$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143342.roa File: AS143342.roa (raw, json) Hash identifier: tmIDH35WoT8QsB+/WbbSLt6anq9TYhRhnD1/dh957Cc= Subject key identifier: 1E:A8:40:40:AE:9A:D5:7B:4C:FB:41:63:09:C8:01:4A:F8:97:89:56 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 427D63ED3621C13D1DFB75F9BDE5ECE391D94091 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143342.roa Signing time: Wed 04 Mar 2026 06:07:50 +0000 ROA not before: Wed 04 Mar 2026 06:02:50 +0000 ROA not after: Wed 03 Mar 2027 06:07:50 +0000 asID: 143342 IP address blocks: 240a:a2b4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:7d:63:ed:36:21:c1:3d:1d:fb:75:f9:bd:e5:ec:e3:91:d9:40:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:50 2026 GMT Not After : Mar 3 06:07:50 2027 GMT Subject: CN=1EA84040AE9AD57B4CFB416309C8014AF8978956 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:5e:c2:a9:28:69:ec:59:44:28:8a:41:9b:86: c9:57:ad:36:13:a6:c4:2a:25:88:ac:54:e3:5e:a3: 8f:8e:54:5a:22:04:96:bf:81:7b:f0:96:39:92:3c: 51:78:02:09:a9:99:40:f3:7d:0b:21:e1:13:29:b1: a3:9a:0a:a8:23:81:57:36:12:de:18:c5:c1:c8:63: 9a:6e:61:3d:21:c3:ba:08:81:cf:79:ca:d3:30:cf: 4d:d0:3e:cd:83:a6:97:50:62:25:5d:8b:9d:31:bb: be:46:bd:1e:9e:fb:8c:33:bd:a3:d6:0f:5e:77:14: 81:00:22:e7:eb:b9:f2:8e:6e:a3:02:6f:06:6a:3f: bf:b1:5a:f4:50:aa:52:b5:84:51:ac:64:de:cc:98: 5b:45:e2:6d:8b:1f:3f:65:d2:e9:33:db:4b:df:82: ee:f0:75:ec:0e:6a:72:8c:e3:a1:2b:8b:0d:fa:7f: c9:e9:c0:42:3e:fd:ae:da:4a:bc:bf:7d:25:54:f2: 62:1d:cb:1d:bd:46:8e:ee:20:db:32:06:24:1a:a9: 33:0c:0c:38:d4:8b:fc:93:b3:5f:eb:fc:af:b0:92: 3e:1b:3c:cc:24:8b:03:24:c2:ba:9f:7d:a7:da:c2: ae:ea:be:d8:b4:3c:69:49:99:ac:3a:9d:67:9f:a1: 8b:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:A8:40:40:AE:9A:D5:7B:4C:FB:41:63:09:C8:01:4A:F8:97:89:56 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143342.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2b4::/32 Signature Algorithm: sha256WithRSAEncryption 39:6b:c6:2b:8a:16:f7:8c:63:eb:e2:af:09:76:73:b6:fd:cd: 48:b7:b5:3f:af:4d:28:08:45:a9:5c:3c:b1:33:03:fd:cf:ea: a3:32:42:8d:c2:58:97:14:36:22:59:1b:3c:88:b8:92:00:6a: 8b:4e:e6:6c:ab:c3:96:a5:5d:a5:64:b5:6b:2f:72:af:08:bd: 45:c1:9a:92:68:32:62:64:39:9b:f0:52:de:af:e0:5d:06:55: 5f:14:a6:09:ed:1a:4f:f0:fc:1f:4e:cc:e0:76:29:0e:55:9d: 13:b4:6b:e4:de:3d:b1:a9:ff:fd:36:a5:95:3d:20:27:11:b2: 64:bc:15:81:6d:49:b5:39:72:bc:80:a4:ec:6b:3a:1f:e9:1e: 04:e4:8e:4c:d3:a7:fe:04:db:88:b0:92:ca:cb:ad:21:9b:36: d2:3c:0d:ef:96:8f:01:1e:f0:c7:58:5c:99:b0:6e:3c:d4:fb: 26:53:0b:7b:be:51:c1:c4:ae:95:8d:0b:65:a4:c1:97:40:4a: 94:6f:91:c6:cc:4d:52:06:8f:a8:44:61:b4:d6:89:61:87:2e: 52:99:fb:c0:cb:d5:40:cb:f9:1b:1c:14:0e:9f:85:37:65:9a: 6b:d9:11:02:e1:e6:a6:3a:9a:78:85:1d:2d:f0:0f:43:81:0f: cc:9e:db:16 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQn1j7TYhwT0d+3X5veXs45HZQJEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI1MFoX DTI3MDMwMzA2MDc1MFowMzExMC8GA1UEAxMoMUVBODQwNDBBRTlBRDU3QjRDRkI0 MTYzMDlDODAxNEFGODk3ODk1NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKtewqkoaexZRCiKQZuGyVetNhOmxColiKxU416jj45UWiIElr+Be/CWOZI8 UXgCCamZQPN9CyHhEymxo5oKqCOBVzYS3hjFwchjmm5hPSHDugiBz3nK0zDPTdA+ zYOml1BiJV2LnTG7vka9Hp77jDO9o9YPXncUgQAi5+u58o5uowJvBmo/v7Fa9FCq UrWEUaxk3syYW0XibYsfP2XS6TPbS9+C7vB17A5qcozjoSuLDfp/yenAQj79rtpK vL99JVTyYh3LHb1Gju4g2zIGJBqpMwwMONSL/JOzX+v8r7CSPhs8zCSLAyTCup99 p9rCruq+2LQ8aUmZrDqdZ5+hi1kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQeqEBA rprVe0z7QWMJyAFK+JeJVjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzM0Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK orQwDQYJKoZIhvcNAQELBQADggEBADlrxiuKFveMY+virwl2c7b9zUi3tT+vTSgI RalcPLEzA/3P6qMyQo3CWJcUNiJZGzyIuJIAaotO5myrw5alXaVktWsvcq8IvUXB mpJoMmJkOZvwUt6v4F0GVV8UpgntGk/w/B9OzOB2KQ5VnRO0a+TePbGp//02pZU9 ICcRsmS8FYFtSbU5cryApOxrOh/pHgTkjkzTp/4E24iwksrLrSGbNtI8De+WjwEe 8MdYXJmwbjzU+yZTC3u+UcHErpWNC2WkwZdASpRvkcbMTVIGj6hEYbTWiWGHLlKZ +8DL1UDL+RscFA6fhTdlmmvZEQLh5qY6mniFHS3wD0OBD8ye2xY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:46 2026 by rpki-client