$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143383.roa File: AS143383.roa (raw, json) Hash identifier: tNPm13Ox6Mq/wHrBawi6BhzfGRPG4rmlFoVIWk+n5is= Subject key identifier: 2B:B9:8A:60:C0:12:65:E2:A5:DC:29:FD:D6:2E:3F:3F:97:75:9D:5C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3FD5317FAF8FD1DE5D7BB92667D0FFE07FDC3736 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143383.roa Signing time: Wed 04 Mar 2026 06:08:00 +0000 ROA not before: Wed 04 Mar 2026 06:03:00 +0000 ROA not after: Wed 03 Mar 2027 06:08:00 +0000 asID: 143383 IP address blocks: 240a:a2dd::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:d5:31:7f:af:8f:d1:de:5d:7b:b9:26:67:d0:ff:e0:7f:dc:37:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:03:00 2026 GMT Not After : Mar 3 06:08:00 2027 GMT Subject: CN=2BB98A60C01265E2A5DC29FDD62E3F3F97759D5C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:2a:67:ec:0e:a9:2a:95:c6:ef:f9:44:46:45: d6:f6:ac:8b:11:54:02:b1:d7:5e:72:66:75:45:a6: 1e:17:11:ef:92:08:14:11:08:c9:dc:7c:87:46:d0: 65:01:84:b3:fe:09:df:24:a1:86:26:fd:ae:60:af: ba:8b:23:a6:5c:b8:18:1b:96:72:11:e4:65:c5:1e: f4:1b:5e:ec:57:78:4d:d4:02:63:02:f9:d6:8b:b7: 17:fe:03:8d:85:fc:de:e1:e1:90:aa:62:eb:19:20: 80:84:1d:a1:72:7f:b9:c7:08:2b:2b:ae:d8:cc:a6: 2e:2e:79:2f:c0:fa:12:e1:c5:19:96:77:c6:17:f6: 17:7b:00:14:a9:a2:9b:c3:e7:95:13:16:19:d1:aa: b7:7c:32:a2:b2:e8:96:8a:e8:4a:2d:c1:1e:27:7c: 98:a3:90:37:6b:c8:69:05:fa:bf:ad:42:e2:c7:85: 8a:51:56:ee:97:43:5a:57:a2:99:64:da:c2:95:13: f0:40:42:4e:3a:cd:c0:7d:58:57:50:ad:e8:87:85: bc:b6:a2:3e:56:bd:a8:78:da:c1:da:1a:aa:70:82: eb:ed:5b:7e:f0:0d:e9:da:d1:dd:36:8b:00:ba:28: e0:b1:04:53:03:e0:ef:92:46:a0:bc:07:43:1f:ad: fe:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:B9:8A:60:C0:12:65:E2:A5:DC:29:FD:D6:2E:3F:3F:97:75:9D:5C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143383.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2dd::/32 Signature Algorithm: sha256WithRSAEncryption 3b:da:45:94:61:6c:34:c4:93:65:56:20:7a:5b:8a:41:83:b1: f1:72:b2:93:e2:c8:3f:e0:9a:f2:1f:fe:f5:1e:fe:83:cb:fc: af:18:c4:f3:e5:ac:19:57:b7:f3:2f:f9:7e:35:d7:df:92:c0: 9d:bc:a9:15:a8:b2:f8:52:64:3c:1a:6f:1d:58:1e:0e:ca:47: 22:ee:24:dc:50:2f:c5:1d:03:8d:b3:e0:c2:a8:0d:b5:d7:78: ca:50:89:6f:b5:d0:31:77:4c:c3:72:ec:ce:6c:2f:3d:a0:4e: 3b:1d:ab:5e:08:e8:aa:9f:93:99:0f:e5:93:9c:aa:ba:42:9b: 5c:7b:81:db:27:13:7a:cd:bb:b0:29:95:c4:5b:82:ce:6b:18: 1a:5d:12:ea:de:13:96:67:02:c6:a8:52:3a:14:38:6a:e0:3b: 52:15:98:1f:cc:aa:f9:1a:c0:0d:aa:64:eb:02:a9:fd:be:ee: 19:d5:78:f5:90:f4:88:fe:26:e9:63:b4:35:c5:d2:e8:3d:68: 48:98:9b:71:17:6e:3b:5a:99:1d:cd:8a:2f:5e:92:b6:00:1d: 57:96:ea:e3:91:e9:5f:b5:d1:fc:26:62:f9:f8:eb:2b:3a:70: 79:3b:aa:1b:f4:66:bd:1f:f5:fc:93:46:3b:4f:50:4a:be:59: 49:a7:6c:9b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUP9Uxf6+P0d5de7kmZ9D/4H/cNzYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDMwMFoX DTI3MDMwMzA2MDgwMFowMzExMC8GA1UEAxMoMkJCOThBNjBDMDEyNjVFMkE1REMy OUZERDYyRTNGM0Y5Nzc1OUQ1QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJYqZ+wOqSqVxu/5REZF1vasixFUArHXXnJmdUWmHhcR75IIFBEIydx8h0bQ ZQGEs/4J3yShhib9rmCvuosjply4GBuWchHkZcUe9Bte7Fd4TdQCYwL51ou3F/4D jYX83uHhkKpi6xkggIQdoXJ/uccIKyuu2MymLi55L8D6EuHFGZZ3xhf2F3sAFKmi m8PnlRMWGdGqt3wyorLoloroSi3BHid8mKOQN2vIaQX6v61C4seFilFW7pdDWlei mWTawpUT8EBCTjrNwH1YV1Ct6IeFvLaiPla9qHjawdoaqnCC6+1bfvAN6drR3TaL ALoo4LEEUwPg75JGoLwHQx+t/lECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQruYpg wBJl4qXcKf3WLj8/l3WdXDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzM4My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ot0wDQYJKoZIhvcNAQELBQADggEBADvaRZRhbDTEk2VWIHpbikGDsfFyspPiyD/g mvIf/vUe/oPL/K8YxPPlrBlXt/Mv+X4119+SwJ28qRWosvhSZDwabx1YHg7KRyLu JNxQL8UdA42z4MKoDbXXeMpQiW+10DF3TMNy7M5sLz2gTjsdq14I6Kqfk5kP5ZOc qrpCm1x7gdsnE3rNu7AplcRbgs5rGBpdEureE5ZnAsaoUjoUOGrgO1IVmB/Mqvka wA2qZOsCqf2+7hnVePWQ9Ij+JuljtDXF0ug9aEiYm3EXbjtamR3Nii9ekrYAHVeW 6uOR6V+10fwmYvn46ys6cHk7qhv0Zr0f9fyTRjtPUEq+WUmnbJs= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:24 2026 by rpki-client