$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143311.roa File: AS143311.roa (raw, json) Hash identifier: tCVf1tB66oV+0fvdfa2je+089skHZ3wHm+xC6dFfnmg= Subject key identifier: 35:3C:78:37:85:83:DC:FC:E6:95:3A:82:C7:D4:C8:A4:5E:DB:A3:72 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 075BDB68E2E678E7EBCBCA59F130AB2670A0C30E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143311.roa Signing time: Wed 04 Mar 2026 06:07:42 +0000 ROA not before: Wed 04 Mar 2026 06:02:42 +0000 ROA not after: Wed 03 Mar 2027 06:07:42 +0000 asID: 143311 IP address blocks: 240a:a295::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:5b:db:68:e2:e6:78:e7:eb:cb:ca:59:f1:30:ab:26:70:a0:c3:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:42 2026 GMT Not After : Mar 3 06:07:42 2027 GMT Subject: CN=353C78378583DCFCE6953A82C7D4C8A45EDBA372 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:87:5f:1c:5e:be:09:3c:73:a7:e9:35:43:4a: 99:ff:a7:a5:7c:83:07:08:4e:a4:88:d3:f8:90:dd: a3:a7:75:00:36:eb:d0:30:2b:07:65:4b:a7:6c:75: da:92:47:17:5d:2b:47:61:2d:19:fc:a4:44:ba:0d: 83:6e:67:3a:d8:a8:bc:41:a8:9c:f5:75:c2:75:e4: c2:b8:f9:ea:27:aa:76:75:fb:18:b4:f6:3f:d6:dd: e2:ec:66:40:45:8b:f8:7e:c7:4f:d5:8e:86:2e:ae: 4f:e4:21:20:ba:07:be:8b:05:b0:c4:b1:66:8d:10: 5a:0b:3d:88:ba:12:69:de:57:e2:f8:bf:0a:80:8b: 49:32:dc:45:1e:18:37:b3:21:21:c4:03:c5:d5:1b: 51:68:cc:0c:42:1d:9c:3a:68:a8:6c:d8:af:1e:b1: 83:76:27:0a:ed:35:8d:81:d7:c0:44:b3:92:1a:f9: c7:39:43:52:44:1f:df:b1:95:6e:35:8c:bd:50:40: ec:f9:12:a8:ee:d4:f0:b7:98:48:0d:79:f7:2c:20: 35:3f:08:04:9a:73:6a:fa:cc:fe:ea:8b:7f:28:78: 90:ea:38:49:76:d9:88:04:fb:a9:ea:f8:f8:9b:a9: 83:5d:9f:0c:25:97:4c:68:9f:b5:ae:43:83:f7:bf: db:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:3C:78:37:85:83:DC:FC:E6:95:3A:82:C7:D4:C8:A4:5E:DB:A3:72 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143311.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a295::/32 Signature Algorithm: sha256WithRSAEncryption 10:c8:59:7a:1d:43:29:d8:9d:34:2e:3f:6e:ba:bd:d4:07:06: a0:cd:9a:98:5c:2a:fb:2b:30:18:c2:6d:5b:2a:e5:a5:c2:84: 05:e6:53:4d:63:a5:29:2a:d0:01:1b:88:97:5e:df:6e:32:7f: ae:71:b5:66:49:37:5b:1a:22:ce:aa:56:cd:a9:31:1b:f1:bf: 62:39:be:e9:71:ef:e2:1c:43:00:68:83:0e:3c:0d:d3:23:72: ec:52:f4:4f:83:c2:fc:b9:52:5b:88:46:39:1b:a6:81:f1:e8: 53:ac:43:c7:af:cc:d7:54:02:f4:f1:09:8e:cf:09:32:a1:c5: 73:4e:6a:4e:e8:2a:54:2a:43:a7:fa:e9:21:63:31:f7:aa:0d: b5:d8:c3:53:fc:dc:b2:a0:1c:28:1d:d8:fb:28:44:b8:6a:0a: 86:e2:ea:2e:b6:11:9b:df:28:4d:21:80:e3:b8:5f:90:d1:96: 7d:9e:39:d4:02:a9:d4:85:5c:19:4e:2b:1b:98:12:f9:1a:56: 74:40:a2:36:6e:a5:86:34:08:f9:45:08:2b:f1:c3:90:fb:3f: fb:1f:00:ac:80:e3:42:0d:09:ff:f5:15:37:4f:e7:25:11:5a: a5:fd:6a:ac:32:d9:d7:32:94:3d:95:c9:18:8f:a1:b6:f4:e5: 10:18:a7:95 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUB1vbaOLmeOfry8pZ8TCrJnCgww4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI0MloX DTI3MDMwMzA2MDc0MlowMzExMC8GA1UEAxMoMzUzQzc4Mzc4NTgzRENGQ0U2OTUz QTgyQzdENEM4QTQ1RURCQTM3MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALSHXxxevgk8c6fpNUNKmf+npXyDBwhOpIjT+JDdo6d1ADbr0DArB2VLp2x1 2pJHF10rR2EtGfykRLoNg25nOtiovEGonPV1wnXkwrj56ieqdnX7GLT2P9bd4uxm QEWL+H7HT9WOhi6uT+QhILoHvosFsMSxZo0QWgs9iLoSad5X4vi/CoCLSTLcRR4Y N7MhIcQDxdUbUWjMDEIdnDpoqGzYrx6xg3YnCu01jYHXwESzkhr5xzlDUkQf37GV bjWMvVBA7PkSqO7U8LeYSA159ywgNT8IBJpzavrM/uqLfyh4kOo4SXbZiAT7qer4 +Jupg12fDCWXTGifta5Dg/e/218CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ1PHg3 hYPc/OaVOoLH1MikXtujcjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzMxMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK opUwDQYJKoZIhvcNAQELBQADggEBABDIWXodQynYnTQuP266vdQHBqDNmphcKvsr MBjCbVsq5aXChAXmU01jpSkq0AEbiJde324yf65xtWZJN1saIs6qVs2pMRvxv2I5 vulx7+IcQwBogw48DdMjcuxS9E+Dwvy5UluIRjkbpoHx6FOsQ8evzNdUAvTxCY7P CTKhxXNOak7oKlQqQ6f66SFjMfeqDbXYw1P83LKgHCgd2PsoRLhqCobi6i62EZvf KE0hgOO4X5DRln2eOdQCqdSFXBlOKxuYEvkaVnRAojZupYY0CPlFCCvxw5D7P/sf AKyA40INCf/1FTdP5yURWqX9aqwy2dcylD2VyRiPobb05RAYp5U= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:11 2026 by rpki-client