$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143371.roa File: AS143371.roa (raw, json) Hash identifier: Lht3SQ5qlqSyIZGjFP4zpy7ozEU9VvmEnIP6s5egZFw= Subject key identifier: A8:3B:C7:85:54:A5:18:DE:3E:25:37:2F:EF:83:CF:E3:26:E3:D7:31 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3167B74148FB02D7B3052CDC0CF0A67B39410387 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143371.roa Signing time: Wed 04 Mar 2026 06:06:28 +0000 ROA not before: Wed 04 Mar 2026 06:01:28 +0000 ROA not after: Wed 03 Mar 2027 06:06:28 +0000 asID: 143371 IP address blocks: 240a:a2d1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:67:b7:41:48:fb:02:d7:b3:05:2c:dc:0c:f0:a6:7b:39:41:03:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:28 2026 GMT Not After : Mar 3 06:06:28 2027 GMT Subject: CN=A83BC78554A518DE3E25372FEF83CFE326E3D731 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:6c:aa:6f:75:3e:39:3b:04:02:38:73:d6:a7: 08:d7:c2:85:da:59:1a:6d:d8:11:f2:2a:70:47:0b: 06:05:02:db:a4:ea:b3:6e:7b:0f:a7:fd:db:11:b8: 92:93:8b:a9:c7:04:e7:d4:00:50:40:2c:7a:8a:28: 12:04:4f:c2:a5:3c:9f:bb:8d:d9:26:b2:33:7f:12: 1d:1e:e2:4b:d0:84:cc:ab:eb:59:f2:59:06:9b:b4: 46:9d:a6:aa:4c:84:cb:5b:f1:be:62:c6:e8:5f:b0: f9:44:d3:55:e5:15:22:ff:e2:a9:ef:09:9e:71:71: 1f:09:99:20:a1:5e:0d:c5:45:35:a3:0d:95:ee:f2: ec:e8:df:be:a1:b6:a2:71:00:9c:0a:a1:fd:d5:b6: 69:ba:20:da:69:e9:45:7a:d4:fc:12:0b:d2:16:7c: 63:29:a9:e2:9e:d4:73:c9:cf:d2:31:9c:c6:8a:d8: 0a:cf:6e:99:cb:15:1d:4a:24:31:32:bb:7e:8e:ac: 75:e7:df:07:29:33:e0:9e:fa:14:b6:fd:93:b2:1d: 78:49:f4:e1:27:bc:0b:08:3c:f3:3d:f3:6d:bd:09: 2d:eb:39:c8:94:ba:de:3d:6f:3b:2b:ac:d3:dc:28: eb:30:6f:2f:d5:83:f3:b9:bb:4b:06:41:46:11:dc: 7f:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:3B:C7:85:54:A5:18:DE:3E:25:37:2F:EF:83:CF:E3:26:E3:D7:31 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143371.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2d1::/32 Signature Algorithm: sha256WithRSAEncryption 7b:a9:eb:86:d9:55:b9:64:f3:9e:84:21:49:91:a1:e6:39:75: e8:9b:f8:3e:c6:1b:5d:94:8a:6e:d0:d9:00:db:3b:2c:06:7d: d6:41:bb:c9:47:bd:e1:4f:e4:3e:69:bb:30:91:0a:57:a5:d2: d9:dd:8b:8c:c0:22:8c:97:55:f0:4e:9c:c0:46:75:50:4e:79: fb:ce:26:cc:de:e9:99:ec:fc:97:26:1e:e1:57:46:c4:1a:80: 7b:07:da:96:b4:92:06:72:e3:4d:7a:c1:c7:42:45:95:8c:4c: 00:12:c6:58:da:6c:ed:f3:34:cd:8a:62:ec:31:c1:1e:ba:63: 38:cf:6e:cc:98:3e:6f:b7:c4:13:64:81:4c:63:a5:12:b9:4e: 8e:1c:72:56:1a:4c:98:bc:65:c1:bf:64:96:3f:f0:18:4e:24: ef:98:51:ce:22:2d:68:d7:d5:4d:aa:02:3c:ad:51:44:87:2a: f6:48:4e:c2:02:43:4f:e1:8b:81:7b:22:88:0e:1d:f3:65:e7: e6:75:9c:a6:35:26:61:51:31:27:07:40:cc:64:ee:45:60:cf: f8:a1:48:fb:e6:8e:67:b2:35:38:cf:72:8b:2a:1e:86:62:16: 35:f1:d6:16:74:c4:e1:f1:15:12:f6:36:38:8e:75:28:cf:09: 15:2d:a1:9d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMWe3QUj7AtezBSzcDPCmezlBA4cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEyOFoX DTI3MDMwMzA2MDYyOFowMzExMC8GA1UEAxMoQTgzQkM3ODU1NEE1MThERTNFMjUz NzJGRUY4M0NGRTMyNkUzRDczMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALdsqm91Pjk7BAI4c9anCNfChdpZGm3YEfIqcEcLBgUC26Tqs257D6f92xG4 kpOLqccE59QAUEAseoooEgRPwqU8n7uN2SayM38SHR7iS9CEzKvrWfJZBpu0Rp2m qkyEy1vxvmLG6F+w+UTTVeUVIv/iqe8JnnFxHwmZIKFeDcVFNaMNle7y7OjfvqG2 onEAnAqh/dW2abog2mnpRXrU/BIL0hZ8Yymp4p7Uc8nP0jGcxorYCs9umcsVHUok MTK7fo6sdeffBykz4J76FLb9k7IdeEn04Se8Cwg88z3zbb0JLes5yJS63j1vOyus 09wo6zBvL9WD87m7SwZBRhHcfwsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSoO8eF VKUY3j4lNy/vg8/jJuPXMTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzM3MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK otEwDQYJKoZIhvcNAQELBQADggEBAHup64bZVblk856EIUmRoeY5deib+D7GG12U im7Q2QDbOywGfdZBu8lHveFP5D5puzCRClel0tndi4zAIoyXVfBOnMBGdVBOefvO Jsze6Zns/JcmHuFXRsQagHsH2pa0kgZy4016wcdCRZWMTAASxljabO3zNM2KYuwx wR66YzjPbsyYPm+3xBNkgUxjpRK5To4cclYaTJi8ZcG/ZJY/8BhOJO+YUc4iLWjX 1U2qAjytUUSHKvZITsICQ0/hi4F7IogOHfNl5+Z1nKY1JmFRMScHQMxk7kVgz/ih SPvmjmeyNTjPcosqHoZiFjXx1hZ0xOHxFRL2NjiOdSjPCRUtoZ0= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:18 2026 by rpki-client