$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143298.roa File: AS143298.roa (raw, json) Hash identifier: uJUaHW7/LCMKVOClYTyhmEqJsxQtrHaUgZ3J24ziKeA= Subject key identifier: 29:E9:7E:5C:E2:6A:A9:4C:B3:68:85:E5:22:A3:99:A7:2F:F2:62:DB Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3D6619AEA16B38D841BADB14A5970BE93AF8655E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143298.roa Signing time: Wed 04 Mar 2026 06:07:27 +0000 ROA not before: Wed 04 Mar 2026 06:02:27 +0000 ROA not after: Wed 03 Mar 2027 06:07:27 +0000 asID: 143298 IP address blocks: 240a:a288::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:66:19:ae:a1:6b:38:d8:41:ba:db:14:a5:97:0b:e9:3a:f8:65:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:27 2026 GMT Not After : Mar 3 06:07:27 2027 GMT Subject: CN=29E97E5CE26AA94CB36885E522A399A72FF262DB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:5a:5f:9b:6f:ca:8f:cc:61:7d:0c:9d:83:01: b1:69:8a:b9:88:07:9b:d3:92:ca:81:52:e2:bf:85: da:88:f9:3d:3f:23:87:17:c9:2d:14:e8:05:bb:95: 12:0f:fd:31:1e:24:9d:8f:e4:c7:08:13:da:9f:2c: 37:24:00:9f:18:ad:c7:01:ba:f5:10:62:0a:a2:85: 0b:5b:6d:50:01:85:78:87:7d:16:48:80:42:e3:55: c2:de:1e:62:f2:08:e7:a7:9c:87:71:27:0b:1b:e9: 49:1f:48:07:59:83:ac:2b:9f:80:7e:39:23:6d:6b: 28:29:4a:8e:41:06:25:07:f0:0a:84:f3:90:fc:55: 3f:df:7e:ab:3d:f8:12:c9:10:ae:d2:71:f2:fe:17: 16:bb:56:c1:01:9d:50:81:49:5d:0a:97:eb:8b:36: 46:09:2e:34:6c:77:a8:71:6d:bc:90:96:5e:24:86: 93:35:ca:b9:6f:c7:1b:65:f9:7e:f3:41:d9:83:26: f5:9f:ee:af:1a:c7:cb:7c:80:af:69:e5:a4:51:33: df:07:a5:5e:6c:75:7c:47:25:a9:61:fd:06:88:11: 1e:58:fd:b1:16:4d:c1:b7:f3:72:d6:92:02:e0:db: af:70:40:6d:59:dc:de:ea:49:13:90:fb:76:43:f3: 69:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:E9:7E:5C:E2:6A:A9:4C:B3:68:85:E5:22:A3:99:A7:2F:F2:62:DB X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143298.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a288::/32 Signature Algorithm: sha256WithRSAEncryption 05:67:93:f2:90:38:8b:71:15:dd:1b:ed:ae:6b:4c:33:a9:5d: 5e:cb:3f:9e:6f:ab:8f:fe:5a:8b:c5:6e:cf:59:b2:b8:25:bd: f7:5d:78:c5:6a:ae:fa:96:0e:a8:25:0e:2b:2f:50:b0:58:d5: 0e:31:e7:e0:d4:56:4b:d5:93:b8:e5:ab:a9:e6:22:e3:5d:1e: 36:4a:a6:35:bd:1e:6f:ae:82:66:bc:01:21:e9:ed:7e:bc:4b: d5:a1:ed:85:54:01:96:72:f8:f1:15:6c:02:9d:33:c3:e9:54: fa:be:a1:af:91:1f:d6:03:4b:15:f9:4a:8c:9f:d1:62:98:ab: bb:99:22:5f:11:33:b3:62:20:20:e7:e9:93:e2:dd:71:d2:91: 41:f5:98:d4:48:00:b6:11:9e:5c:ba:ec:d8:f1:9c:f0:d5:78: c6:f5:93:85:51:fb:8c:53:24:8b:09:4a:68:2f:ff:71:40:39: 5a:9e:b1:5b:31:d9:43:64:17:df:5f:23:00:42:3e:f1:79:16: 3f:cc:5b:46:85:e1:1e:5d:88:2f:98:0f:35:21:26:43:41:e2: 0b:1f:e4:19:85:ac:fe:b7:90:a1:40:ee:89:2e:6a:b9:53:1d: 5d:68:56:9d:d1:ba:0f:b4:b3:c9:fe:e2:5e:35:a7:6a:38:d5: b6:c8:84:6f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPWYZrqFrONhButsUpZcL6Tr4ZV4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIyN1oX DTI3MDMwMzA2MDcyN1owMzExMC8GA1UEAxMoMjlFOTdFNUNFMjZBQTk0Q0IzNjg4 NUU1MjJBMzk5QTcyRkYyNjJEQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMBaX5tvyo/MYX0MnYMBsWmKuYgHm9OSyoFS4r+F2oj5PT8jhxfJLRToBbuV Eg/9MR4knY/kxwgT2p8sNyQAnxitxwG69RBiCqKFC1ttUAGFeId9FkiAQuNVwt4e YvII56ech3EnCxvpSR9IB1mDrCufgH45I21rKClKjkEGJQfwCoTzkPxVP99+qz34 EskQrtJx8v4XFrtWwQGdUIFJXQqX64s2RgkuNGx3qHFtvJCWXiSGkzXKuW/HG2X5 fvNB2YMm9Z/urxrHy3yAr2nlpFEz3welXmx1fEclqWH9BogRHlj9sRZNwbfzctaS AuDbr3BAbVnc3upJE5D7dkPzaWsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQp6X5c 4mqpTLNoheUio5mnL/Ji2zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzI5OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oogwDQYJKoZIhvcNAQELBQADggEBAAVnk/KQOItxFd0b7a5rTDOpXV7LP55vq4/+ WovFbs9ZsrglvfddeMVqrvqWDqglDisvULBY1Q4x5+DUVkvVk7jlq6nmIuNdHjZK pjW9Hm+ugma8ASHp7X68S9Wh7YVUAZZy+PEVbAKdM8PpVPq+oa+RH9YDSxX5Soyf 0WKYq7uZIl8RM7NiICDn6ZPi3XHSkUH1mNRIALYRnly67NjxnPDVeMb1k4VR+4xT JIsJSmgv/3FAOVqesVsx2UNkF99fIwBCPvF5Fj/MW0aF4R5diC+YDzUhJkNB4gsf 5BmFrP63kKFA7okuarlTHV1oVp3Rug+0s8n+4l41p2o41bbIhG8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:30 2026 by rpki-client