$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143304.roa File: AS143304.roa (raw, json) Hash identifier: yz5+A3NcArCPA08lsdnNpJlA80IKmC04mNUmPPHUbrs= Subject key identifier: 51:89:3D:7E:6B:51:03:9E:0C:D4:71:12:1E:6F:9F:44:1F:D7:9B:DE Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5B21244A96163AA805C5F151EC7B986996537D25 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143304.roa Signing time: Wed 04 Mar 2026 06:07:08 +0000 ROA not before: Wed 04 Mar 2026 06:02:08 +0000 ROA not after: Wed 03 Mar 2027 06:07:08 +0000 asID: 143304 IP address blocks: 240a:a28e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:21:24:4a:96:16:3a:a8:05:c5:f1:51:ec:7b:98:69:96:53:7d:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:08 2026 GMT Not After : Mar 3 06:07:08 2027 GMT Subject: CN=51893D7E6B51039E0CD471121E6F9F441FD79BDE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:b8:82:dc:ed:c4:72:04:92:ad:73:55:b0:a7: d1:3a:80:98:63:89:e4:5e:5b:cd:99:7a:c6:4c:62: 49:0a:a5:25:51:43:1c:5e:4b:e3:bb:37:4b:d9:5b: a9:df:d5:98:39:3d:68:41:b3:33:8b:39:92:3b:ff: ef:be:82:30:59:b6:e2:ae:d9:70:41:50:0f:5c:34: 28:73:3b:2e:ff:8c:f5:9a:5a:c2:53:92:40:29:c6: 00:21:9a:4c:71:8e:eb:86:6c:70:14:fb:12:5c:e1: a9:18:08:97:11:24:c8:52:4f:ef:3a:40:1a:38:71: e5:af:57:2a:b2:2a:ac:58:59:40:a2:1c:59:62:a5: cd:d3:7e:c3:fc:8d:66:e5:37:a8:5a:e6:6f:a7:41: 3f:6f:eb:f1:8a:66:44:af:42:da:3b:f8:a6:bb:e9: 20:3f:82:fe:9b:9e:c4:26:04:00:ba:b1:c7:cb:cd: 87:c5:8a:5a:ef:6d:f5:14:2d:f4:d1:5a:1e:1a:52: 9f:c3:88:4d:7d:2d:a6:48:bc:ae:e6:31:fb:14:6c: 40:4c:47:49:29:3b:4a:51:eb:93:ad:ce:52:7c:f4: d4:70:cd:74:43:a6:f4:61:0e:75:b7:a0:42:98:8a: 67:de:42:26:61:14:e2:87:43:f0:d0:8f:07:fa:d6: 0a:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:89:3D:7E:6B:51:03:9E:0C:D4:71:12:1E:6F:9F:44:1F:D7:9B:DE X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143304.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a28e::/32 Signature Algorithm: sha256WithRSAEncryption cd:06:d9:48:11:e0:5a:ab:4a:30:60:02:9a:1e:eb:3c:a1:7c: 14:a7:5e:f0:e8:20:3a:6c:a8:60:56:71:49:21:ca:06:6b:5a: e6:db:4d:92:8b:5e:cb:a4:9e:bd:22:01:63:e8:b1:67:4f:25: 70:26:ab:72:ef:50:86:43:e4:d1:aa:43:9e:b6:f2:29:ae:1f: 35:49:8e:55:a0:6f:8c:8f:b9:42:7d:7a:53:87:20:80:b3:ce: de:b4:35:be:de:d4:86:a1:83:77:47:f7:0a:b3:11:c1:86:f6: c4:5f:25:27:f3:bc:b4:10:d6:25:be:52:2e:a9:b8:7c:d0:82: 92:50:fa:fa:ff:10:3f:b7:3e:7d:3e:6d:aa:56:85:1f:66:8a: 5f:94:a7:e5:77:cd:a2:a3:51:00:ce:ff:ae:75:c2:0a:ee:99: 2b:28:c4:2b:09:c6:11:cf:da:67:42:cc:c9:ca:d5:df:a4:bc: c5:63:93:d8:bc:ca:f7:f7:30:1a:5f:89:d4:74:f1:58:3d:94: 06:59:9c:92:02:60:26:91:72:f6:99:d6:c5:c3:f5:d7:2b:97: 22:fd:d4:b0:bc:dd:df:f8:51:d4:f5:1a:ba:76:f9:9a:78:39: 4f:da:ab:52:f8:b3:ad:18:1e:a3:6f:4f:aa:30:b2:df:82:ca: 4f:83:67:e6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWyEkSpYWOqgFxfFR7HuYaZZTfSUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIwOFoX DTI3MDMwMzA2MDcwOFowMzExMC8GA1UEAxMoNTE4OTNEN0U2QjUxMDM5RTBDRDQ3 MTEyMUU2RjlGNDQxRkQ3OUJERTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANq4gtztxHIEkq1zVbCn0TqAmGOJ5F5bzZl6xkxiSQqlJVFDHF5L47s3S9lb qd/VmDk9aEGzM4s5kjv/776CMFm24q7ZcEFQD1w0KHM7Lv+M9ZpawlOSQCnGACGa THGO64ZscBT7ElzhqRgIlxEkyFJP7zpAGjhx5a9XKrIqrFhZQKIcWWKlzdN+w/yN ZuU3qFrmb6dBP2/r8YpmRK9C2jv4prvpID+C/puexCYEALqxx8vNh8WKWu9t9RQt 9NFaHhpSn8OITX0tpki8ruYx+xRsQExHSSk7SlHrk63OUnz01HDNdEOm9GEOdbeg QpiKZ95CJmEU4odD8NCPB/rWCrsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRRiT1+ a1EDngzUcRIeb59EH9eb3jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzMwNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oo4wDQYJKoZIhvcNAQELBQADggEBAM0G2UgR4FqrSjBgApoe6zyhfBSnXvDoIDps qGBWcUkhygZrWubbTZKLXsuknr0iAWPosWdPJXAmq3LvUIZD5NGqQ5628imuHzVJ jlWgb4yPuUJ9elOHIICzzt60Nb7e1Iahg3dH9wqzEcGG9sRfJSfzvLQQ1iW+Ui6p uHzQgpJQ+vr/ED+3Pn0+bapWhR9mil+Up+V3zaKjUQDO/651wgrumSsoxCsJxhHP 2mdCzMnK1d+kvMVjk9i8yvf3MBpfidR08Vg9lAZZnJICYCaRcvaZ1sXD9dcrlyL9 1LC83d/4UdT1Grp2+Zp4OU/aq1L4s60YHqNvT6owst+Cyk+DZ+Y= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:34 2026 by rpki-client