$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143384.roa File: AS143384.roa (raw, json) Hash identifier: zCNRENdCMc978zlS4/URL/UmFPLZl4Xf5zEx33gCuxs= Subject key identifier: D5:97:29:C0:14:61:0E:7A:30:79:1D:50:AD:5E:87:CC:D4:D8:4E:68 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0612A7FD6E094ECA6EA046B11258EB528F7BE7FF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143384.roa Signing time: Wed 04 Mar 2026 06:05:19 +0000 ROA not before: Wed 04 Mar 2026 06:00:19 +0000 ROA not after: Wed 03 Mar 2027 06:05:19 +0000 asID: 143384 IP address blocks: 240a:a2de::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:12:a7:fd:6e:09:4e:ca:6e:a0:46:b1:12:58:eb:52:8f:7b:e7:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:19 2026 GMT Not After : Mar 3 06:05:19 2027 GMT Subject: CN=D59729C014610E7A30791D50AD5E87CCD4D84E68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:b6:d1:7e:1c:78:7f:d5:83:dd:49:42:68:95: bf:f1:f0:42:05:b1:7a:87:4b:0d:00:d0:39:b3:64: 75:a1:58:68:6d:53:78:2e:1d:77:f2:61:04:06:f8: ba:b5:85:85:20:6b:3e:06:06:fd:4a:55:5e:05:d7: 5c:19:0a:99:52:0e:dd:95:c8:5e:eb:65:5a:43:01: e5:73:2e:db:b2:68:04:1c:b5:8b:83:74:59:7e:41: 70:f3:6f:5a:49:62:a6:55:5e:52:55:d3:45:fc:48: 3f:1c:2a:64:a1:2e:c2:9a:4e:14:71:83:26:f4:6e: bd:67:4c:2b:27:fb:16:bf:26:c9:8a:97:5f:08:f2: d8:2d:4c:52:6b:ae:e2:59:a4:b8:75:9c:03:46:2e: 78:0a:77:5c:b3:cb:20:89:73:e9:cd:57:6f:d0:a4: 39:08:eb:20:f6:f4:89:89:8e:e6:bd:cf:29:1e:90: dc:36:e1:d1:3f:23:ec:1b:a2:d9:66:4f:06:df:b7: 16:cf:54:4b:7b:20:7b:d6:4b:36:60:4d:de:fc:04: d1:a2:80:d9:9c:59:76:a5:7a:ba:3b:a4:a5:e8:ca: 0a:cd:1d:cd:01:27:a3:1d:29:a4:da:bd:53:c3:4f: 6a:52:75:03:cb:3c:aa:05:ec:78:0c:67:cb:48:e4: 99:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:97:29:C0:14:61:0E:7A:30:79:1D:50:AD:5E:87:CC:D4:D8:4E:68 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143384.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2de::/32 Signature Algorithm: sha256WithRSAEncryption 62:0b:c0:bd:8a:c9:a1:49:ae:8c:d3:2a:cf:2e:0e:5f:99:8f: ad:87:d5:db:30:98:e8:5d:eb:65:3e:01:5d:bc:d4:a2:71:d0: 86:29:9b:52:96:a5:aa:66:67:5d:08:2d:6e:1d:b4:cd:20:f0: a5:db:59:40:94:b5:c8:af:4a:54:68:73:e4:5b:39:98:cf:c2: 15:99:0c:a7:94:8b:68:32:04:de:5b:78:07:95:6d:b6:c2:51: 92:0e:67:42:2a:17:00:dd:65:34:f3:16:5d:75:e9:e2:a6:8e: b6:6b:83:f9:c6:7d:73:8d:49:38:00:40:03:52:26:2c:53:a7: 2c:40:61:2e:26:8a:2f:e5:d5:35:c3:d5:ec:a6:28:29:e1:63: 65:42:d8:70:51:a3:20:2d:4f:d7:67:3d:4f:01:b6:c9:77:4e: ad:fd:7a:f5:a7:1e:b4:e4:ce:c1:43:aa:c3:4d:5d:89:b2:00: 0c:3c:dd:88:38:ce:42:e8:90:a7:8f:77:ce:f3:5e:bd:31:02: 3e:be:53:ac:9e:4f:e3:0b:37:97:b5:c6:66:cc:29:c0:04:42: ae:9f:c2:b6:11:b4:ca:23:25:52:a2:39:d0:a0:42:d5:d8:be: b7:0e:31:eb:4d:13:80:8c:b4:b3:5d:2e:52:ce:21:5c:24:cf: 6c:83:79:e3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBhKn/W4JTspuoEaxEljrUo975/8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAxOVoX DTI3MDMwMzA2MDUxOVowMzExMC8GA1UEAxMoRDU5NzI5QzAxNDYxMEU3QTMwNzkx RDUwQUQ1RTg3Q0NENEQ4NEU2ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL220X4ceH/Vg91JQmiVv/HwQgWxeodLDQDQObNkdaFYaG1TeC4dd/JhBAb4 urWFhSBrPgYG/UpVXgXXXBkKmVIO3ZXIXutlWkMB5XMu27JoBBy1i4N0WX5BcPNv WkliplVeUlXTRfxIPxwqZKEuwppOFHGDJvRuvWdMKyf7Fr8myYqXXwjy2C1MUmuu 4lmkuHWcA0YueAp3XLPLIIlz6c1Xb9CkOQjrIPb0iYmO5r3PKR6Q3Dbh0T8j7Bui 2WZPBt+3Fs9US3sge9ZLNmBN3vwE0aKA2ZxZdqV6ujukpejKCs0dzQEnox0ppNq9 U8NPalJ1A8s8qgXseAxny0jkmWsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTVlynA FGEOejB5HVCtXofM1NhOaDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzM4NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ot4wDQYJKoZIhvcNAQELBQADggEBAGILwL2KyaFJrozTKs8uDl+Zj62H1dswmOhd 62U+AV281KJx0IYpm1KWpapmZ10ILW4dtM0g8KXbWUCUtcivSlRoc+RbOZjPwhWZ DKeUi2gyBN5beAeVbbbCUZIOZ0IqFwDdZTTzFl116eKmjrZrg/nGfXONSTgAQANS JixTpyxAYS4mii/l1TXD1eymKCnhY2VC2HBRoyAtT9dnPU8Btsl3Tq39evWnHrTk zsFDqsNNXYmyAAw83Yg4zkLokKePd87zXr0xAj6+U6yeT+MLN5e1xmbMKcAEQq6f wrYRtMojJVKiOdCgQtXYvrcOMetNE4CMtLNdLlLOIVwkz2yDeeM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:44 2026 by rpki-client