$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143343.roa File: AS143343.roa (raw, json) Hash identifier: TMYrhY020l6gv0QZDECVXRqZLXtBA+XE6wJ6s/rv0Fk= Subject key identifier: 83:12:3A:6D:AE:1E:0F:77:2A:7F:07:CF:A8:62:C2:B0:D6:2D:36:EB Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 237C913DA37B4EE7F439E4E3EF2EB68ACCB3950B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143343.roa Signing time: Wed 04 Mar 2026 06:07:41 +0000 ROA not before: Wed 04 Mar 2026 06:02:41 +0000 ROA not after: Wed 03 Mar 2027 06:07:41 +0000 asID: 143343 IP address blocks: 240a:a2b5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:7c:91:3d:a3:7b:4e:e7:f4:39:e4:e3:ef:2e:b6:8a:cc:b3:95:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:41 2026 GMT Not After : Mar 3 06:07:41 2027 GMT Subject: CN=83123A6DAE1E0F772A7F07CFA862C2B0D62D36EB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:fa:8f:8d:81:f9:34:cf:67:0b:69:3d:46:ac: 05:2a:c4:a1:d6:47:1b:a6:5f:b8:cd:c5:30:04:89: ef:0f:ab:7f:0a:55:52:71:f3:5f:70:68:73:ca:7f: 26:8a:e4:13:84:dd:cf:e5:1e:8e:31:46:b6:93:c6: 88:09:d8:aa:78:2b:0b:f9:58:fc:a2:5c:62:44:59: 62:22:a4:48:73:b0:76:9c:05:e2:7b:4d:b7:2b:7a: 56:5a:c7:dd:4e:fc:5c:91:4b:fc:8f:bf:e0:8b:75: 94:86:72:e5:63:7b:eb:3b:16:74:5d:cd:4a:c0:56: fd:cd:0e:3e:06:5f:79:e6:32:4e:7d:4a:62:e2:fa: e0:a3:88:19:7c:6e:75:7e:77:bf:5e:c8:fd:54:a7: bd:f5:a3:b5:e5:77:d9:ef:5f:ff:2f:e9:f1:41:f0: 7e:85:9b:67:d4:40:47:80:55:46:43:ab:4d:b7:e6: e3:48:0a:d1:43:94:8c:d9:64:dc:75:24:8f:db:5d: 14:a1:1c:0d:16:df:f3:db:44:12:f0:c1:4a:fc:87: 4a:89:a0:15:84:1a:09:e8:62:3a:93:4d:3d:27:09: 9f:58:76:85:6e:de:8c:36:71:af:5f:a1:c3:c1:c9: 6b:65:44:35:85:7a:c8:69:b5:c4:88:15:bf:2b:e2: b3:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:12:3A:6D:AE:1E:0F:77:2A:7F:07:CF:A8:62:C2:B0:D6:2D:36:EB X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143343.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2b5::/32 Signature Algorithm: sha256WithRSAEncryption 57:71:46:e8:0a:d8:a8:92:b4:59:21:9b:06:80:f2:b4:96:64: 77:22:e2:c0:70:d1:7a:0b:8d:1e:b6:93:35:c0:31:55:ff:1e: a4:b3:7d:de:22:b6:9c:b3:93:bd:c2:a1:f0:38:9e:11:b5:7a: 4a:fa:b9:8d:ac:31:4a:fc:c1:dd:93:d2:23:68:78:8e:6a:af: dc:0e:bf:54:56:49:1b:3a:e5:5d:65:61:c0:5b:2b:25:60:59: a2:c4:92:58:41:6d:e7:db:84:15:00:a0:38:d9:45:84:d5:c0: c7:81:1c:32:dc:dc:6e:0a:70:f0:b6:7c:4d:de:9a:8f:0b:24: aa:80:84:e2:95:80:c6:77:f0:97:af:19:d6:f5:db:88:8f:94: 0f:57:f6:2b:cb:2b:18:d5:eb:18:8d:2a:3f:ca:21:9d:04:81: 21:3d:2b:61:70:2c:39:f0:47:42:d0:56:3d:04:e3:71:58:79: e7:76:8a:b3:6a:9c:4f:55:c9:e2:e5:45:33:3f:34:50:e4:50: 18:c8:80:80:a3:38:0c:36:f4:67:4b:2c:73:c8:d8:01:a1:f6: d3:77:e4:54:7f:eb:58:ea:72:cd:60:38:e1:21:cb:d3:eb:a0: 6f:91:97:6e:3d:e9:04:77:d7:8f:fb:35:18:ba:0e:19:b1:70: 28:1b:7e:bc -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUI3yRPaN7Tuf0OeTj7y62isyzlQswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI0MVoX DTI3MDMwMzA2MDc0MVowMzExMC8GA1UEAxMoODMxMjNBNkRBRTFFMEY3NzJBN0Yw N0NGQTg2MkMyQjBENjJEMzZFQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANr6j42B+TTPZwtpPUasBSrEodZHG6ZfuM3FMASJ7w+rfwpVUnHzX3Boc8p/ JorkE4Tdz+UejjFGtpPGiAnYqngrC/lY/KJcYkRZYiKkSHOwdpwF4ntNtyt6VlrH 3U78XJFL/I+/4It1lIZy5WN76zsWdF3NSsBW/c0OPgZfeeYyTn1KYuL64KOIGXxu dX53v17I/VSnvfWjteV32e9f/y/p8UHwfoWbZ9RAR4BVRkOrTbfm40gK0UOUjNlk 3HUkj9tdFKEcDRbf89tEEvDBSvyHSomgFYQaCehiOpNNPScJn1h2hW7ejDZxr1+h w8HJa2VENYV6yGm1xIgVvyvis3cCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSDEjpt rh4Pdyp/B8+oYsKw1i026zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzM0My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK orUwDQYJKoZIhvcNAQELBQADggEBAFdxRugK2KiStFkhmwaA8rSWZHci4sBw0XoL jR62kzXAMVX/HqSzfd4itpyzk73CofA4nhG1ekr6uY2sMUr8wd2T0iNoeI5qr9wO v1RWSRs65V1lYcBbKyVgWaLEklhBbefbhBUAoDjZRYTVwMeBHDLc3G4KcPC2fE3e mo8LJKqAhOKVgMZ38JevGdb124iPlA9X9ivLKxjV6xiNKj/KIZ0EgSE9K2FwLDnw R0LQVj0E43FYeed2irNqnE9VyeLlRTM/NFDkUBjIgICjOAw29GdLLHPI2AGh9tN3 5FR/61jqcs1gOOEhy9ProG+Rl2496QR314/7NRi6DhmxcCgbfrw= -----END CERTIFICATE-----Generated at Sat Mar 28 13:14:04 2026 by rpki-client