$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143323.roa File: AS143323.roa (raw, json) Hash identifier: Zsqr60H+7AiucNBamrFUZlXFM0p7Uga87D/VM2FNrws= Subject key identifier: EF:70:B7:2B:5C:1B:93:3F:2A:16:E5:35:F9:74:51:20:12:E2:93:97 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 644D0DBE432B6C0FD5D515FD392592A3F0427657 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143323.roa Signing time: Wed 04 Mar 2026 06:05:51 +0000 ROA not before: Wed 04 Mar 2026 06:00:51 +0000 ROA not after: Wed 03 Mar 2027 06:05:51 +0000 asID: 143323 IP address blocks: 240a:a2a1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:4d:0d:be:43:2b:6c:0f:d5:d5:15:fd:39:25:92:a3:f0:42:76:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:51 2026 GMT Not After : Mar 3 06:05:51 2027 GMT Subject: CN=EF70B72B5C1B933F2A16E535F974512012E29397 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:ee:1a:c6:06:a9:42:f2:9f:1e:32:21:f3:52: 5c:f2:45:18:49:2a:ea:b3:75:f7:b1:c7:8d:38:8c: 91:4a:dc:fd:a1:9c:30:3f:bb:76:88:c3:d0:45:b8: 34:85:c2:f6:7e:fe:4c:4d:32:0e:02:f7:13:23:3b: 9c:ec:c5:45:b3:08:78:94:6f:27:0d:80:61:15:d8: 01:3e:e3:59:3b:ca:b2:46:63:f0:78:db:97:dc:a8: 53:32:b0:b0:10:fb:8d:cb:c5:94:6d:a8:69:fc:4e: 42:17:1a:5e:ed:f8:37:29:1d:b1:10:9e:87:52:36: 9d:01:52:8a:58:7f:a3:cb:1d:c7:98:36:63:ae:ff: 3c:3a:a6:31:5b:27:17:5b:91:83:09:fc:84:c8:ed: b4:4e:63:e6:94:10:ac:0d:b1:9f:14:9f:0f:8c:a4: f4:eb:87:a7:10:13:72:6a:6d:6a:43:87:dd:96:9e: 00:c5:b8:74:39:0c:64:e8:9e:1f:87:26:a4:69:62: 08:af:7f:f6:f8:5a:d3:2a:16:79:5a:6d:e1:fa:ba: e7:62:27:55:b0:73:b8:11:72:37:e6:34:65:f6:c9: 05:9f:66:79:5d:d3:9f:39:c4:06:5f:f7:16:29:a1: 99:90:7f:45:56:78:92:e9:24:9e:08:b9:86:08:ab: 63:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:70:B7:2B:5C:1B:93:3F:2A:16:E5:35:F9:74:51:20:12:E2:93:97 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143323.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2a1::/32 Signature Algorithm: sha256WithRSAEncryption 1f:59:49:85:5d:bd:5e:a0:cd:56:bc:f7:e0:d2:19:65:2c:fc: a8:5b:20:b9:01:c4:45:d2:f3:5b:0c:45:c9:a8:22:a7:c9:57: aa:bc:6a:7d:a3:4d:6d:29:f8:69:29:d3:e5:cb:59:1c:dd:9f: f1:66:95:96:a3:fa:0a:74:76:61:fb:99:45:38:03:52:34:8d: f8:87:a1:7d:d0:0d:71:cb:83:0d:12:b6:85:e0:ec:3d:a8:35: f0:cf:2f:07:09:05:28:ef:1e:8b:76:57:1c:60:92:a5:b9:d6: b6:80:87:44:51:41:ee:4d:20:5e:7b:49:23:69:44:14:2a:ff: 39:09:8f:9e:e6:3a:fe:53:f5:39:3f:ab:72:78:4c:50:71:78: c5:48:bb:37:45:4f:94:70:e5:9c:88:a4:90:67:77:87:ca:62: b8:3e:85:27:6c:73:7c:8a:a9:31:86:32:8a:5e:cb:35:91:91: a1:ce:b1:28:21:78:85:27:b1:11:49:44:cd:b5:69:a5:93:2d: e7:77:42:08:e0:c7:bc:ad:f1:d9:e6:80:54:ba:57:c6:f4:b1: 0a:fe:b8:d0:48:bf:db:94:09:ab:f6:c9:6e:23:11:e9:4f:75: f4:be:17:9b:01:dd:07:9d:c7:60:67:c1:ac:f8:c5:8b:d5:a2: 2a:5e:f9:b3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZE0NvkMrbA/V1RX9OSWSo/BCdlcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA1MVoX DTI3MDMwMzA2MDU1MVowMzExMC8GA1UEAxMoRUY3MEI3MkI1QzFCOTMzRjJBMTZF NTM1Rjk3NDUxMjAxMkUyOTM5NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPTuGsYGqULynx4yIfNSXPJFGEkq6rN197HHjTiMkUrc/aGcMD+7dojD0EW4 NIXC9n7+TE0yDgL3EyM7nOzFRbMIeJRvJw2AYRXYAT7jWTvKskZj8Hjbl9yoUzKw sBD7jcvFlG2oafxOQhcaXu34NykdsRCeh1I2nQFSilh/o8sdx5g2Y67/PDqmMVsn F1uRgwn8hMjttE5j5pQQrA2xnxSfD4yk9OuHpxATcmptakOH3ZaeAMW4dDkMZOie H4cmpGliCK9/9vha0yoWeVpt4fq652InVbBzuBFyN+Y0ZfbJBZ9meV3TnznEBl/3 FimhmZB/RVZ4kukkngi5hgirY4kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTvcLcr XBuTPyoW5TX5dFEgEuKTlzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzMyMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oqEwDQYJKoZIhvcNAQELBQADggEBAB9ZSYVdvV6gzVa89+DSGWUs/KhbILkBxEXS 81sMRcmoIqfJV6q8an2jTW0p+Gkp0+XLWRzdn/FmlZaj+gp0dmH7mUU4A1I0jfiH oX3QDXHLgw0StoXg7D2oNfDPLwcJBSjvHot2VxxgkqW51raAh0RRQe5NIF57SSNp RBQq/zkJj57mOv5T9Tk/q3J4TFBxeMVIuzdFT5Rw5ZyIpJBnd4fKYrg+hSdsc3yK qTGGMopeyzWRkaHOsSgheIUnsRFJRM21aaWTLed3Qgjgx7yt8dnmgFS6V8b0sQr+ uNBIv9uUCav2yW4jEelPdfS+F5sB3Qedx2Bnwaz4xYvVoipe+bM= -----END CERTIFICATE-----Generated at Sat Mar 28 14:26:36 2026 by rpki-client