$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143338.roa File: AS143338.roa (raw, json) Hash identifier: u5a9oZhbNM7gRj00qVLMEAgRcRWEw/zjO0U3lVChIYc= Subject key identifier: AA:AD:30:A4:2A:F9:AF:BD:B6:A3:57:C2:31:A7:FB:AC:F5:CC:76:56 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 276FA08335782A36DCD23334C4CB72565F67DC4D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143338.roa Signing time: Wed 04 Mar 2026 06:08:02 +0000 ROA not before: Wed 04 Mar 2026 06:03:02 +0000 ROA not after: Wed 03 Mar 2027 06:08:02 +0000 asID: 143338 IP address blocks: 240a:a2b0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:6f:a0:83:35:78:2a:36:dc:d2:33:34:c4:cb:72:56:5f:67:dc:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:03:02 2026 GMT Not After : Mar 3 06:08:02 2027 GMT Subject: CN=AAAD30A42AF9AFBDB6A357C231A7FBACF5CC7656 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:46:b4:76:cd:8a:62:49:ac:41:09:2d:cb:2a: 72:cc:55:c7:63:76:05:89:48:41:51:b2:70:2d:ee: 4c:99:dc:9b:f2:37:da:ff:04:95:cc:e1:f4:ce:77: 8e:d5:f7:04:3b:d3:88:1d:c4:82:b8:d9:0e:72:7b: af:d6:c1:8f:ff:f7:e6:4a:97:67:f2:e8:3f:f8:5e: 80:9a:b8:95:04:62:3e:da:e1:70:45:29:82:16:96: 1f:61:b6:5f:fe:95:76:70:9f:12:08:89:55:04:f6: 17:5e:3f:27:bc:f2:db:45:9d:aa:2c:1d:c3:d8:62: 65:f2:97:7c:97:4d:53:b3:d8:d7:e3:ca:b1:f9:32: 1e:c8:4e:5f:90:33:19:e1:73:31:66:19:e6:e4:fa: 0f:92:14:10:9d:e4:f5:b4:3c:36:2c:1f:7c:b0:16: f2:89:60:d4:3d:25:d8:d1:a1:d6:ad:2e:af:74:70: a8:c6:54:40:fd:71:b3:75:9e:03:ee:ec:45:cc:d2: 6b:d5:ed:61:34:e1:60:73:f5:0f:9a:db:b0:99:9a: 97:8f:b1:77:5b:41:75:f2:db:95:0a:02:bf:69:74: be:4c:fd:ab:9f:4a:60:e0:58:b2:f7:be:5f:b4:9b: 5e:e7:6a:f4:b7:f0:2f:ab:ed:58:6c:d8:b7:86:a6: 36:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:AD:30:A4:2A:F9:AF:BD:B6:A3:57:C2:31:A7:FB:AC:F5:CC:76:56 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143338.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2b0::/32 Signature Algorithm: sha256WithRSAEncryption 0a:ae:3a:04:07:a8:0e:aa:27:c2:54:72:ba:4f:5e:d7:89:25: a7:db:80:27:c9:e5:bb:0e:16:61:07:89:69:da:5f:6d:ae:4d: d1:f4:ef:60:4d:f6:77:09:a9:ff:5f:9e:2e:0a:22:fd:8d:16: d9:ac:b5:3d:5b:b8:64:98:23:a9:d7:b3:00:32:ea:c5:0a:81: 1d:12:96:da:42:2c:54:dd:e8:05:a6:a9:e9:0d:f5:8e:33:71: 2e:10:00:41:e5:21:4e:47:41:8a:59:d6:5e:db:3a:38:37:4d: 87:b5:e3:10:fd:2b:8d:2a:ad:3c:52:3e:39:78:13:5f:f0:cc: 84:48:5e:39:5f:47:90:88:0b:16:e0:01:28:9b:2b:83:0d:45: d1:5f:0b:0e:fe:dc:f0:c7:46:c4:ad:65:fe:ba:59:e1:7d:ed: 17:8d:dc:68:12:5f:03:7b:0e:29:4b:4d:15:6e:1d:48:81:bb: 94:49:fb:a7:22:f5:b8:29:50:37:d7:f0:84:4e:5e:52:f2:10: 1f:4b:2b:dd:85:2d:1d:43:9d:79:ac:45:4a:32:0f:49:44:72: 4f:02:66:ac:aa:e6:9a:74:49:6a:1d:1d:2a:61:b8:2c:0c:5f: 47:6d:00:50:b4:06:62:5b:36:1f:cd:b9:48:f7:4f:76:a5:7f: b6:02:07:10 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJ2+ggzV4Kjbc0jM0xMtyVl9n3E0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDMwMloX DTI3MDMwMzA2MDgwMlowMzExMC8GA1UEAxMoQUFBRDMwQTQyQUY5QUZCREI2QTM1 N0MyMzFBN0ZCQUNGNUNDNzY1NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK1GtHbNimJJrEEJLcsqcsxVx2N2BYlIQVGycC3uTJncm/I32v8Elczh9M53 jtX3BDvTiB3EgrjZDnJ7r9bBj//35kqXZ/LoP/hegJq4lQRiPtrhcEUpghaWH2G2 X/6VdnCfEgiJVQT2F14/J7zy20Wdqiwdw9hiZfKXfJdNU7PY1+PKsfkyHshOX5Az GeFzMWYZ5uT6D5IUEJ3k9bQ8NiwffLAW8olg1D0l2NGh1q0ur3RwqMZUQP1xs3We A+7sRczSa9XtYTThYHP1D5rbsJmal4+xd1tBdfLblQoCv2l0vkz9q59KYOBYsve+ X7SbXudq9LfwL6vtWGzYt4amNi8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSqrTCk KvmvvbajV8Ixp/us9cx2VjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzMzOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK orAwDQYJKoZIhvcNAQELBQADggEBAAquOgQHqA6qJ8JUcrpPXteJJafbgCfJ5bsO FmEHiWnaX22uTdH072BN9ncJqf9fni4KIv2NFtmstT1buGSYI6nXswAy6sUKgR0S ltpCLFTd6AWmqekN9Y4zcS4QAEHlIU5HQYpZ1l7bOjg3TYe14xD9K40qrTxSPjl4 E1/wzIRIXjlfR5CICxbgASibK4MNRdFfCw7+3PDHRsStZf66WeF97ReN3GgSXwN7 DilLTRVuHUiBu5RJ+6ci9bgpUDfX8IROXlLyEB9LK92FLR1DnXmsRUoyD0lEck8C Zqyq5pp0SWodHSphuCwMX0dtAFC0BmJbNh/NuUj3T3alf7YCBxA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:48 2026 by rpki-client