$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143391.roa File: AS143391.roa (raw, json) Hash identifier: pER1xn4U4/QIzvGci7qPwK+HhGh6mptg0mnslGrb7d8= Subject key identifier: F7:A3:4C:44:95:09:57:89:14:E5:8C:21:B3:9A:2A:5F:48:AE:E9:B0 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4BB65DF1DBDE69F4A3A3833D1ABCF0529BA1264D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143391.roa Signing time: Wed 04 Mar 2026 06:06:42 +0000 ROA not before: Wed 04 Mar 2026 06:01:42 +0000 ROA not after: Wed 03 Mar 2027 06:06:42 +0000 asID: 143391 IP address blocks: 240a:a2e5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:b6:5d:f1:db:de:69:f4:a3:a3:83:3d:1a:bc:f0:52:9b:a1:26:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:42 2026 GMT Not After : Mar 3 06:06:42 2027 GMT Subject: CN=F7A34C449509578914E58C21B39A2A5F48AEE9B0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:81:5a:f4:aa:33:19:b6:20:5d:55:75:b9:a8:1c: cf:b0:fa:cd:32:ef:8f:2c:66:d0:0d:9f:90:1f:64: 12:ba:0c:7d:88:65:79:74:19:01:00:d9:84:84:ac: 1e:5f:bc:3a:21:ae:17:4e:78:ae:dc:ba:dc:20:27: fc:b3:6b:be:35:21:58:a3:3e:9b:fb:a4:92:d3:5b: b1:56:56:40:1f:6b:d9:e2:96:4b:6c:f1:28:29:dc: 2b:f5:40:31:8b:36:98:2b:37:8e:1c:f2:ec:e8:0f: b3:34:a7:4f:58:e4:12:81:c7:2b:94:b3:95:44:73: f2:36:10:88:6a:cc:ac:75:ce:a7:a0:7c:51:37:9c: c0:d4:ba:be:a8:97:6f:65:e8:52:a1:76:49:ed:3a: 17:0a:54:2b:f4:ac:fc:1e:12:8e:f3:53:b9:67:59: 00:68:1e:8c:3e:2d:0e:1e:f0:0f:2e:72:c8:36:42: fa:06:0d:56:dc:ae:99:23:e2:50:9a:3a:55:8b:62: ec:f5:11:14:ac:11:bb:46:2f:c7:4f:8f:04:50:f5: 06:26:a0:66:2e:f2:0a:b8:1f:7d:75:c3:f9:2a:58: 38:51:23:a8:ae:88:87:58:a8:f1:75:78:5f:82:18: 59:ab:a3:37:a3:6f:ef:46:1f:d2:d8:dd:09:cb:87: c0:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:A3:4C:44:95:09:57:89:14:E5:8C:21:B3:9A:2A:5F:48:AE:E9:B0 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143391.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2e5::/32 Signature Algorithm: sha256WithRSAEncryption 35:e1:fe:5c:69:86:91:ca:1f:a5:b1:7b:13:d5:ce:35:ae:67: 29:48:0e:3c:88:8e:17:f7:bd:0f:48:9f:3f:93:1f:f5:74:ef: d1:d7:cb:bf:c5:04:a1:db:b6:33:1b:98:2a:e9:37:6a:b0:2c: 2b:30:43:cb:7e:b1:84:39:7b:7e:19:5f:25:b8:6a:fa:78:53: bc:77:c8:5f:ec:5a:08:a6:8b:a8:6f:d6:db:5e:07:3a:81:25: 33:47:71:78:4d:1e:00:e7:0c:9e:ad:d5:1a:ed:36:b3:be:ac: 70:f3:0a:54:ba:43:8f:a0:18:5f:25:b5:f4:9b:fc:4c:cc:80: c4:73:13:75:69:b9:8d:03:0e:2f:d4:a2:71:a6:78:3d:b9:90: ac:3f:c7:63:e8:bd:21:bf:ee:68:91:7b:ba:d5:f7:2f:73:44: a1:4e:03:47:33:a6:1d:24:53:90:73:0e:29:3a:b7:a4:9d:63: bf:db:8e:1b:d4:f0:32:5c:b8:c9:9e:ef:00:58:7f:67:00:02: 53:f6:af:59:19:b4:9e:77:e5:a6:aa:71:f0:d8:83:c1:d4:a9: 4f:e4:59:c7:5f:aa:cb:08:bf:6c:f7:48:6a:7c:6e:15:b9:47: ca:25:d2:7f:84:42:0d:a8:14:bf:51:bd:28:c5:77:22:18:25: ad:5b:52:99 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUS7Zd8dveafSjo4M9GrzwUpuhJk0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE0MloX DTI3MDMwMzA2MDY0MlowMzExMC8GA1UEAxMoRjdBMzRDNDQ5NTA5NTc4OTE0RTU4 QzIxQjM5QTJBNUY0OEFFRTlCMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIFa9KozGbYgXVV1uagcz7D6zTLvjyxm0A2fkB9kEroMfYhleXQZAQDZhISs Hl+8OiGuF054rty63CAn/LNrvjUhWKM+m/ukktNbsVZWQB9r2eKWS2zxKCncK/VA MYs2mCs3jhzy7OgPszSnT1jkEoHHK5SzlURz8jYQiGrMrHXOp6B8UTecwNS6vqiX b2XoUqF2Se06FwpUK/Ss/B4SjvNTuWdZAGgejD4tDh7wDy5yyDZC+gYNVtyumSPi UJo6VYti7PURFKwRu0Yvx0+PBFD1BiagZi7yCrgffXXD+SpYOFEjqK6Ih1io8XV4 X4IYWaujN6Nv70Yf0tjdCcuHwBUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT3o0xE lQlXiRTljCGzmipfSK7psDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzM5MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ouUwDQYJKoZIhvcNAQELBQADggEBADXh/lxphpHKH6WxexPVzjWuZylIDjyIjhf3 vQ9Inz+TH/V079HXy7/FBKHbtjMbmCrpN2qwLCswQ8t+sYQ5e34ZXyW4avp4U7x3 yF/sWgimi6hv1tteBzqBJTNHcXhNHgDnDJ6t1RrtNrO+rHDzClS6Q4+gGF8ltfSb /EzMgMRzE3VpuY0DDi/UonGmeD25kKw/x2PovSG/7miRe7rV9y9zRKFOA0czph0k U5BzDik6t6SdY7/bjhvU8DJcuMme7wBYf2cAAlP2r1kZtJ535aaqcfDYg8HUqU/k WcdfqssIv2z3SGp8bhW5R8ol0n+EQg2oFL9RvSjFdyIYJa1bUpk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:15 2026 by rpki-client