:6e:12:b0:cd:bd:91:28:08:5f:13:b2:ff:39:9b: c8:8b:2f:6f:0f:0a:29:f4:eb:ee:c2:e1:8a:f8:6d: 81:18:b5:88:5b:ab:11:df:61:59:32:3e:cd:86:63: 87:f0:71:48:04:69:ec:e1:71:65:3f:8e:78:50:5e: ff:e6:e7:d8:d1:70:0d:92:4b:e8:55:0b:2c:61:c4: f4:a7:31:4a:08:d0:bc:ae:9a:cd:4e:35:3d:f5:d0: c0:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:CC:23:2C:B6:5B:23:75:56:FB:B2:9E:7D:83:D4:9E:25:E2:A6:7E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143292.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a282::/32 Signature Algorithm: sha256WithRSAEncryption 5b:96:96:be:0c:d9:9c:e5:4f:91:12:40:07:08:b5:fe:b4:30: a8:ec:a3:03:d2:e3:38:7f:31:8d:7a:86:a1:69:82:cc:c3:20: af:67:86:75:d1:fd:25:c5:7c:26:dc:9d:92:d8:6e:6b:bc:66: e8:10:36:87:b9:f8:01:0e:c1:36:88:79:c6:cf:ee:e6:a9:a9: ba:7d:6c:53:d1:8f:12:50:f9:c6:0e:0f:f2:5c:29:c2:dc:c7: d8:de:44:09:2a:97:ba:ed:0c:19:e6:14:4a:5b:22:02:22:0b: 57:16:8d:90:a4:0f:e2:24:fb:f3:27:48:9c:86:10:da:6c:ae: 06:26:ac:e5:a2:b2:1c:ad:32:8c:55:04:e0:f3:dd:d7:de:4e: 1b:28:ab:e5:93:04:a5:96:54:6e:b1:9b:04:7f:40:e9:30:b0: fb:43:a5:34:bf:bf:35:f3:bc:7e:4d:bc:ad:a0:21:7c:7b:7b: df:f0:6e:f7:10:a7:fa:51:2d:c0:d3:f1:ab:1e:59:c5:3f:83: 5b:cc:4c:ce:79:e8:40:1b:b0:71:02:1f:d3:74:79:47:33:25: 0e:80:1e:82:d7:3a:1b:36:44:b2:71:d3:9d:df:fa:58:7e:e1: 0b:2c:5c:55:e7:fd:51:21:7c:5b:fa:e7:90:18:f5:e7:bc:00: 17:e7:87:ac -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKT74oUU9QKY5PJGmb83sRWWCkBcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE1MFoX DTI3MDMwMzA2MDY1MFowMzExMC8GA1UEAxMoNTJDQzIzMkNCNjVCMjM3NTU2RkJC MjlFN0Q4M0Q0OUUyNUUyQTY3RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJgzM2I/E4PvEwIye5DndqRlEp4ISnkxpInqtwG7mostfA7MXtLrPp2FwbWL vSPpduNTL0qPA3g+JfkMCFuPk0zsFMDM58leRJBP+Asn7BEPRTizicDg1+EwBlFN iMibPNXmizWwO3we2hvmKfrMN4j9ol7EXro//6m5sfLaTepTisZZDDy3H5Q4rb4Y nr23pi/FG2eAHKVpeTnJ9+oLK/PA4XOzdG4SsM29kSgIXxOy/zmbyIsvbw8KKfTr 7sLhivhtgRi1iFurEd9hWTI+zYZjh/BxSARp7OFxZT+OeFBe/+bn2NFwDZJL6FUL LGHE9KcxSgjQvK6azU41PfXQwJkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRSzCMs tlsjdVb7sp59g9SeJeKmfjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzI5Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ooIwDQYJKoZIhvcNAQELBQADggEBAFuWlr4M2ZzlT5ESQAcItf60MKjsowPS4zh/ MY16hqFpgszDIK9nhnXR/SXFfCbcnZLYbmu8ZugQNoe5+AEOwTaIecbP7uapqbp9 bFPRjxJQ+cYOD/JcKcLcx9jeRAkql7rtDBnmFEpbIgIiC1cWjZCkD+Ik+/MnSJyG ENpsrgYmrOWishytMoxVBODz3dfeThsoq+WTBKWWVG6xmwR/QOkwsPtDpTS/vzXz vH5NvK2gIXx7e9/wbvcQp/pRLcDT8aseWcU/g1vMTM556EAbsHECH9N0eUczJQ6A HoLXOhs2RLJx053f+lh+4QssXFXn/VEhfFv655AY9ee8ABfnh6w= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:26 2026 by rpki-client