$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143378.roa File: AS143378.roa (raw, json) Hash identifier: RbQkTJ59t/+T0uxUtz8ncdOJzrast2yZt+Dly5oOVFU= Subject key identifier: 2D:3D:7E:62:8E:70:59:1A:5D:99:60:05:C1:E1:6B:A3:BB:AA:B9:BF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 34F62B317B5A412F492BAFCA1CD43A99A8E2BDDC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143378.roa Signing time: Wed 04 Mar 2026 06:06:21 +0000 ROA not before: Wed 04 Mar 2026 06:01:21 +0000 ROA not after: Wed 03 Mar 2027 06:06:21 +0000 asID: 143378 IP address blocks: 240a:a2d8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:f6:2b:31:7b:5a:41:2f:49:2b:af:ca:1c:d4:3a:99:a8:e2:bd:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:21 2026 GMT Not After : Mar 3 06:06:21 2027 GMT Subject: CN=2D3D7E628E70591A5D996005C1E16BA3BBAAB9BF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:df:50:ad:e0:13:0b:f8:7c:4a:e7:0b:0c:7a: 94:6a:5e:55:5c:24:9f:11:80:fa:ed:53:ad:08:ec: 54:a0:12:55:48:09:6a:5d:68:52:cc:aa:8e:89:65: 5b:d5:be:58:0b:31:ff:61:f7:c7:03:56:dc:ea:89: 3e:82:74:d6:e2:57:0c:29:97:7c:e3:8a:c9:62:dc: 60:60:d6:2c:5b:ed:a7:42:b9:81:ef:de:1e:2c:75: 8a:f3:d8:2d:0a:99:e7:e9:11:36:31:55:b2:83:15: 17:d8:eb:1f:21:42:1a:0d:90:f7:02:ea:ca:6a:fa: a2:48:d5:c7:12:e2:10:9c:ea:0b:2b:0d:1c:85:3a: a4:ac:ff:df:dd:d6:d4:89:49:bc:d6:4f:5d:dc:51: 1c:de:fe:ca:ea:05:79:55:e6:10:ef:1e:be:d9:7c: 4c:cb:7b:37:f6:82:e7:56:10:bc:37:52:e1:c7:94: d9:c2:76:ea:a4:93:05:c9:d0:a6:9f:00:62:13:5d: b3:3f:75:cb:f9:45:2a:34:28:bc:8b:36:c8:07:8d: 83:f5:c8:ce:c1:38:73:13:d8:53:54:96:b1:c0:bc: 0d:9a:b6:07:3c:a9:23:80:41:db:a8:b4:24:12:1c: 76:c3:25:91:23:92:8e:bb:9e:6e:27:e2:84:db:74: e4:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:3D:7E:62:8E:70:59:1A:5D:99:60:05:C1:E1:6B:A3:BB:AA:B9:BF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143378.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2d8::/32 Signature Algorithm: sha256WithRSAEncryption 71:7a:3e:ed:74:63:cc:5d:61:d7:42:d0:60:b0:88:f6:4b:a8: 27:8d:5b:2d:80:16:c1:d7:d3:31:af:a2:09:8e:e5:b2:23:03: bf:fc:74:ba:98:14:35:84:e8:3a:5d:85:fe:41:cb:8b:b6:b5: 3a:62:9a:68:ec:9e:6a:b3:69:26:40:c4:27:e3:76:90:13:30: 3f:9c:9d:a4:fc:2e:b0:c0:f1:ec:9b:3f:25:bd:93:08:bd:e4: db:80:2d:64:e9:8b:3f:8b:81:a2:0f:a6:b3:91:3d:b0:54:ea: 27:28:b8:fe:88:84:42:bd:40:0d:d5:e7:0c:04:4c:ad:3a:9c: 41:46:4f:62:8c:78:83:d2:2c:3e:fd:21:43:e9:11:c4:dd:eb: 08:1b:71:4d:ea:68:67:d3:fd:64:d5:5b:d3:71:7d:88:25:3d: 88:3e:6b:ac:12:b7:62:d4:02:c5:61:9a:68:32:c5:93:51:30: af:01:92:75:ef:e1:1a:44:9a:37:2c:a0:43:2b:4f:05:e8:dd: b5:1e:bb:6e:b1:88:0a:fb:e5:e4:e8:5f:4c:90:96:95:29:1e: 6b:ac:6e:df:d9:c4:e5:14:6b:29:81:ba:df:33:82:e5:7c:ea: 02:42:11:73:00:77:9b:cc:2c:98:58:94:a6:e2:7f:60:dc:38: f6:ec:e1:59 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNPYrMXtaQS9JK6/KHNQ6majivdwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEyMVoX DTI3MDMwMzA2MDYyMVowMzExMC8GA1UEAxMoMkQzRDdFNjI4RTcwNTkxQTVEOTk2 MDA1QzFFMTZCQTNCQkFBQjlCRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJvfUK3gEwv4fErnCwx6lGpeVVwknxGA+u1TrQjsVKASVUgJal1oUsyqjoll W9W+WAsx/2H3xwNW3OqJPoJ01uJXDCmXfOOKyWLcYGDWLFvtp0K5ge/eHix1ivPY LQqZ5+kRNjFVsoMVF9jrHyFCGg2Q9wLqymr6okjVxxLiEJzqCysNHIU6pKz/393W 1IlJvNZPXdxRHN7+yuoFeVXmEO8evtl8TMt7N/aC51YQvDdS4ceU2cJ26qSTBcnQ pp8AYhNdsz91y/lFKjQovIs2yAeNg/XIzsE4cxPYU1SWscC8DZq2BzypI4BB26i0 JBIcdsMlkSOSjruebifihNt05HMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQtPX5i jnBZGl2ZYAXB4Wuju6q5vzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzM3OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK otgwDQYJKoZIhvcNAQELBQADggEBAHF6Pu10Y8xdYddC0GCwiPZLqCeNWy2AFsHX 0zGvogmO5bIjA7/8dLqYFDWE6Dpdhf5By4u2tTpimmjsnmqzaSZAxCfjdpATMD+c naT8LrDA8eybPyW9kwi95NuALWTpiz+LgaIPprORPbBU6icouP6IhEK9QA3V5wwE TK06nEFGT2KMeIPSLD79IUPpEcTd6wgbcU3qaGfT/WTVW9NxfYglPYg+a6wSt2LU AsVhmmgyxZNRMK8BknXv4RpEmjcsoEMrTwXo3bUeu26xiAr75eToX0yQlpUpHmus bt/ZxOUUaymBut8zguV86gJCEXMAd5vMLJhYlKbif2DcOPbs4Vk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:15 2026 by rpki-client