$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143379.roa File: AS143379.roa (raw, json) Hash identifier: 5oC+e90J6pYQo18hvNmkdr5vdMHnNPwC4X3wjkmTVPA= Subject key identifier: 72:AD:C9:60:38:D3:91:DC:87:10:DB:DA:88:2A:7B:F1:29:26:29:36 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 15CE89F0D6FA382601E9697F5DC21E64A745F311 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143379.roa Signing time: Wed 04 Mar 2026 06:08:02 +0000 ROA not before: Wed 04 Mar 2026 06:03:02 +0000 ROA not after: Wed 03 Mar 2027 06:08:02 +0000 asID: 143379 IP address blocks: 240a:a2d9::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:ce:89:f0:d6:fa:38:26:01:e9:69:7f:5d:c2:1e:64:a7:45:f3:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:03:02 2026 GMT Not After : Mar 3 06:08:02 2027 GMT Subject: CN=72ADC96038D391DC8710DBDA882A7BF129262936 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:1e:b9:9e:99:ba:44:c9:17:24:d0:52:30:5d: c7:51:03:48:17:37:98:60:f7:74:42:e7:90:f5:6c: 4e:07:4b:65:54:4c:05:37:61:3f:6a:c5:9d:f6:c9: 2d:f6:d6:fb:4d:ff:8d:42:c0:21:0e:61:1a:06:98: 58:30:ea:f8:1a:72:18:f2:25:52:56:54:98:74:e8: a4:c6:f0:e1:a8:38:a5:8a:bf:c0:61:25:f6:08:bd: 08:c1:ab:0d:b5:ad:ae:6a:59:34:f4:af:b3:c0:1d: ab:0d:7d:a1:1f:be:db:5b:d3:ba:17:58:af:7b:64: 87:ca:f5:93:70:56:0b:ad:f8:4a:81:79:b9:c8:11: 5b:16:99:b0:72:9d:ad:96:99:b9:1f:5c:ba:3e:cc: 7a:d6:53:ed:17:d1:24:f5:4e:fa:db:aa:ae:c2:04: 9c:22:d0:37:dd:11:b5:e9:93:eb:6e:26:89:d9:59: 25:ce:78:71:82:3b:17:a2:90:49:98:e2:84:dd:32: 89:0d:1b:3b:d6:34:7a:f5:81:45:fd:c9:43:97:58: 5f:91:3e:06:2d:3e:c3:61:8b:96:00:4d:86:31:55: 49:72:74:d0:c8:33:e4:6d:82:f8:a1:17:52:eb:10: 32:11:74:8d:ba:ad:54:68:c1:31:c1:39:60:4e:0d: 97:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:AD:C9:60:38:D3:91:DC:87:10:DB:DA:88:2A:7B:F1:29:26:29:36 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143379.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2d9::/32 Signature Algorithm: sha256WithRSAEncryption 0b:08:cc:97:bb:3d:ab:dd:94:5a:66:2a:bc:06:52:51:4c:e2: d3:56:ed:6c:6a:38:3a:3d:12:92:e2:65:f7:4f:f2:fc:45:1c: 6a:35:09:2c:df:65:77:69:80:24:10:72:01:9f:a7:97:eb:97: 79:aa:2f:34:52:ce:34:9a:a4:b3:48:62:53:4d:4b:31:71:38: 07:51:cf:91:ac:39:1f:5a:90:26:c0:92:37:42:22:cc:35:9e: 2a:cd:f3:54:84:c2:a8:be:5d:3b:06:13:9c:21:cf:c1:de:05: 78:67:7b:7f:c5:7e:1b:4e:72:79:71:ff:d0:16:6d:61:d9:60: 08:ed:4b:1a:ae:a3:9c:e4:a5:0b:a0:47:7b:30:9c:48:58:ae: ab:8b:f5:c5:d9:78:11:16:3a:bb:b6:7f:57:e9:8c:ba:fc:c4: f3:68:79:a4:bc:39:17:ac:08:07:81:32:23:a8:12:1c:2c:2d: d7:9b:2e:5f:c0:0f:1d:ea:54:89:4f:dc:55:a3:9a:65:93:62: 2a:69:b0:04:be:d1:b5:84:dc:ca:85:f4:2e:b8:e8:5f:e5:27: 27:90:d5:88:56:54:b2:7d:57:7c:03:34:18:7d:45:04:87:35: ee:d7:73:49:01:58:fd:61:da:08:b7:7c:23:d3:90:ba:b9:ef: a3:e9:02:1c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFc6J8Nb6OCYB6Wl/XcIeZKdF8xEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDMwMloX DTI3MDMwMzA2MDgwMlowMzExMC8GA1UEAxMoNzJBREM5NjAzOEQzOTFEQzg3MTBE QkRBODgyQTdCRjEyOTI2MjkzNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALIeuZ6ZukTJFyTQUjBdx1EDSBc3mGD3dELnkPVsTgdLZVRMBTdhP2rFnfbJ LfbW+03/jULAIQ5hGgaYWDDq+BpyGPIlUlZUmHTopMbw4ag4pYq/wGEl9gi9CMGr DbWtrmpZNPSvs8Adqw19oR++21vTuhdYr3tkh8r1k3BWC634SoF5ucgRWxaZsHKd rZaZuR9cuj7MetZT7RfRJPVO+tuqrsIEnCLQN90RtemT624midlZJc54cYI7F6KQ SZjihN0yiQ0bO9Y0evWBRf3JQ5dYX5E+Bi0+w2GLlgBNhjFVSXJ00Mgz5G2C+KEX UusQMhF0jbqtVGjBMcE5YE4Nlx0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRyrclg ONOR3IcQ29qIKnvxKSYpNjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzM3OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK otkwDQYJKoZIhvcNAQELBQADggEBAAsIzJe7PavdlFpmKrwGUlFM4tNW7WxqODo9 EpLiZfdP8vxFHGo1CSzfZXdpgCQQcgGfp5frl3mqLzRSzjSapLNIYlNNSzFxOAdR z5GsOR9akCbAkjdCIsw1nirN81SEwqi+XTsGE5whz8HeBXhne3/FfhtOcnlx/9AW bWHZYAjtSxquo5zkpQugR3swnEhYrquL9cXZeBEWOru2f1fpjLr8xPNoeaS8ORes CAeBMiOoEhwsLdebLl/ADx3qVIlP3FWjmmWTYippsAS+0bWE3MqF9C646F/lJyeQ 1YhWVLJ9V3wDNBh9RQSHNe7Xc0kBWP1h2gi3fCPTkLq576PpAhw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:25 2026 by rpki-client