$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143317.roa File: AS143317.roa (raw, json) Hash identifier: rpF9Ii+aix42lo9l6iseSZQjf1AtfcK9ftczMxndMUA= Subject key identifier: 9C:55:DC:F0:B4:9B:39:C2:1D:67:49:15:66:05:3A:6B:AB:AF:73:CB Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 440F8EBBC6AA2B1B3181913A04B22289AB7A0612 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143317.roa Signing time: Wed 04 Mar 2026 06:06:44 +0000 ROA not before: Wed 04 Mar 2026 06:01:44 +0000 ROA not after: Wed 03 Mar 2027 06:06:44 +0000 asID: 143317 IP address blocks: 240a:a29b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:0f:8e:bb:c6:aa:2b:1b:31:81:91:3a:04:b2:22:89:ab:7a:06:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:44 2026 GMT Not After : Mar 3 06:06:44 2027 GMT Subject: CN=9C55DCF0B49B39C21D67491566053A6BABAF73CB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:5b:c6:2e:ff:3f:10:a0:e9:87:69:fc:6e:50: 44:85:dc:8f:3e:88:f4:82:2b:1c:08:39:5b:30:ca: 47:7d:23:7e:45:2d:43:37:fe:f1:3b:af:6e:cf:d3: b3:67:97:55:51:13:bf:38:e2:8e:3a:5e:20:5a:5e: d9:af:e4:35:4b:78:3f:5f:9f:d6:5c:ba:05:93:fc: e6:28:3f:40:97:1f:81:ce:8e:d6:bf:df:88:77:1b: 2e:c9:ae:d9:3e:a8:db:32:85:c6:ef:b9:96:13:ca: 31:b8:5d:00:5d:79:be:ce:6d:a4:7e:50:11:8c:2e: 66:c2:e9:23:09:f6:14:6a:52:29:f1:24:43:58:a3: 14:50:04:bb:30:09:10:86:57:4b:0f:e9:f7:56:5b: 68:57:cb:ab:ec:8a:8b:0b:97:94:0d:77:a4:e6:99: ee:7b:fa:d4:00:1a:82:40:8e:fb:0f:f0:05:55:29: 63:ea:d2:ee:a9:a0:24:7a:44:36:b4:18:f6:00:3c: 57:8e:da:52:ac:2f:37:53:de:1c:a0:40:be:ff:9b: 08:f8:70:69:8a:7e:61:fb:66:1e:18:b7:91:8f:16: 57:f3:90:a7:52:0b:ff:89:f0:53:81:fc:3b:86:0c: 70:7e:27:c4:ad:f2:99:3e:de:3a:d4:e7:09:8d:fb: 8f:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:55:DC:F0:B4:9B:39:C2:1D:67:49:15:66:05:3A:6B:AB:AF:73:CB X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143317.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a29b::/32 Signature Algorithm: sha256WithRSAEncryption 53:75:46:f1:22:f0:d2:c0:a3:34:b6:e8:1c:e8:49:8f:a6:d8: 51:f5:2c:02:de:54:0b:81:45:97:00:fb:e1:77:80:9e:e3:bf: 52:7e:35:3e:e5:13:e4:ac:23:00:6a:be:66:1f:13:04:b9:62: 27:7e:68:7c:e6:df:2b:de:f9:53:85:2c:1f:2d:46:59:33:91: e6:89:69:93:cf:86:0c:00:c9:be:a1:99:a0:4f:c0:10:26:57: 8c:dc:49:4a:36:1b:41:74:be:46:77:6e:b0:c9:6a:fd:60:4f: 5f:16:c7:d4:67:c2:cb:02:40:64:fe:8d:5f:6e:1a:81:a5:46: 07:ba:e4:68:7a:2f:b5:34:fb:b4:a0:bf:f4:5e:a7:a1:36:da: 78:2b:50:1e:5a:99:cc:dd:a0:f4:95:f0:bf:e8:7e:f8:fa:1e: 3d:a4:5d:eb:55:41:24:f6:66:c6:11:11:6b:6a:ff:47:fa:61: ce:01:3e:35:76:1e:8a:3e:e7:55:da:67:75:b0:80:8d:58:0a: 3f:ad:20:b8:98:9d:67:f7:16:da:1f:ac:6f:f2:de:aa:16:aa: ce:89:17:be:24:c2:94:0f:5d:8d:18:e7:73:16:fa:cb:80:ca: 9b:93:cc:f5:b5:03:bc:7a:dd:e3:77:bd:39:ad:09:3b:01:17: 16:1b:48:c3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIURA+Ou8aqKxsxgZE6BLIiiat6BhIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE0NFoX DTI3MDMwMzA2MDY0NFowMzExMC8GA1UEAxMoOUM1NURDRjBCNDlCMzlDMjFENjc0 OTE1NjYwNTNBNkJBQkFGNzNDQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALtbxi7/PxCg6Ydp/G5QRIXcjz6I9IIrHAg5WzDKR30jfkUtQzf+8Tuvbs/T s2eXVVETvzjijjpeIFpe2a/kNUt4P1+f1ly6BZP85ig/QJcfgc6O1r/fiHcbLsmu 2T6o2zKFxu+5lhPKMbhdAF15vs5tpH5QEYwuZsLpIwn2FGpSKfEkQ1ijFFAEuzAJ EIZXSw/p91ZbaFfLq+yKiwuXlA13pOaZ7nv61AAagkCO+w/wBVUpY+rS7qmgJHpE NrQY9gA8V47aUqwvN1PeHKBAvv+bCPhwaYp+YftmHhi3kY8WV/OQp1IL/4nwU4H8 O4YMcH4nxK3ymT7eOtTnCY37j+sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBScVdzw tJs5wh1nSRVmBTprq69zyzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzMxNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK opswDQYJKoZIhvcNAQELBQADggEBAFN1RvEi8NLAozS26BzoSY+m2FH1LALeVAuB RZcA++F3gJ7jv1J+NT7lE+SsIwBqvmYfEwS5Yid+aHzm3yve+VOFLB8tRlkzkeaJ aZPPhgwAyb6hmaBPwBAmV4zcSUo2G0F0vkZ3brDJav1gT18Wx9RnwssCQGT+jV9u GoGlRge65Gh6L7U0+7Sgv/Rep6E22ngrUB5amczdoPSV8L/ofvj6Hj2kXetVQST2 ZsYREWtq/0f6Yc4BPjV2Hoo+51XaZ3WwgI1YCj+tILiYnWf3FtofrG/y3qoWqs6J F74kwpQPXY0Y53MW+suAypuTzPW1A7x63eN3vTmtCTsBFxYbSMM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:11 2026 by rpki-client