$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143348.roa File: AS143348.roa (raw, json) Hash identifier: ixwvIm37T5/zlUTz9PrL35xUElHRtNCcwci7Udr+mNQ= Subject key identifier: F6:C1:EE:B5:00:41:C8:34:6B:57:9F:A6:A3:D0:4B:B0:C6:6A:91:E3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 11D6CB08A517F0DD6E85D4602339423BEBCC50BA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143348.roa Signing time: Wed 04 Mar 2026 06:07:51 +0000 ROA not before: Wed 04 Mar 2026 06:02:51 +0000 ROA not after: Wed 03 Mar 2027 06:07:51 +0000 asID: 143348 IP address blocks: 240a:a2ba::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:d6:cb:08:a5:17:f0:dd:6e:85:d4:60:23:39:42:3b:eb:cc:50:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:51 2026 GMT Not After : Mar 3 06:07:51 2027 GMT Subject: CN=F6C1EEB50041C8346B579FA6A3D04BB0C66A91E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:b5:02:1d:ec:e3:fc:35:48:30:d2:66:0b:05: 20:44:35:03:99:cb:4b:b7:f9:23:21:e9:01:bb:c6: 40:87:2e:f5:e8:05:41:68:d5:e0:74:e0:cb:50:3c: 5b:fc:e2:87:d1:ed:05:07:46:df:69:e7:b7:aa:16: c9:56:b2:dc:c1:27:bf:a7:8f:a0:9e:7b:8f:8d:bd: 06:3b:e9:d7:4d:08:e3:39:57:10:d6:e4:d7:16:79: ff:09:2f:d0:a8:77:ed:d6:3b:fa:7a:be:bb:54:91: 11:05:6b:5c:20:80:85:df:db:bd:65:4c:9a:41:0c: 68:82:c0:10:72:92:0b:e7:39:8b:c0:42:7f:36:c5: 44:79:a6:4f:b8:da:d2:34:9c:9c:fc:c3:c9:e9:74: 4f:a2:fb:35:60:a1:22:7a:b2:70:b6:d9:dd:50:c9: f7:a0:53:94:a5:ee:39:b6:72:19:e4:e3:75:8b:d1: 51:1b:30:b9:19:e4:1f:9c:96:b3:f8:fc:4a:fa:14: 0d:00:47:4a:46:99:dc:5b:e3:cb:00:de:0a:98:44: 91:a1:4f:a7:c8:4e:a3:ca:51:6b:6c:f9:86:70:0c: b9:fb:f9:bc:4f:9a:6a:c6:38:23:c1:9c:f8:14:33: c3:dd:8e:7e:04:ad:0a:fb:5a:56:dc:cf:ce:81:b7: 69:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:C1:EE:B5:00:41:C8:34:6B:57:9F:A6:A3:D0:4B:B0:C6:6A:91:E3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143348.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2ba::/32 Signature Algorithm: sha256WithRSAEncryption 5b:20:e9:d5:9a:e8:0d:2f:79:65:bc:6a:b4:1a:a1:61:36:70: a9:57:49:4d:11:d4:f5:0e:96:42:42:8a:b7:34:17:da:d0:c7: 99:e9:a0:43:03:f9:7d:57:98:dc:2f:67:c9:17:3c:0b:d9:eb: ff:9a:8e:2f:4c:34:7f:32:ca:0e:60:5f:7c:5c:93:61:c7:4d: a7:55:ba:29:23:b1:5b:38:a3:00:5f:7d:a5:67:aa:d0:a1:7b: 72:b0:a1:1a:59:5d:98:73:4c:76:65:ef:78:dc:d1:ba:6b:f9: e8:0b:9e:82:20:2e:1f:63:50:e6:8c:12:0e:b6:3f:8a:57:03: e8:cf:fd:7b:b2:4a:77:b4:5f:3e:bb:85:c3:d2:6f:46:29:68: d6:3e:e0:64:7b:b2:48:56:40:69:96:cb:87:ef:e8:09:5d:12: 3a:1a:66:28:76:73:e3:83:b8:ad:47:8b:e4:b2:40:87:14:a4: 6a:05:6e:65:a5:c4:b8:3c:61:3e:c3:82:54:f3:af:5f:f8:7f: 9f:e1:4e:e2:53:30:81:28:d0:43:42:5b:24:f8:1c:09:9a:62: 03:f9:02:12:07:a8:8e:8e:21:7a:f2:fe:03:9c:12:f2:fd:24: 42:20:cf:42:d6:92:c5:f4:1a:44:23:19:c0:d8:fb:d4:a8:45: 07:b6:d7:91 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUEdbLCKUX8N1uhdRgIzlCO+vMULowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI1MVoX DTI3MDMwMzA2MDc1MVowMzExMC8GA1UEAxMoRjZDMUVFQjUwMDQxQzgzNDZCNTc5 RkE2QTNEMDRCQjBDNjZBOTFFMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL+1Ah3s4/w1SDDSZgsFIEQ1A5nLS7f5IyHpAbvGQIcu9egFQWjV4HTgy1A8 W/zih9HtBQdG32nnt6oWyVay3MEnv6ePoJ57j429Bjvp100I4zlXENbk1xZ5/wkv 0Kh37dY7+nq+u1SREQVrXCCAhd/bvWVMmkEMaILAEHKSC+c5i8BCfzbFRHmmT7ja 0jScnPzDyel0T6L7NWChInqycLbZ3VDJ96BTlKXuObZyGeTjdYvRURswuRnkH5yW s/j8SvoUDQBHSkaZ3FvjywDeCphEkaFPp8hOo8pRa2z5hnAMufv5vE+aasY4I8Gc +BQzw92OfgStCvtaVtzPzoG3aakCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT2we61 AEHINGtXn6aj0EuwxmqR4zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzM0OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK orowDQYJKoZIhvcNAQELBQADggEBAFsg6dWa6A0veWW8arQaoWE2cKlXSU0R1PUO lkJCirc0F9rQx5npoEMD+X1XmNwvZ8kXPAvZ6/+aji9MNH8yyg5gX3xck2HHTadV uikjsVs4owBffaVnqtChe3KwoRpZXZhzTHZl73jc0bpr+egLnoIgLh9jUOaMEg62 P4pXA+jP/XuySne0Xz67hcPSb0YpaNY+4GR7skhWQGmWy4fv6AldEjoaZih2c+OD uK1Hi+SyQIcUpGoFbmWlxLg8YT7DglTzr1/4f5/hTuJTMIEo0ENCWyT4HAmaYgP5 AhIHqI6OIXry/gOcEvL9JEIgz0LWksX0GkQjGcDY+9SoRQe215E= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:53 2026 by rpki-client