$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143397.roa File: AS143397.roa (raw, json) Hash identifier: vVANncAdd3YpCT7n+HCU0PqKiwo5jv+lHDDOxwp5VjQ= Subject key identifier: 54:A1:71:CE:66:57:58:EB:1B:1D:30:8B:1F:3F:BB:71:EC:37:54:BD Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 35A0ABB436F2F593883D038914238595F00967EA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143397.roa Signing time: Wed 04 Mar 2026 06:06:57 +0000 ROA not before: Wed 04 Mar 2026 06:01:57 +0000 ROA not after: Wed 03 Mar 2027 06:06:57 +0000 asID: 143397 IP address blocks: 240a:a2eb::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:a0:ab:b4:36:f2:f5:93:88:3d:03:89:14:23:85:95:f0:09:67:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:57 2026 GMT Not After : Mar 3 06:06:57 2027 GMT Subject: CN=54A171CE665758EB1B1D308B1F3FBB71EC3754BD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:3b:7b:28:80:a1:d9:80:b1:b0:e5:28:0d:e0: 2e:f7:0e:45:7d:0e:c1:c4:dc:7f:c3:0b:23:07:bc: c0:09:0c:c2:7a:e5:8f:0f:6f:45:9a:06:c6:f4:b1: 4c:ad:c9:76:e1:16:88:49:7d:6f:3e:67:3e:e5:07: 7e:c5:68:ac:25:af:5d:ad:d9:77:d2:7c:cc:45:5a: 63:02:91:91:73:f2:e3:f7:fa:06:dc:e8:9a:d1:61: 4a:9e:1a:68:5d:3f:aa:4e:1c:c1:ca:f9:b8:b4:86: 3f:80:9e:47:eb:9d:3c:65:da:f8:49:99:b6:6c:b9: 36:1c:99:1e:ba:e7:9b:91:98:89:29:fb:99:a6:28: dd:df:e9:3c:97:ba:17:af:76:44:07:92:2a:8f:e7: fe:15:52:d8:b9:69:41:27:08:85:24:3b:af:7f:b3: 5f:f5:f5:55:14:ce:52:c7:5c:c2:9b:9a:65:a3:e4: ca:4e:0e:45:2c:07:ac:08:48:b3:b7:f7:69:e9:47: 62:c5:11:de:11:50:7c:5b:19:b5:e4:08:47:e6:7e: b8:b2:1c:ab:96:cb:00:5d:b9:57:3e:ae:4b:e5:ff: 4a:ae:97:7d:4b:89:4f:d2:b5:4e:a8:a2:77:1d:67: 0a:f2:eb:c7:91:90:6f:60:1a:0b:a8:cb:bb:d9:46: 5e:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:A1:71:CE:66:57:58:EB:1B:1D:30:8B:1F:3F:BB:71:EC:37:54:BD X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143397.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2eb::/32 Signature Algorithm: sha256WithRSAEncryption bb:5f:3d:79:1d:0d:2d:55:00:73:50:6e:01:73:36:c9:42:c9: 9a:92:82:8a:fe:63:86:ba:1c:41:65:dc:59:4d:2b:28:f9:04: 16:7a:06:97:9b:e0:5d:f0:f5:6f:d0:0c:d7:b6:0e:6b:72:b2: b9:2f:31:b2:bf:40:19:3b:c9:5b:23:61:86:1d:19:12:f6:64: fe:57:2f:00:16:ba:9f:5f:6d:41:8e:8e:e9:5e:3e:de:35:04: 41:ba:d2:33:bb:20:eb:34:2d:17:f2:b1:9f:64:7e:1c:a7:dc: 0b:27:ea:61:da:a8:dd:88:ca:4e:b6:b4:a0:0d:b2:19:e6:12: 14:e4:bd:dd:fa:04:d9:be:ff:2d:a6:89:66:6d:e9:05:a3:c5: 95:48:7d:a5:37:d2:3a:5b:58:c6:5c:bf:42:6a:58:37:66:30: f9:e8:c3:cc:f8:46:ed:bb:cf:b2:1b:bf:be:6a:fd:1d:28:a8: 5a:c7:e6:7b:3f:3e:2b:d0:c0:4d:d1:2e:86:0c:c0:98:e9:d8: b9:3a:fd:5f:e0:23:d4:af:17:dc:5d:44:cd:86:4c:ad:9b:a9: cc:5c:07:30:70:ea:48:b2:72:dc:9c:32:8b:a6:05:87:f3:70: cb:ce:64:3b:e3:12:71:21:cd:72:a9:82:9d:40:26:83:52:23: 79:45:79:fe -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNaCrtDby9ZOIPQOJFCOFlfAJZ+owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE1N1oX DTI3MDMwMzA2MDY1N1owMzExMC8GA1UEAxMoNTRBMTcxQ0U2NjU3NThFQjFCMUQz MDhCMUYzRkJCNzFFQzM3NTRCRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM47eyiAodmAsbDlKA3gLvcORX0OwcTcf8MLIwe8wAkMwnrljw9vRZoGxvSx TK3JduEWiEl9bz5nPuUHfsVorCWvXa3Zd9J8zEVaYwKRkXPy4/f6BtzomtFhSp4a aF0/qk4cwcr5uLSGP4CeR+udPGXa+EmZtmy5NhyZHrrnm5GYiSn7maYo3d/pPJe6 F692RAeSKo/n/hVS2LlpQScIhSQ7r3+zX/X1VRTOUsdcwpuaZaPkyk4ORSwHrAhI s7f3aelHYsUR3hFQfFsZteQIR+Z+uLIcq5bLAF25Vz6uS+X/Sq6XfUuJT9K1Tqii dx1nCvLrx5GQb2AaC6jLu9lGXn8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRUoXHO ZldY6xsdMIsfP7tx7DdUvTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzM5Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ouswDQYJKoZIhvcNAQELBQADggEBALtfPXkdDS1VAHNQbgFzNslCyZqSgor+Y4a6 HEFl3FlNKyj5BBZ6Bpeb4F3w9W/QDNe2DmtysrkvMbK/QBk7yVsjYYYdGRL2ZP5X LwAWup9fbUGOjulePt41BEG60jO7IOs0LRfysZ9kfhyn3Asn6mHaqN2Iyk62tKAN shnmEhTkvd36BNm+/y2miWZt6QWjxZVIfaU30jpbWMZcv0JqWDdmMPnow8z4Ru27 z7Ibv75q/R0oqFrH5ns/PivQwE3RLoYMwJjp2Lk6/V/gI9SvF9xdRM2GTK2bqcxc BzBw6kiyctycMoumBYfzcMvOZDvjEnEhzXKpgp1AJoNSI3lFef4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:29 2026 by rpki-client