$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143356.roa File: AS143356.roa (raw, json) Hash identifier: mCKCrjiYoRHWZKyi4GFpwmEzMYrKUwkeQVV/izJMt3Y= Subject key identifier: B4:5A:C5:51:52:8E:E6:1C:39:9D:58:E8:C1:69:B4:F7:86:72:44:5A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 412420DB24B506B693B37A3BA951DC74A8DA5235 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143356.roa Signing time: Wed 04 Mar 2026 06:05:19 +0000 ROA not before: Wed 04 Mar 2026 06:00:19 +0000 ROA not after: Wed 03 Mar 2027 06:05:19 +0000 asID: 143356 IP address blocks: 240a:a2c2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:24:20:db:24:b5:06:b6:93:b3:7a:3b:a9:51:dc:74:a8:da:52:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:19 2026 GMT Not After : Mar 3 06:05:19 2027 GMT Subject: CN=B45AC551528EE61C399D58E8C169B4F78672445A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:c2:23:1f:c7:42:9c:46:71:1e:d7:b0:1d:54: 20:44:6f:7f:23:e8:d5:eb:a6:ab:a5:94:b1:60:34: e4:85:98:cf:11:8b:6f:18:8f:7e:d2:ae:b7:76:05: 98:e5:b9:8c:97:a0:8c:44:73:a8:9a:ad:63:7c:35: c0:0a:1c:63:4d:d4:3b:99:dd:56:12:8f:54:0d:9e: 91:e6:55:86:c1:48:28:e8:8f:d6:58:e9:79:e1:a9: 7c:2f:74:1c:d9:c5:4b:42:26:c4:69:d8:3f:5f:bc: e0:27:50:f8:b3:8c:9e:06:78:6b:15:d7:ff:32:59: 2c:0f:b1:13:52:9a:b0:67:e6:4d:38:54:a6:74:9d: f7:05:30:7d:48:55:da:0c:85:07:a6:02:74:a6:dd: f5:22:72:ce:9c:a3:44:dc:a1:42:da:d1:9c:1d:e3: bf:c7:25:31:ef:85:f7:ee:80:e0:67:e2:4b:7b:96: 07:64:8d:5e:63:5f:b1:af:24:ba:f1:d5:94:af:e3: 16:7e:14:34:b5:49:fb:55:9c:1e:b3:81:05:cb:f3: a9:c7:0d:08:08:dc:c1:25:17:c4:84:fb:eb:e2:13: 4a:b7:58:67:61:c2:ed:84:0f:7d:31:be:a5:0a:59: dd:c0:9b:6e:f0:1f:86:c7:36:e9:21:55:d5:a2:8c: a3:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:5A:C5:51:52:8E:E6:1C:39:9D:58:E8:C1:69:B4:F7:86:72:44:5A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143356.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2c2::/32 Signature Algorithm: sha256WithRSAEncryption 38:34:27:88:13:10:48:26:a4:1b:c6:07:4c:7f:c4:9a:9d:b8: 94:12:07:14:7c:50:32:3b:6b:d8:49:ba:c2:16:52:16:16:31: 08:9c:af:bf:7a:23:40:a9:e0:d0:6d:b1:f8:78:64:1d:af:f2: ac:ab:99:3e:cf:cb:39:7b:31:93:88:a4:01:d8:48:83:76:81: 81:bf:a3:8b:c9:0d:db:b6:44:c4:d1:4b:3e:b4:4f:99:8d:95: e2:4d:7d:e0:ce:b9:fe:18:32:f7:b5:48:36:bd:80:2d:85:20: 7c:74:f6:44:a9:6e:da:49:e2:b9:8f:5b:30:bc:80:21:ee:18: ae:6f:05:5e:a9:34:55:31:5c:00:83:d9:23:90:63:3d:a9:94: 98:76:58:17:90:41:86:ee:b6:44:13:51:c4:12:29:c4:a1:9d: d6:cb:c8:5b:e4:27:f0:24:f4:84:62:79:ed:74:7a:79:70:ad: c3:bc:2d:3e:01:f4:5c:90:4c:bd:9b:c3:8b:95:a4:9c:6c:3e: e1:34:64:6b:84:33:e2:3a:a8:25:22:dc:13:af:f8:7d:f3:14: 84:a8:20:96:48:fa:27:92:07:a3:25:3f:60:e9:03:20:b1:5f: af:de:c0:5d:ee:7c:b5:fa:31:7d:d9:c0:b7:ff:c4:30:7c:f3: 21:4c:36:c8 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQSQg2yS1BraTs3o7qVHcdKjaUjUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAxOVoX DTI3MDMwMzA2MDUxOVowMzExMC8GA1UEAxMoQjQ1QUM1NTE1MjhFRTYxQzM5OUQ1 OEU4QzE2OUI0Rjc4NjcyNDQ1QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMfCIx/HQpxGcR7XsB1UIERvfyPo1eumq6WUsWA05IWYzxGLbxiPftKut3YF mOW5jJegjERzqJqtY3w1wAocY03UO5ndVhKPVA2ekeZVhsFIKOiP1ljpeeGpfC90 HNnFS0ImxGnYP1+84CdQ+LOMngZ4axXX/zJZLA+xE1KasGfmTThUpnSd9wUwfUhV 2gyFB6YCdKbd9SJyzpyjRNyhQtrRnB3jv8clMe+F9+6A4GfiS3uWB2SNXmNfsa8k uvHVlK/jFn4UNLVJ+1WcHrOBBcvzqccNCAjcwSUXxIT76+ITSrdYZ2HC7YQPfTG+ pQpZ3cCbbvAfhsc26SFV1aKMo1UCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS0WsVR Uo7mHDmdWOjBabT3hnJEWjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzM1Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK osIwDQYJKoZIhvcNAQELBQADggEBADg0J4gTEEgmpBvGB0x/xJqduJQSBxR8UDI7 a9hJusIWUhYWMQicr796I0Cp4NBtsfh4ZB2v8qyrmT7Pyzl7MZOIpAHYSIN2gYG/ o4vJDdu2RMTRSz60T5mNleJNfeDOuf4YMve1SDa9gC2FIHx09kSpbtpJ4rmPWzC8 gCHuGK5vBV6pNFUxXACD2SOQYz2plJh2WBeQQYbutkQTUcQSKcShndbLyFvkJ/Ak 9IRiee10enlwrcO8LT4B9FyQTL2bw4uVpJxsPuE0ZGuEM+I6qCUi3BOv+H3zFISo IJZI+ieSB6MlP2DpAyCxX6/ewF3ufLX6MX3ZwLf/xDB88yFMNsg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:05 2026 by rpki-client