$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143344.roa File: AS143344.roa (raw, json) Hash identifier: kxET0F+a+nClW5bf0ZDqQJCFEI8ZLZuP/+z9d+tM+P0= Subject key identifier: FD:04:39:F1:99:70:E2:65:14:91:D9:8D:5D:1A:20:23:CF:BC:C2:2E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2F7FC72357266DEEB901BDE61375C4A798061D2A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143344.roa Signing time: Wed 04 Mar 2026 06:05:10 +0000 ROA not before: Wed 04 Mar 2026 06:00:10 +0000 ROA not after: Wed 03 Mar 2027 06:05:10 +0000 asID: 143344 IP address blocks: 240a:a2b6::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:7f:c7:23:57:26:6d:ee:b9:01:bd:e6:13:75:c4:a7:98:06:1d:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:10 2026 GMT Not After : Mar 3 06:05:10 2027 GMT Subject: CN=FD0439F19970E2651491D98D5D1A2023CFBCC22E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:96:5e:a8:b4:22:16:ff:bb:c3:02:6b:08:ea: b5:7f:98:81:e6:5b:0d:d6:e8:a6:86:78:8b:7c:05: 16:d5:ee:ce:8f:aa:ce:e3:84:c3:c7:27:08:5d:de: 4d:f8:c7:1f:bb:60:52:43:43:41:e7:61:d1:ff:1e: 96:54:57:17:b7:5c:d3:a8:11:b9:0c:a6:1b:d8:e6: e5:13:f0:4b:e3:4c:6a:f2:cf:e2:af:f2:47:ce:8f: 02:8c:8a:1c:da:6b:4b:93:3a:6f:fd:5e:af:1c:41: 2b:f3:05:44:72:98:40:7e:c0:82:5c:d0:5a:d2:16: 1d:c2:7e:ad:b0:36:d0:ad:7e:ff:bd:2e:a9:0d:3b: 71:4f:59:fa:e9:15:f8:24:cd:70:80:3e:a1:7f:72: 9f:76:c2:15:6f:cb:ca:25:1e:8e:98:4f:02:86:4a: 5f:c1:1e:e2:19:cd:8f:2c:cd:1d:d1:59:12:b4:ff: 9c:d2:df:8c:79:21:3d:40:98:25:ad:7f:68:5c:fd: 98:8e:6b:03:9a:74:8f:68:7a:c2:6f:8b:00:14:cb: 16:6b:d3:b1:6a:db:9f:e3:8d:b9:c3:22:36:b9:16: a2:3b:45:5b:5e:3a:80:4d:18:1e:ec:75:ca:85:eb: dd:74:34:a4:94:18:ec:0b:57:8e:97:b3:5c:e1:88: 49:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:04:39:F1:99:70:E2:65:14:91:D9:8D:5D:1A:20:23:CF:BC:C2:2E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143344.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2b6::/32 Signature Algorithm: sha256WithRSAEncryption 2a:fd:fb:80:98:a9:b3:15:19:ae:4f:c7:7e:55:b8:4d:2d:e8: e6:b8:ac:5f:74:9f:ad:a0:96:a9:cc:5b:47:5e:41:72:40:2b: 77:95:f1:37:2d:66:ae:62:97:a4:9f:49:79:0f:73:a5:a4:dc: 6a:dd:e8:1e:8e:ab:ed:0e:52:63:c7:91:1a:88:51:4b:cd:63: 7c:e5:9b:ae:c2:90:41:f2:e5:a1:13:d5:e4:88:1d:58:84:53: c4:8d:5e:3e:ab:4e:ad:db:e0:7f:48:27:90:4c:13:82:fc:d9: 9f:95:1e:81:79:5b:05:f4:7a:4e:fe:f1:81:be:62:43:60:6a: 1e:ce:d3:30:21:e1:35:e0:41:7d:74:13:65:83:d6:61:c7:b9: ad:1a:0a:ea:31:50:2b:76:39:92:f3:3c:5d:89:35:80:eb:3f: 9a:36:08:39:72:ae:25:58:15:3a:79:d8:ac:63:39:3c:61:ad: 32:3c:e5:9b:00:05:3b:fc:35:e2:0c:6d:8e:f6:c7:43:ce:96: 71:39:2b:43:e9:f1:f3:0a:6a:ee:a4:b6:cd:bc:c2:67:27:b2: 9a:f4:1f:76:a7:b6:ed:b0:44:67:15:7e:e5:82:ea:34:3d:5c: 61:ec:d5:52:77:0c:4e:0a:78:c2:28:2e:b9:5a:09:b4:23:2e: 28:ab:cb:a4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUL3/HI1cmbe65Ab3mE3XEp5gGHSowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAxMFoX DTI3MDMwMzA2MDUxMFowMzExMC8GA1UEAxMoRkQwNDM5RjE5OTcwRTI2NTE0OTFE OThENUQxQTIwMjNDRkJDQzIyRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJyWXqi0Ihb/u8MCawjqtX+YgeZbDdbopoZ4i3wFFtXuzo+qzuOEw8cnCF3e TfjHH7tgUkNDQedh0f8ellRXF7dc06gRuQymG9jm5RPwS+NMavLP4q/yR86PAoyK HNprS5M6b/1erxxBK/MFRHKYQH7AglzQWtIWHcJ+rbA20K1+/70uqQ07cU9Z+ukV +CTNcIA+oX9yn3bCFW/LyiUejphPAoZKX8Ee4hnNjyzNHdFZErT/nNLfjHkhPUCY Ja1/aFz9mI5rA5p0j2h6wm+LABTLFmvTsWrbn+ONucMiNrkWojtFW146gE0YHux1 yoXr3XQ0pJQY7AtXjpezXOGISb8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT9BDnx mXDiZRSR2Y1dGiAjz7zCLjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzM0NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK orYwDQYJKoZIhvcNAQELBQADggEBACr9+4CYqbMVGa5Px35VuE0t6Oa4rF90n62g lqnMW0deQXJAK3eV8TctZq5il6SfSXkPc6Wk3Grd6B6Oq+0OUmPHkRqIUUvNY3zl m67CkEHy5aET1eSIHViEU8SNXj6rTq3b4H9IJ5BME4L82Z+VHoF5WwX0ek7+8YG+ YkNgah7O0zAh4TXgQX10E2WD1mHHua0aCuoxUCt2OZLzPF2JNYDrP5o2CDlyriVY FTp52KxjOTxhrTI85ZsABTv8NeIMbY72x0POlnE5K0Pp8fMKau6kts28wmcnspr0 H3antu2wRGcVfuWC6jQ9XGHs1VJ3DE4KeMIoLrlaCbQjLiiry6Q= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:33 2026 by rpki-client