$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143325.roa File: AS143325.roa (raw, json) Hash identifier: Xlc72WRoV3xVA83Qe0hB4Kp6QpEixvcAT9wHleOf0yg= Subject key identifier: FE:52:F0:8A:B4:AB:3A:3E:BB:8C:0A:03:13:35:0B:10:70:30:8F:C0 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 50DF738C029CF0DB97E0E18C6B53194C7AA66495 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143325.roa Signing time: Wed 04 Mar 2026 06:06:09 +0000 ROA not before: Wed 04 Mar 2026 06:01:09 +0000 ROA not after: Wed 03 Mar 2027 06:06:09 +0000 asID: 143325 IP address blocks: 240a:a2a3::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:df:73:8c:02:9c:f0:db:97:e0:e1:8c:6b:53:19:4c:7a:a6:64:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:09 2026 GMT Not After : Mar 3 06:06:09 2027 GMT Subject: CN=FE52F08AB4AB3A3EBB8C0A0313350B1070308FC0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:f2:d5:1b:8a:da:ce:59:e2:27:30:e8:ab:98: f2:0a:47:5d:1f:51:6d:b5:77:0f:4a:41:3d:12:8f: c4:0a:60:b6:35:51:18:88:42:aa:b1:16:c1:4e:1c: 8a:42:3d:21:3b:f6:b5:0f:da:b5:b7:b0:d2:56:94: 76:37:33:e7:34:5d:e0:d5:64:29:a6:1c:4f:01:3f: 97:a8:b2:27:95:fb:b3:8c:d7:99:6d:f5:01:2b:2d: fe:0d:c1:3f:61:37:b6:84:4a:49:92:ac:20:37:38: 67:3c:42:b6:13:4b:48:da:ca:d7:a7:05:19:dd:68: 66:fb:e9:83:cd:28:82:91:6f:07:1f:d4:1a:15:ee: aa:64:e5:7f:1b:68:29:90:17:86:c8:e0:2f:8e:34: 47:5e:af:7b:44:95:1d:cb:87:57:10:de:84:87:b4: 59:1d:9a:03:f6:e4:34:09:a2:eb:b8:5e:8b:0a:ce: f3:f0:d4:1c:36:b1:b2:96:31:d6:25:59:b0:31:8a: 28:66:b1:f7:01:c6:cb:a4:71:0c:b2:47:26:94:28: 98:8c:c6:be:ce:f1:73:9a:78:e3:db:09:68:5e:d1: fe:a9:15:aa:8e:a4:7b:fe:03:48:e0:ad:d3:98:77: b2:6c:47:df:5c:46:28:f3:00:ee:09:a3:ef:1c:1e: 0e:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:52:F0:8A:B4:AB:3A:3E:BB:8C:0A:03:13:35:0B:10:70:30:8F:C0 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143325.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2a3::/32 Signature Algorithm: sha256WithRSAEncryption 4a:c1:9d:a9:cc:df:96:a4:b4:72:88:e4:ce:e4:1c:e7:0a:16: a1:d9:d8:ca:41:f0:44:40:70:8e:8d:ae:4c:fb:f9:9d:b4:66: 4d:b4:66:bb:f4:14:11:22:d8:d5:62:f1:76:98:08:bc:ab:9c: e4:6b:d7:39:f8:b6:d0:3b:4c:73:ab:e2:49:b3:e0:f3:8b:e5: 7f:e9:75:3f:13:2e:b6:09:3c:fc:44:b6:d1:70:39:95:02:59: 93:6f:06:08:e5:75:53:ff:6a:9d:e8:a1:c5:cb:68:9d:8d:1d: 47:3a:dc:f5:cf:48:3c:2c:ab:7f:03:f1:d4:22:2f:9e:cf:70: 15:f5:88:ac:fb:25:2f:e5:86:6a:fd:0d:c0:51:f8:25:8a:1d: 96:68:9b:55:7d:29:51:39:d1:0c:71:40:04:f1:dc:6a:36:26: 02:87:27:75:43:1f:ad:6a:f2:bf:5a:5c:80:08:af:ae:c5:ce: 5e:19:2d:ca:3f:0d:d9:70:d0:6a:d0:60:59:3d:7c:25:a0:ed: 65:7f:71:3a:71:40:bd:a7:c7:c4:2b:7d:0f:a8:44:54:fc:ba: a1:5b:af:39:76:1c:8a:4d:4e:99:ff:f5:68:1c:81:c6:6b:36: dd:e6:8e:b9:75:37:f1:cb:e5:df:33:ab:9a:a5:0f:5d:e8:b2: 39:cd:43:6b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUUN9zjAKc8NuX4OGMa1MZTHqmZJUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEwOVoX DTI3MDMwMzA2MDYwOVowMzExMC8GA1UEAxMoRkU1MkYwOEFCNEFCM0EzRUJCOEMw QTAzMTMzNTBCMTA3MDMwOEZDMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALXy1RuK2s5Z4icw6KuY8gpHXR9RbbV3D0pBPRKPxApgtjVRGIhCqrEWwU4c ikI9ITv2tQ/atbew0laUdjcz5zRd4NVkKaYcTwE/l6iyJ5X7s4zXmW31ASst/g3B P2E3toRKSZKsIDc4ZzxCthNLSNrK16cFGd1oZvvpg80ogpFvBx/UGhXuqmTlfxto KZAXhsjgL440R16ve0SVHcuHVxDehIe0WR2aA/bkNAmi67heiwrO8/DUHDaxspYx 1iVZsDGKKGax9wHGy6RxDLJHJpQomIzGvs7xc5p449sJaF7R/qkVqo6ke/4DSOCt 05h3smxH31xGKPMA7gmj7xweDoECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT+UvCK tKs6PruMCgMTNQsQcDCPwDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzMyNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oqMwDQYJKoZIhvcNAQELBQADggEBAErBnanM35aktHKI5M7kHOcKFqHZ2MpB8ERA cI6Nrkz7+Z20Zk20Zrv0FBEi2NVi8XaYCLyrnORr1zn4ttA7THOr4kmz4POL5X/p dT8TLrYJPPxEttFwOZUCWZNvBgjldVP/ap3oocXLaJ2NHUc63PXPSDwsq38D8dQi L57PcBX1iKz7JS/lhmr9DcBR+CWKHZZom1V9KVE50QxxQATx3Go2JgKHJ3VDH61q 8r9aXIAIr67Fzl4ZLco/Ddlw0GrQYFk9fCWg7WV/cTpxQL2nx8QrfQ+oRFT8uqFb rzl2HIpNTpn/9WgcgcZrNt3mjrl1N/HL5d8zq5qlD13osjnNQ2s= -----END CERTIFICATE-----Generated at Sat Mar 28 13:11:17 2026 by rpki-client