$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143334.roa File: AS143334.roa (raw, json) Hash identifier: zTHT+BeKnvoIuEgl0M7Nfx6oFBvm0X88rIET/9006p4= Subject key identifier: 99:49:16:5D:E8:C3:B5:A3:E8:FA:AE:59:93:A7:FA:2E:FD:63:4D:1D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1213EFC866B35E5EB4D585794D09EC8F9D1C4FE2 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143334.roa Signing time: Wed 04 Mar 2026 06:07:44 +0000 ROA not before: Wed 04 Mar 2026 06:02:44 +0000 ROA not after: Wed 03 Mar 2027 06:07:44 +0000 asID: 143334 IP address blocks: 240a:a2ac::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:13:ef:c8:66:b3:5e:5e:b4:d5:85:79:4d:09:ec:8f:9d:1c:4f:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:44 2026 GMT Not After : Mar 3 06:07:44 2027 GMT Subject: CN=9949165DE8C3B5A3E8FAAE5993A7FA2EFD634D1D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:e6:05:0c:9a:70:be:c1:7e:58:a9:a9:60:c1: 36:5d:a9:f0:6f:36:5b:73:73:67:e4:4b:97:b5:43: 49:83:a1:b2:e4:11:7a:4b:25:85:6e:c1:81:ad:71: 5b:60:9e:18:49:d1:e2:e1:7d:38:c2:f9:75:ec:f8: b3:7c:6c:c4:e3:ac:b2:e1:98:37:ef:11:60:86:38: a4:00:64:40:1b:71:3a:b9:ae:9d:77:f8:87:be:69: 23:d3:b1:23:bb:b1:37:52:ef:79:42:44:97:a5:3d: a8:7c:0d:9b:09:6d:49:48:22:a4:f4:e3:cb:cb:43: 98:c7:fe:12:d7:32:dc:33:5f:73:5e:b1:6f:1b:fa: 5b:bd:28:e5:a1:f0:60:12:07:4a:20:8a:46:dc:1b: 15:e9:76:fb:d9:39:30:b8:ad:f3:1d:28:c4:c1:35: c1:4e:bb:53:07:7b:5e:7b:ad:2e:94:00:94:a3:f3: f4:eb:ea:b3:c0:7a:0a:6d:28:48:1e:11:e5:2c:d4: fe:69:25:51:47:ad:46:c5:77:cb:98:40:76:3e:75: 37:b8:8a:dd:57:68:ec:eb:96:39:62:6e:c2:e9:8e: 85:92:b5:29:74:05:90:83:38:b8:a0:3a:50:aa:46: c5:ef:00:be:a9:8d:c5:0f:b9:71:70:68:d8:a7:47: 9f:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:49:16:5D:E8:C3:B5:A3:E8:FA:AE:59:93:A7:FA:2E:FD:63:4D:1D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143334.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2ac::/32 Signature Algorithm: sha256WithRSAEncryption 09:aa:16:6c:e7:e8:d0:e5:c1:b5:39:db:11:3b:f9:2a:19:40: b4:66:09:ee:a7:a6:74:00:2f:d6:7c:90:30:02:2e:cd:42:2f: 53:44:ca:9f:5c:fb:f3:0c:27:51:95:c3:e9:ba:b3:13:58:a9: ad:cf:14:aa:89:4f:a5:13:bc:3d:b9:19:a4:88:49:f0:1d:74: b9:d1:e7:38:66:40:cf:d8:93:86:28:9c:4c:0a:55:14:ec:71: b2:70:c7:11:3b:d7:1b:eb:60:8a:59:ff:ef:27:0d:b7:1b:2c: 68:88:8b:00:91:69:3b:ca:fb:dc:54:f9:bb:12:c9:9d:a6:ec: 54:a3:06:99:d3:a3:13:ee:fa:04:b4:93:4b:c2:6d:08:83:c0: 44:e9:a0:50:eb:76:52:cf:68:11:8d:f9:c4:85:c7:fb:f0:e6: 13:da:9c:e3:5e:9f:c6:c1:1b:a0:36:fa:c6:be:45:c0:99:7c: 70:5e:30:0b:76:31:ac:7e:55:24:c2:f6:e3:6b:05:db:08:63: e1:37:a5:8a:b3:17:02:e3:5e:78:09:e1:30:0e:23:54:8c:a7: 5b:75:01:d2:ad:df:3b:e1:77:44:cb:ab:d0:3a:22:cc:6a:80: bb:c1:3c:18:16:4a:f3:09:4f:9a:e7:d6:65:da:6c:05:10:10: e1:f4:54:38 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUEhPvyGazXl601YV5TQnsj50cT+IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI0NFoX DTI3MDMwMzA2MDc0NFowMzExMC8GA1UEAxMoOTk0OTE2NURFOEMzQjVBM0U4RkFB RTU5OTNBN0ZBMkVGRDYzNEQxRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJzmBQyacL7BflipqWDBNl2p8G82W3NzZ+RLl7VDSYOhsuQRekslhW7Bga1x W2CeGEnR4uF9OML5dez4s3xsxOOssuGYN+8RYIY4pABkQBtxOrmunXf4h75pI9Ox I7uxN1LveUJEl6U9qHwNmwltSUgipPTjy8tDmMf+Etcy3DNfc16xbxv6W70o5aHw YBIHSiCKRtwbFel2+9k5MLit8x0oxME1wU67Uwd7XnutLpQAlKPz9Ovqs8B6Cm0o SB4R5SzU/mklUUetRsV3y5hAdj51N7iK3Vdo7OuWOWJuwumOhZK1KXQFkIM4uKA6 UKpGxe8AvqmNxQ+5cXBo2KdHn/sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSZSRZd 6MO1o+j6rlmTp/ou/WNNHTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzMzNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oqwwDQYJKoZIhvcNAQELBQADggEBAAmqFmzn6NDlwbU52xE7+SoZQLRmCe6npnQA L9Z8kDACLs1CL1NEyp9c+/MMJ1GVw+m6sxNYqa3PFKqJT6UTvD25GaSISfAddLnR 5zhmQM/Yk4YonEwKVRTscbJwxxE71xvrYIpZ/+8nDbcbLGiIiwCRaTvK+9xU+bsS yZ2m7FSjBpnToxPu+gS0k0vCbQiDwETpoFDrdlLPaBGN+cSFx/vw5hPanONen8bB G6A2+sa+RcCZfHBeMAt2Max+VSTC9uNrBdsIY+E3pYqzFwLjXngJ4TAOI1SMp1t1 AdKt3zvhd0TLq9A6IsxqgLvBPBgWSvMJT5rn1mXabAUQEOH0VDg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:46 2026 by rpki-client