$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143367.roa File: AS143367.roa (raw, json) Hash identifier: BboG3QkHoVw+MCcOhmcVyJnIdf6JxfI7kysvhRq4MKE= Subject key identifier: 2C:84:6A:67:C7:91:1D:6A:85:16:04:39:F4:7C:2A:CB:AA:14:21:3E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 199D7AC99AADC12386FAD26B4813B8AFE55703A5 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143367.roa Signing time: Wed 04 Mar 2026 06:07:47 +0000 ROA not before: Wed 04 Mar 2026 06:02:47 +0000 ROA not after: Wed 03 Mar 2027 06:07:47 +0000 asID: 143367 IP address blocks: 240a:a2cd::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:9d:7a:c9:9a:ad:c1:23:86:fa:d2:6b:48:13:b8:af:e5:57:03:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:47 2026 GMT Not After : Mar 3 06:07:47 2027 GMT Subject: CN=2C846A67C7911D6A85160439F47C2ACBAA14213E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:e8:bc:79:ba:fa:c2:65:a3:5d:91:65:44:c9: 2d:86:34:01:1c:11:fa:cb:91:ff:00:6d:54:dc:5e: e9:65:76:ca:af:a2:87:87:e6:8f:af:5b:0c:31:e1: 77:21:39:9c:04:a5:43:21:2c:6d:42:37:a6:57:e9: eb:81:8b:b9:07:3d:bb:3d:06:84:eb:ce:21:96:55: 76:3e:13:f2:27:3a:00:0d:0a:c8:b1:eb:71:4d:3e: 2a:39:82:b8:72:b2:7e:1a:6d:0d:9e:b4:f6:94:4d: 7d:32:db:a6:e3:e9:c2:e1:99:cb:7a:51:2f:99:82: 6f:c7:ff:70:64:99:e4:04:03:20:d5:aa:c7:cc:ca: 66:a9:6a:c2:16:26:2b:bf:72:05:1d:77:92:fb:e7: 6f:29:14:fb:03:d4:59:cf:b2:6d:ba:5d:b1:18:24: fc:a9:c0:7c:b9:db:06:91:7d:d3:b3:5d:1f:af:11: da:ef:fe:9e:87:e9:7c:21:8f:89:20:19:95:a3:cd: 93:73:40:e3:b3:53:6a:c5:47:bb:4e:ac:7c:76:82: b2:7e:6a:cc:b3:b6:88:2b:db:11:f4:e5:fc:64:62: 97:1b:96:af:7f:13:54:58:d3:92:de:d5:b6:a8:c1: 3e:d3:89:a6:fb:03:c2:d6:76:de:9a:9a:90:3f:9c: 34:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:84:6A:67:C7:91:1D:6A:85:16:04:39:F4:7C:2A:CB:AA:14:21:3E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143367.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2cd::/32 Signature Algorithm: sha256WithRSAEncryption 66:26:a5:9a:6b:94:bc:52:c3:4e:32:33:59:91:4c:fd:b7:6e: 25:1f:11:91:d8:60:9d:3d:98:18:a4:1d:be:01:f1:b3:c2:4f: 8b:e5:24:04:f2:80:c5:ee:13:1e:d2:c2:b8:17:be:c2:8c:03: 39:85:9e:2d:36:51:40:6e:90:38:e0:7e:fb:91:b9:27:0c:d6: 6c:3e:e9:6a:a1:24:64:b5:df:b0:71:82:2f:02:28:e4:ae:4e: 0f:3c:7f:d6:70:8f:6d:69:a8:48:c4:15:a4:23:f4:ef:78:85: 99:49:b6:af:c7:a8:a5:b4:05:6e:7b:6a:07:53:88:ac:cd:67: 49:b9:6e:fc:f9:f8:cc:40:59:82:57:a9:2f:cc:25:7f:7f:78: 53:99:10:b3:11:14:d8:dd:2c:f8:db:f9:78:82:d4:ce:19:d8: 0e:24:7f:0e:bf:01:b4:e1:99:92:e8:99:f6:20:e8:9b:70:f5: 41:e0:55:15:9d:c4:20:05:6a:0f:95:7f:2f:9a:9f:3f:ed:01: 4b:a6:22:be:d8:71:55:2f:a5:99:40:7f:2d:4e:d5:fa:ac:d3: 31:ce:8f:43:11:67:04:f8:7c:fc:ac:38:08:a5:2b:6e:01:7e: 1d:ce:13:09:61:ee:7f:7e:5a:0f:24:0f:e1:24:96:83:34:c2: 68:49:23:8d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUGZ16yZqtwSOG+tJrSBO4r+VXA6UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI0N1oX DTI3MDMwMzA2MDc0N1owMzExMC8GA1UEAxMoMkM4NDZBNjdDNzkxMUQ2QTg1MTYw NDM5RjQ3QzJBQ0JBQTE0MjEzRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMXovHm6+sJlo12RZUTJLYY0ARwR+suR/wBtVNxe6WV2yq+ih4fmj69bDDHh dyE5nASlQyEsbUI3plfp64GLuQc9uz0GhOvOIZZVdj4T8ic6AA0KyLHrcU0+KjmC uHKyfhptDZ609pRNfTLbpuPpwuGZy3pRL5mCb8f/cGSZ5AQDINWqx8zKZqlqwhYm K79yBR13kvvnbykU+wPUWc+ybbpdsRgk/KnAfLnbBpF907NdH68R2u/+nofpfCGP iSAZlaPNk3NA47NTasVHu06sfHaCsn5qzLO2iCvbEfTl/GRilxuWr38TVFjTkt7V tqjBPtOJpvsDwtZ23pqakD+cNHkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQshGpn x5EdaoUWBDn0fCrLqhQhPjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzM2Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK os0wDQYJKoZIhvcNAQELBQADggEBAGYmpZprlLxSw04yM1mRTP23biUfEZHYYJ09 mBikHb4B8bPCT4vlJATygMXuEx7SwrgXvsKMAzmFni02UUBukDjgfvuRuScM1mw+ 6WqhJGS137Bxgi8CKOSuTg88f9Zwj21pqEjEFaQj9O94hZlJtq/HqKW0BW57agdT iKzNZ0m5bvz5+MxAWYJXqS/MJX9/eFOZELMRFNjdLPjb+XiC1M4Z2A4kfw6/AbTh mZLomfYg6Jtw9UHgVRWdxCAFag+Vfy+anz/tAUumIr7YcVUvpZlAfy1O1fqs0zHO j0MRZwT4fPysOAilK24Bfh3OEwlh7n9+Wg8kD+EkloM0wmhJI40= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:46 2026 by rpki-client