$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143350.roa File: AS143350.roa (raw, json) Hash identifier: zaZovWd1pmCzz1rm8ZAe/u8sw1EMNOKOyJ97jyw8k7Q= Subject key identifier: 4B:77:E3:03:CC:19:E4:6B:DC:A5:ED:A4:1D:3D:2C:73:D6:74:96:4E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7C8BF2E26531BE92C50487D1764FE1C4563ACC68 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143350.roa Signing time: Wed 04 Mar 2026 06:07:13 +0000 ROA not before: Wed 04 Mar 2026 06:02:13 +0000 ROA not after: Wed 03 Mar 2027 06:07:13 +0000 asID: 143350 IP address blocks: 240a:a2bc::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:8b:f2:e2:65:31:be:92:c5:04:87:d1:76:4f:e1:c4:56:3a:cc:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:13 2026 GMT Not After : Mar 3 06:07:13 2027 GMT Subject: CN=4B77E303CC19E46BDCA5EDA41D3D2C73D674964E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:d4:de:6f:07:d5:ab:28:ec:d5:0b:e8:a3:6f: 1d:f3:f2:c0:6c:b6:76:d7:05:bf:34:6e:f7:f5:d2: 0a:a3:0e:d4:f0:c8:75:f8:84:7e:16:a0:89:5b:35: 26:65:31:86:71:2e:98:85:ba:29:d3:38:a1:3c:72: 04:f1:3e:89:18:bf:ee:8c:8b:69:1d:de:2f:2e:40: c7:23:2e:21:4d:fe:5c:58:80:1d:82:c7:24:03:1c: bf:c3:74:21:d9:04:cb:9d:d4:98:cc:79:13:8e:5f: c8:4b:4f:23:7b:df:47:2d:e9:00:c4:a4:e0:c3:cb: f0:2e:69:63:a0:59:d6:d0:c8:a6:10:9f:50:6c:c4: 3a:43:bb:58:48:78:e5:e9:4b:0b:8c:59:ff:00:07: 64:91:34:1b:25:96:9c:39:33:e6:2e:24:ec:30:2f: 00:91:05:2c:c9:0f:4e:dc:5b:7e:41:de:e9:1e:d7: 7f:ed:af:9d:82:6a:55:77:79:31:94:23:70:4d:ca: 74:3b:49:ee:52:f8:ec:ed:fb:20:15:0e:15:2a:9c: 25:6b:b2:97:6c:ea:5f:97:ee:35:45:e7:fa:70:84: 4e:82:35:08:4a:c1:a3:81:8e:c8:85:fa:5e:3a:ca: 0e:73:41:9f:73:57:15:f9:32:92:bf:14:48:a1:dc: d7:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:77:E3:03:CC:19:E4:6B:DC:A5:ED:A4:1D:3D:2C:73:D6:74:96:4E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143350.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2bc::/32 Signature Algorithm: sha256WithRSAEncryption 6b:af:eb:8b:2b:e5:44:bf:31:f8:0f:39:a1:a6:b1:d8:72:1c: 5c:a5:0a:3f:c8:b0:34:0a:af:4f:0a:db:e0:9c:25:bf:5b:0a: dd:f2:42:7c:b9:e7:8c:ea:2a:39:d4:99:b6:46:83:77:60:47: 32:fe:de:00:fe:f0:aa:1f:ee:9f:dc:c6:28:4b:1f:de:a8:ec: 2e:5a:60:33:24:19:41:b3:3d:8a:bc:50:2c:09:3c:73:4b:92: 51:f2:cb:86:e0:06:98:63:57:a4:f0:24:c1:ab:34:76:4b:c9: b7:1a:c2:7d:3a:06:6b:dd:2a:c6:32:3e:ab:17:42:84:b4:25: 8f:c0:0f:dc:41:7f:f0:ae:7c:d0:0d:aa:36:b8:3b:c0:e6:f9: 52:cb:9c:7b:eb:2e:fd:13:97:17:e7:86:f9:70:c4:ef:1c:4a: d5:c1:ba:c4:c1:1f:38:98:d1:86:78:b6:c0:f6:11:d1:d1:e7: 73:ab:65:e8:b2:23:18:d5:7b:3f:fa:dc:7c:be:e5:6e:e9:a8: 0c:fe:68:51:30:2c:bc:1c:05:9d:35:6f:88:9d:ff:4f:87:eb: a6:ac:b1:28:0a:f4:f8:14:20:3f:8f:cf:fc:75:b7:ce:56:11: 73:2a:a8:db:38:5f:3c:d1:9c:b5:8b:84:f2:04:65:ca:c0:f6: 15:0a:f7:90 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUfIvy4mUxvpLFBIfRdk/hxFY6zGgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIxM1oX DTI3MDMwMzA2MDcxM1owMzExMC8GA1UEAxMoNEI3N0UzMDNDQzE5RTQ2QkRDQTVF REE0MUQzRDJDNzNENjc0OTY0RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALnU3m8H1aso7NUL6KNvHfPywGy2dtcFvzRu9/XSCqMO1PDIdfiEfhagiVs1 JmUxhnEumIW6KdM4oTxyBPE+iRi/7oyLaR3eLy5AxyMuIU3+XFiAHYLHJAMcv8N0 IdkEy53UmMx5E45fyEtPI3vfRy3pAMSk4MPL8C5pY6BZ1tDIphCfUGzEOkO7WEh4 5elLC4xZ/wAHZJE0GyWWnDkz5i4k7DAvAJEFLMkPTtxbfkHe6R7Xf+2vnYJqVXd5 MZQjcE3KdDtJ7lL47O37IBUOFSqcJWuyl2zqX5fuNUXn+nCEToI1CErBo4GOyIX6 XjrKDnNBn3NXFfkykr8USKHc19cCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRLd+MD zBnka9yl7aQdPSxz1nSWTjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzM1MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK orwwDQYJKoZIhvcNAQELBQADggEBAGuv64sr5US/MfgPOaGmsdhyHFylCj/IsDQK r08K2+CcJb9bCt3yQny554zqKjnUmbZGg3dgRzL+3gD+8Kof7p/cxihLH96o7C5a YDMkGUGzPYq8UCwJPHNLklHyy4bgBphjV6TwJMGrNHZLybcawn06BmvdKsYyPqsX QoS0JY/AD9xBf/CufNANqja4O8Dm+VLLnHvrLv0TlxfnhvlwxO8cStXBusTBHziY 0YZ4tsD2EdHR53OrZeiyIxjVez/63Hy+5W7pqAz+aFEwLLwcBZ01b4id/0+H66as sSgK9PgUID+Pz/x1t85WEXMqqNs4XzzRnLWLhPIEZcrA9hUK95A= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:32 2026 by rpki-client