$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143361.roa File: AS143361.roa (raw, json) Hash identifier: NHYcblCYco38tpyehE+wibqOj419/WbriOy9yXh6DJo= Subject key identifier: 38:A8:9D:75:4D:33:3F:C3:F0:C8:8F:47:BB:BF:8A:2E:9C:EE:8B:06 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 72411D433D884CFC144ED9AC90299027B5E49A65 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143361.roa Signing time: Wed 04 Mar 2026 06:06:09 +0000 ROA not before: Wed 04 Mar 2026 06:01:09 +0000 ROA not after: Wed 03 Mar 2027 06:06:09 +0000 asID: 143361 IP address blocks: 240a:a2c7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:41:1d:43:3d:88:4c:fc:14:4e:d9:ac:90:29:90:27:b5:e4:9a:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:09 2026 GMT Not After : Mar 3 06:06:09 2027 GMT Subject: CN=38A89D754D333FC3F0C88F47BBBF8A2E9CEE8B06 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:db:56:52:c2:d3:bf:b8:e8:8e:e7:c7:fb:f5: 8a:91:52:e2:43:d3:78:e1:a4:7d:e6:44:73:a2:98: 19:21:7f:ed:2c:25:74:10:ef:77:36:8d:3c:26:fa: cc:24:08:c3:e4:f2:7e:bd:9f:a6:cc:6a:88:4b:21: 86:15:75:86:df:04:e4:76:7c:87:22:8a:31:a1:28: f8:1d:a8:4c:0e:13:76:dd:ea:6b:c7:8b:d6:36:9d: 6b:18:7b:f5:2c:4c:49:30:78:e0:fc:f5:79:09:a1: da:31:86:af:8a:df:91:f0:45:97:f5:d5:aa:b6:20: bd:2e:a6:ee:ac:53:3b:bb:9a:c3:a6:89:0d:12:24: 69:3c:35:c5:ac:8f:70:03:3e:e5:c6:3e:12:3e:19: 73:b9:12:89:70:3b:a5:e8:ff:9d:53:12:a0:03:99: 86:3d:69:24:c5:26:88:e7:5d:77:30:36:b8:bb:14: e4:00:a9:28:02:64:39:ca:ef:bf:9f:c3:24:37:2c: 38:1e:6d:e2:61:52:4c:59:ee:b6:65:f0:3c:14:3f: ef:00:00:9b:00:fd:aa:e8:e3:9d:9f:ff:4c:33:50: 02:01:49:73:60:ba:4b:7d:c8:e9:0c:d4:72:fd:8a: 9a:fd:12:07:44:d2:5c:ab:aa:e2:13:33:7e:fc:f0: 6b:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:A8:9D:75:4D:33:3F:C3:F0:C8:8F:47:BB:BF:8A:2E:9C:EE:8B:06 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143361.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2c7::/32 Signature Algorithm: sha256WithRSAEncryption 3e:35:af:7d:a9:92:03:9b:a7:1f:f9:03:5d:a0:b5:09:0d:d0: f9:aa:9a:45:90:fd:da:19:3c:15:53:6d:d3:ff:49:75:42:13: b3:72:ac:2c:ae:bb:32:db:1f:f2:fd:ba:0a:21:a8:48:93:5f: ef:19:82:98:e1:7c:f5:9f:ac:82:74:4b:85:e7:31:1f:7f:fd: 3a:72:bf:95:d2:1b:85:4e:db:59:41:65:ab:2d:c4:83:d5:3e: 46:8a:dc:46:1c:e3:c7:0d:47:5e:24:8f:f8:4e:70:63:12:d9: a6:d5:6a:23:71:c2:c5:1d:29:43:7b:f1:9e:14:18:39:49:ee: aa:b8:1d:c5:4a:e6:05:32:9f:53:08:7f:6f:68:b9:3a:2e:9f: 61:58:37:02:b0:d6:bf:e0:22:3c:bd:bf:0a:14:d4:a8:36:9c: 09:aa:0a:1d:d6:1f:2f:51:80:d1:7a:8a:5e:2f:d3:c0:28:65: 51:34:6c:17:2e:01:9e:a0:5a:71:b7:fc:fd:b1:4b:3e:f9:33: 6c:a7:91:e0:79:ef:90:f8:a8:3d:22:40:e0:a2:4f:33:2e:80: 0e:ac:77:9e:07:53:56:80:cb:85:dc:ea:8f:91:c2:e1:0b:52: df:7d:37:2c:d8:87:72:5e:dc:42:f1:e8:03:7b:75:a8:79:0a: f0:93:5b:ee -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUckEdQz2ITPwUTtmskCmQJ7XkmmUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEwOVoX DTI3MDMwMzA2MDYwOVowMzExMC8GA1UEAxMoMzhBODlENzU0RDMzM0ZDM0YwQzg4 RjQ3QkJCRjhBMkU5Q0VFOEIwNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM7bVlLC07+46I7nx/v1ipFS4kPTeOGkfeZEc6KYGSF/7SwldBDvdzaNPCb6 zCQIw+Tyfr2fpsxqiEshhhV1ht8E5HZ8hyKKMaEo+B2oTA4Tdt3qa8eL1jadaxh7 9SxMSTB44Pz1eQmh2jGGr4rfkfBFl/XVqrYgvS6m7qxTO7uaw6aJDRIkaTw1xayP cAM+5cY+Ej4Zc7kSiXA7pej/nVMSoAOZhj1pJMUmiOdddzA2uLsU5ACpKAJkOcrv v5/DJDcsOB5t4mFSTFnutmXwPBQ/7wAAmwD9qujjnZ//TDNQAgFJc2C6S33I6QzU cv2Kmv0SB0TSXKuq4hMzfvzwa1kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ4qJ11 TTM/w/DIj0e7v4ounO6LBjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzM2MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oscwDQYJKoZIhvcNAQELBQADggEBAD41r32pkgObpx/5A12gtQkN0PmqmkWQ/doZ PBVTbdP/SXVCE7NyrCyuuzLbH/L9ugohqEiTX+8ZgpjhfPWfrIJ0S4XnMR9//Tpy v5XSG4VO21lBZastxIPVPkaK3EYc48cNR14kj/hOcGMS2abVaiNxwsUdKUN78Z4U GDlJ7qq4HcVK5gUyn1MIf29ouToun2FYNwKw1r/gIjy9vwoU1Kg2nAmqCh3WHy9R gNF6il4v08AoZVE0bBcuAZ6gWnG3/P2xSz75M2ynkeB575D4qD0iQOCiTzMugA6s d54HU1aAy4Xc6o+RwuELUt99NyzYh3Je3ELx6AN7dah5CvCTW+4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:04 2026 by rpki-client