$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143346.roa File: AS143346.roa (raw, json) Hash identifier: CPXK0fI7h3HLYPWllAmoVuSgJx+Q7HP6KsxJ2lDsrss= Subject key identifier: 94:29:75:EE:69:20:4F:E6:F5:FA:32:C4:C5:80:3F:52:06:5C:EB:DA Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 321D5FFB680D3D7A7E2BD618BCEA33771DFF96DC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143346.roa Signing time: Wed 04 Mar 2026 06:05:40 +0000 ROA not before: Wed 04 Mar 2026 06:00:40 +0000 ROA not after: Wed 03 Mar 2027 06:05:40 +0000 asID: 143346 IP address blocks: 240a:a2b8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:1d:5f:fb:68:0d:3d:7a:7e:2b:d6:18:bc:ea:33:77:1d:ff:96:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:40 2026 GMT Not After : Mar 3 06:05:40 2027 GMT Subject: CN=942975EE69204FE6F5FA32C4C5803F52065CEBDA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:0a:a6:4c:a1:84:a7:97:4f:59:3b:37:6b:b3: ed:22:0e:69:83:dd:ee:c4:d9:34:5c:70:98:58:4e: 66:5b:a9:d4:d9:df:cb:2a:61:44:4c:f3:16:8a:a4: 9c:5a:7b:13:28:70:f3:f4:af:66:15:9e:1d:3d:db: b3:a4:13:16:26:7e:e1:a1:be:4a:44:53:b0:d5:17: 49:39:9c:7a:9c:4b:d6:5e:55:1e:f3:95:dc:20:01: 0c:0c:14:d6:ad:74:db:37:fc:08:4f:cf:d3:32:e3: 0e:c4:4a:b7:10:12:1b:e6:07:b8:52:79:2d:e9:0e: 34:2a:8c:06:ce:38:78:5c:1c:ce:b7:52:35:e3:20: 2c:c3:82:85:e2:69:29:9a:dc:73:54:ef:d0:5c:0a: f9:5e:8b:eb:d7:a8:eb:97:67:a8:f7:6b:d2:9f:a7: 2e:8d:9b:27:af:0b:4d:bd:35:d9:4c:6b:c0:b7:f2: f5:0c:56:30:47:88:f3:e0:93:57:41:5f:ab:a3:e9: d5:7b:2a:be:e1:c5:66:36:03:8e:31:de:b9:f2:34: f8:a9:56:4e:94:02:8c:a3:ae:32:b1:be:27:62:12: ce:58:d1:dd:ee:08:52:9a:62:a0:f9:12:fc:e1:6c: ed:a3:29:9e:0a:e7:00:b7:cf:24:18:9e:42:88:3f: 20:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:29:75:EE:69:20:4F:E6:F5:FA:32:C4:C5:80:3F:52:06:5C:EB:DA X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143346.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2b8::/32 Signature Algorithm: sha256WithRSAEncryption 5f:89:13:eb:56:81:ba:f6:5d:21:c5:14:40:4f:41:f5:9c:2e: 96:7c:a5:fa:61:a2:9d:d3:be:99:35:f6:5f:36:c2:89:a0:80: 55:82:2a:fa:35:a0:df:6a:09:12:81:66:e5:af:af:53:50:b2: 38:95:57:c3:c0:5c:9a:2f:ef:27:a9:3f:53:1e:e8:ad:23:32: 09:64:96:f2:2e:5c:ec:78:4b:6b:e3:f3:e5:80:7d:9e:08:60: bc:c0:1a:34:77:f9:c8:1c:d9:1b:ec:0d:50:b7:bd:25:e0:d9: 4a:f8:c3:18:c4:61:47:8d:1d:5c:15:3a:67:aa:51:7a:13:3a: 47:19:e6:16:59:6b:70:fd:e0:ee:85:88:b6:63:30:58:08:47: ec:6b:20:72:03:c2:ea:d1:40:0a:d1:b0:f3:cd:12:d9:6a:f1: c2:63:aa:7a:d7:dd:28:00:46:79:90:24:53:f4:aa:01:b7:b8: d2:c4:85:8d:2c:27:22:ed:88:2b:c1:90:93:1a:30:13:6d:8a: 8b:04:fa:e6:96:6e:74:9f:a2:92:f2:15:b9:29:97:82:a9:a7: 94:0f:b9:fb:8c:9f:ca:2a:e7:a7:e2:b3:b5:a3:85:56:25:18: df:49:6a:f2:c6:ad:c6:be:5e:10:29:a3:69:79:ea:ec:bf:83: 74:6d:2c:0c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMh1f+2gNPXp+K9YYvOozdx3/ltwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA0MFoX DTI3MDMwMzA2MDU0MFowMzExMC8GA1UEAxMoOTQyOTc1RUU2OTIwNEZFNkY1RkEz MkM0QzU4MDNGNTIwNjVDRUJEQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANMKpkyhhKeXT1k7N2uz7SIOaYPd7sTZNFxwmFhOZlup1NnfyyphREzzFoqk nFp7Eyhw8/SvZhWeHT3bs6QTFiZ+4aG+SkRTsNUXSTmcepxL1l5VHvOV3CABDAwU 1q102zf8CE/P0zLjDsRKtxASG+YHuFJ5LekONCqMBs44eFwczrdSNeMgLMOCheJp KZrcc1Tv0FwK+V6L69eo65dnqPdr0p+nLo2bJ68LTb012UxrwLfy9QxWMEeI8+CT V0Ffq6Pp1XsqvuHFZjYDjjHeufI0+KlWTpQCjKOuMrG+J2ISzljR3e4IUppioPkS /OFs7aMpngrnALfPJBieQog/IGECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSUKXXu aSBP5vX6MsTFgD9SBlzr2jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzM0Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK orgwDQYJKoZIhvcNAQELBQADggEBAF+JE+tWgbr2XSHFFEBPQfWcLpZ8pfphop3T vpk19l82womggFWCKvo1oN9qCRKBZuWvr1NQsjiVV8PAXJov7yepP1Me6K0jMglk lvIuXOx4S2vj8+WAfZ4IYLzAGjR3+cgc2RvsDVC3vSXg2Ur4wxjEYUeNHVwVOmeq UXoTOkcZ5hZZa3D94O6FiLZjMFgIR+xrIHIDwurRQArRsPPNEtlq8cJjqnrX3SgA RnmQJFP0qgG3uNLEhY0sJyLtiCvBkJMaMBNtiosE+uaWbnSfopLyFbkpl4Kpp5QP ufuMn8oq56fis7WjhVYlGN9JavLGrca+XhApo2l56uy/g3RtLAw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:57 2026 by rpki-client