$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143380.roa File: AS143380.roa (raw, json) Hash identifier: kKWNJUZQnETXQV8YsVLYonq/i0ReOZubRYH2ptojNvg= Subject key identifier: 03:83:E0:51:74:25:E9:DC:60:6F:48:CD:61:EF:E1:B9:29:90:F0:66 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5AF7081D009D6C748F8C1BCEE6FC54F413810F43 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143380.roa Signing time: Wed 04 Mar 2026 06:05:15 +0000 ROA not before: Wed 04 Mar 2026 06:00:15 +0000 ROA not after: Wed 03 Mar 2027 06:05:15 +0000 asID: 143380 IP address blocks: 240a:a2da::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:f7:08:1d:00:9d:6c:74:8f:8c:1b:ce:e6:fc:54:f4:13:81:0f:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:15 2026 GMT Not After : Mar 3 06:05:15 2027 GMT Subject: CN=0383E0517425E9DC606F48CD61EFE1B92990F066 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:24:0a:49:dd:e5:29:46:11:38:13:1f:99:ee: ab:df:70:81:f8:b3:7d:38:a7:68:c8:4a:a3:f7:37: e9:29:d6:58:eb:a8:aa:c5:ed:d5:22:8f:41:a9:75: 97:d8:b6:fc:6d:ff:28:fc:25:36:53:cd:4d:bf:18: ec:92:b0:39:a2:e9:c4:c2:e5:07:c4:63:36:7a:b3: b3:9f:dd:5b:0a:9a:8d:42:e4:8d:e1:35:ff:ed:c7: 65:14:cb:51:0f:5e:da:9f:b8:8f:7d:c0:ce:f5:ae: 84:dd:01:8b:09:37:e5:07:3b:a2:c2:79:7a:10:f3: 93:e7:12:02:f1:53:48:c2:c9:db:f9:fb:2a:e8:f7: 09:17:9a:4f:0d:34:d4:a3:0e:f8:eb:37:d1:97:6a: 60:2b:3f:e8:60:7f:50:09:55:71:49:cf:ee:c2:f5: 55:d4:38:78:a6:60:f3:f1:e8:e2:75:68:3d:d6:c9: f7:ac:c4:4b:d1:30:66:c4:68:a5:c7:1a:a5:57:c4: 05:0f:bd:32:c4:c2:88:50:04:75:4c:33:10:12:87: e1:ca:f5:21:a2:99:1d:de:35:b8:11:38:f9:d3:39: 1f:80:82:8f:4d:81:cd:fa:83:87:57:74:75:d2:5d: d2:4e:2a:31:4b:0a:47:c8:5e:da:52:d3:ca:19:8b: b4:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:83:E0:51:74:25:E9:DC:60:6F:48:CD:61:EF:E1:B9:29:90:F0:66 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143380.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2da::/32 Signature Algorithm: sha256WithRSAEncryption 9e:9f:e2:cd:71:c8:c2:c2:92:3b:79:3a:64:56:40:c2:df:51: 23:8a:d7:55:0f:21:59:35:82:20:06:2f:4c:b4:0f:5b:50:cd: 8f:0f:40:43:91:04:3c:a5:c2:bb:b2:75:13:f2:3b:55:25:ff: c7:e3:48:02:d7:cc:20:c6:37:0d:a9:a2:89:aa:49:f3:b2:ba: 12:35:20:ad:68:59:9d:1d:09:15:17:1f:0c:d8:c7:ad:1b:81: d3:39:29:08:ad:74:17:d7:20:68:ca:55:23:8d:59:c3:64:a6: 23:49:ff:f4:24:3b:73:d4:9d:62:b7:76:94:64:5c:6a:75:bb: 24:d6:91:c9:0a:fc:fd:ae:08:b1:fe:7c:eb:0b:c0:f1:8a:ea: 6b:85:69:eb:30:91:71:db:e9:4e:9c:04:e7:ed:5c:0e:a4:06: c3:f0:08:bb:55:4b:3a:1d:f8:b1:a0:c6:81:ad:39:b6:21:6c: 4b:0f:b7:81:1c:d3:87:cc:c4:c6:9c:af:d2:62:ad:22:62:46: e9:26:65:07:52:87:e3:ab:b3:e8:4a:c8:ae:80:33:8f:f3:ea: f2:92:2c:13:1c:43:7b:2d:62:13:5d:32:84:14:32:77:dd:86: ea:ed:3d:16:d0:2f:77:d1:ea:fd:e2:c1:35:81:e9:34:0d:fc: a6:1b:0a:82 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWvcIHQCdbHSPjBvO5vxU9BOBD0MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAxNVoX DTI3MDMwMzA2MDUxNVowMzExMC8GA1UEAxMoMDM4M0UwNTE3NDI1RTlEQzYwNkY0 OENENjFFRkUxQjkyOTkwRjA2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOMkCknd5SlGETgTH5nuq99wgfizfTinaMhKo/c36SnWWOuoqsXt1SKPQal1 l9i2/G3/KPwlNlPNTb8Y7JKwOaLpxMLlB8RjNnqzs5/dWwqajULkjeE1/+3HZRTL UQ9e2p+4j33AzvWuhN0Biwk35Qc7osJ5ehDzk+cSAvFTSMLJ2/n7Kuj3CReaTw00 1KMO+Os30ZdqYCs/6GB/UAlVcUnP7sL1VdQ4eKZg8/Ho4nVoPdbJ96zES9EwZsRo pccapVfEBQ+9MsTCiFAEdUwzEBKH4cr1IaKZHd41uBE4+dM5H4CCj02BzfqDh1d0 ddJd0k4qMUsKR8he2lLTyhmLtK0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQDg+BR dCXp3GBvSM1h7+G5KZDwZjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzM4MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK otowDQYJKoZIhvcNAQELBQADggEBAJ6f4s1xyMLCkjt5OmRWQMLfUSOK11UPIVk1 giAGL0y0D1tQzY8PQEORBDylwruydRPyO1Ul/8fjSALXzCDGNw2poomqSfOyuhI1 IK1oWZ0dCRUXHwzYx60bgdM5KQitdBfXIGjKVSONWcNkpiNJ//QkO3PUnWK3dpRk XGp1uyTWkckK/P2uCLH+fOsLwPGK6muFaeswkXHb6U6cBOftXA6kBsPwCLtVSzod +LGgxoGtObYhbEsPt4Ec04fMxMacr9JirSJiRukmZQdSh+Ors+hKyK6AM4/z6vKS LBMcQ3stYhNdMoQUMnfdhurtPRbQL3fR6v3iwTWB6TQN/KYbCoI= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:07 2026 by rpki-client