$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143303.roa File: AS143303.roa (raw, json) Hash identifier: X9P+IBFikYEr1pCrpMDOQtYDDwCcXS+Mw+kgO65XiZw= Subject key identifier: CA:5C:A7:8B:0F:15:EB:35:0C:F5:7A:66:43:42:E1:60:C8:2F:C0:83 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5AA4F38FE00D077085F73C31797005E7A61B1DE8 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143303.roa Signing time: Wed 04 Mar 2026 06:05:14 +0000 ROA not before: Wed 04 Mar 2026 06:00:14 +0000 ROA not after: Wed 03 Mar 2027 06:05:14 +0000 asID: 143303 IP address blocks: 240a:a28d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:a4:f3:8f:e0:0d:07:70:85:f7:3c:31:79:70:05:e7:a6:1b:1d:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:14 2026 GMT Not After : Mar 3 06:05:14 2027 GMT Subject: CN=CA5CA78B0F15EB350CF57A664342E160C82FC083 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:80:c2:6b:fd:1b:fc:8f:cc:fc:4a:f5:84:12: 4a:e9:b8:b2:7b:73:68:d3:44:92:6a:64:7a:64:2c: 26:85:3c:96:0e:a4:a5:6b:c9:49:2e:9e:11:6f:89: 3f:d5:ee:d1:b3:32:53:2b:4a:86:3d:46:fb:18:6b: bd:63:dd:5e:b8:8a:45:36:a4:0e:8f:7e:56:45:d4: 56:d0:29:04:da:d1:4d:cb:bd:d2:80:13:83:5e:8e: 79:6b:e7:42:4a:fb:8f:6d:90:16:27:04:ab:f9:80: d0:17:4d:dd:29:2b:35:41:89:ff:e4:a9:0f:fe:75: 45:b3:cc:3a:0d:45:5f:84:34:e4:4c:8f:ad:52:02: 8c:f9:62:74:a0:61:b4:57:78:47:88:d6:d7:2d:af: 93:1d:bf:49:21:a8:19:ff:ea:21:dc:27:22:e2:cf: 33:c8:68:fe:d6:89:7a:f1:c7:24:7b:29:5c:cd:a1: a6:e8:c1:87:71:c3:84:cc:41:49:8b:4f:c5:55:3d: ec:52:6b:0b:fb:81:5e:77:dc:ee:ef:bf:7d:a5:63: e9:c4:6f:3c:eb:0d:30:fa:5d:79:a2:9c:af:f0:c4: 1b:1c:ac:bf:1c:3e:72:af:ed:3d:63:9f:ae:a9:1e: e3:1a:35:ad:53:bb:97:a4:f5:dc:bf:97:dc:c5:9d: 13:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:5C:A7:8B:0F:15:EB:35:0C:F5:7A:66:43:42:E1:60:C8:2F:C0:83 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143303.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a28d::/32 Signature Algorithm: sha256WithRSAEncryption cb:91:cd:a1:b9:f5:83:d3:5f:d1:39:01:bd:45:f4:d2:59:f2: e9:d8:df:ca:8c:03:d3:3c:bf:b5:e2:bb:6e:25:f9:fa:43:e4: 2b:f8:6b:3b:c0:e1:30:9b:02:c3:73:e3:5d:83:2d:d9:66:36: 81:67:d9:2b:72:5a:cc:a0:de:bd:fa:26:6a:37:b4:aa:b3:96: 61:d8:75:65:3a:d0:fb:fd:9c:c7:71:9f:2f:60:9e:e7:67:c6: c6:c6:21:eb:d6:22:80:6c:d6:a7:a9:ea:a9:23:a7:53:b0:78: f5:b2:f6:ba:51:b7:08:6e:d1:c5:1d:69:04:e4:a8:82:33:ad: 02:0a:94:58:87:de:5b:5a:c4:fa:4b:fd:7e:79:cd:2d:3e:f3: da:1c:41:aa:67:a9:a9:58:fa:ff:0e:49:c0:bf:6d:37:8d:99: e7:75:3f:91:fc:47:05:ac:83:d4:2b:61:f2:33:00:2e:15:87: dc:e2:9b:8f:a9:f3:27:79:e1:b7:fa:0d:3f:37:8a:4a:52:30: e5:ac:c2:2f:f4:02:49:08:4f:31:56:4a:6f:23:e9:b5:04:ef: ed:90:b3:16:86:75:15:af:60:45:8f:aa:ba:7f:be:8c:1a:1b: ba:31:40:2f:66:0c:64:bc:5b:bf:a0:c6:4f:29:48:14:5c:f6: 4e:25:e4:78 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWqTzj+ANB3CF9zwxeXAF56YbHegwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAxNFoX DTI3MDMwMzA2MDUxNFowMzExMC8GA1UEAxMoQ0E1Q0E3OEIwRjE1RUIzNTBDRjU3 QTY2NDM0MkUxNjBDODJGQzA4MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK2Awmv9G/yPzPxK9YQSSum4sntzaNNEkmpkemQsJoU8lg6kpWvJSS6eEW+J P9Xu0bMyUytKhj1G+xhrvWPdXriKRTakDo9+VkXUVtApBNrRTcu90oATg16OeWvn Qkr7j22QFicEq/mA0BdN3SkrNUGJ/+SpD/51RbPMOg1FX4Q05EyPrVICjPlidKBh tFd4R4jW1y2vkx2/SSGoGf/qIdwnIuLPM8ho/taJevHHJHspXM2hpujBh3HDhMxB SYtPxVU97FJrC/uBXnfc7u+/faVj6cRvPOsNMPpdeaKcr/DEGxysvxw+cq/tPWOf rqke4xo1rVO7l6T13L+X3MWdEy8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTKXKeL DxXrNQz1emZDQuFgyC/AgzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzMwMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oo0wDQYJKoZIhvcNAQELBQADggEBAMuRzaG59YPTX9E5Ab1F9NJZ8unY38qMA9M8 v7Xiu24l+fpD5Cv4azvA4TCbAsNz412DLdlmNoFn2StyWsyg3r36Jmo3tKqzlmHY dWU60Pv9nMdxny9gnudnxsbGIevWIoBs1qep6qkjp1OwePWy9rpRtwhu0cUdaQTk qIIzrQIKlFiH3ltaxPpL/X55zS0+89ocQapnqalY+v8OScC/bTeNmed1P5H8RwWs g9QrYfIzAC4Vh9zim4+p8yd54bf6DT83ikpSMOWswi/0AkkITzFWSm8j6bUE7+2Q sxaGdRWvYEWPqrp/vowaG7oxQC9mDGS8W7+gxk8pSBRc9k4l5Hg= -----END CERTIFICATE-----Generated at Sat Mar 28 15:53:32 2026 by rpki-client