$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143398.roa File: AS143398.roa (raw, json) Hash identifier: DTtHjxs4+gvZbwDvq4QIjrjNb3rmxMvZl6pBKx4wEas= Subject key identifier: F7:0F:38:18:83:88:D4:5C:04:39:18:67:E1:85:35:68:22:2A:26:25 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 68EDE8CFA41F50E62951EB0275D45858E88DF201 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143398.roa Signing time: Wed 04 Mar 2026 06:06:33 +0000 ROA not before: Wed 04 Mar 2026 06:01:33 +0000 ROA not after: Wed 03 Mar 2027 06:06:33 +0000 asID: 143398 IP address blocks: 240a:a2ec::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:ed:e8:cf:a4:1f:50:e6:29:51:eb:02:75:d4:58:58:e8:8d:f2:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:33 2026 GMT Not After : Mar 3 06:06:33 2027 GMT Subject: CN=F70F38188388D45C04391867E1853568222A2625 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:fa:0c:18:2b:99:e2:0c:95:68:71:8b:19:50: 28:90:ad:ce:a2:6f:b5:5c:1d:c9:0a:7b:ea:76:37: 8a:ad:7e:ac:4e:b7:57:95:4c:aa:be:45:49:2c:dd: 5c:09:7a:f5:88:ef:60:1f:fc:ac:d4:7e:bb:f7:ce: c0:81:08:f1:1a:68:93:00:71:3a:65:85:46:37:5d: 76:c7:ce:b1:fb:8a:d4:dc:c1:98:df:db:3b:af:d4: d0:98:02:c6:2a:7c:59:c9:86:e6:16:87:b5:31:74: 1b:c5:c6:8f:6f:4b:d3:c0:75:90:0a:d1:fb:6c:76: 1a:14:25:af:03:aa:21:44:d7:98:0b:29:db:e6:2c: 1a:b7:21:d3:35:58:20:00:e5:46:9c:1e:0a:d3:4d: 99:90:38:14:67:79:d7:60:91:18:0f:d1:5d:7a:14: ae:13:29:26:33:0b:bf:3a:32:3a:af:4a:86:e0:0b: e7:cd:d0:c6:bc:eb:b7:50:b4:83:b5:af:6c:a7:d1: 45:49:34:a8:e3:3c:5c:cd:cd:f5:55:e4:84:9f:38: 8a:10:3d:dd:64:bf:e6:58:14:44:f2:43:84:c5:23: 98:59:06:c7:8b:b9:b0:f9:01:0a:9a:dd:5b:bf:92: d4:3b:fd:5f:18:31:8d:a8:72:b7:0d:32:53:b7:e6: 2a:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:0F:38:18:83:88:D4:5C:04:39:18:67:E1:85:35:68:22:2A:26:25 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143398.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2ec::/32 Signature Algorithm: sha256WithRSAEncryption cf:25:73:cc:30:d2:80:8a:40:dc:80:5c:21:d3:b2:64:d0:ae: 97:c2:ca:5e:93:6d:ad:17:30:c1:4c:8d:a4:45:7d:b7:42:af: 97:6b:a9:29:4e:f3:dc:14:53:a7:e9:01:30:b9:74:3f:e6:b8: 2c:ee:8e:50:1e:cf:03:18:1e:42:73:ff:fa:cc:07:12:4f:7d: 66:92:fb:bc:ae:51:3a:1a:43:38:ad:0d:e3:dc:bb:d3:7b:7f: 6d:22:ae:f2:84:81:5b:e1:40:72:45:56:db:49:cf:28:e5:24: 64:97:2e:67:77:bd:dd:49:43:92:1a:57:96:32:5b:a0:cd:51: 3b:d6:c0:7b:39:e9:ca:e8:c9:bb:e2:c5:d0:20:43:68:86:f9: d5:19:0f:3f:b1:1c:64:66:2b:00:10:02:35:37:3e:1e:3b:de: 3e:a5:f5:ce:99:5d:93:4d:c1:87:15:fc:67:03:60:35:bd:7e: ae:76:df:c2:9a:13:91:64:96:82:d7:5c:52:d0:f3:c2:e5:f7: 82:86:63:14:ef:14:78:5c:96:b8:a0:da:c9:c3:a4:88:8c:e5: fb:6b:2f:be:a8:28:57:94:0e:e0:87:46:94:f1:aa:ef:9f:8b: a3:d3:65:be:fc:6f:cd:59:59:2b:19:e4:ff:83:98:2c:98:0e: e0:9e:f3:f2 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUaO3oz6QfUOYpUesCddRYWOiN8gEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEzM1oX DTI3MDMwMzA2MDYzM1owMzExMC8GA1UEAxMoRjcwRjM4MTg4Mzg4RDQ1QzA0Mzkx ODY3RTE4NTM1NjgyMjJBMjYyNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJP6DBgrmeIMlWhxixlQKJCtzqJvtVwdyQp76nY3iq1+rE63V5VMqr5FSSzd XAl69YjvYB/8rNR+u/fOwIEI8RpokwBxOmWFRjdddsfOsfuK1NzBmN/bO6/U0JgC xip8WcmG5haHtTF0G8XGj29L08B1kArR+2x2GhQlrwOqIUTXmAsp2+YsGrch0zVY IADlRpweCtNNmZA4FGd512CRGA/RXXoUrhMpJjMLvzoyOq9KhuAL583Qxrzrt1C0 g7WvbKfRRUk0qOM8XM3N9VXkhJ84ihA93WS/5lgURPJDhMUjmFkGx4u5sPkBCprd W7+S1Dv9Xxgxjahytw0yU7fmKp8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT3DzgY g4jUXAQ5GGfhhTVoIiomJTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzM5OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ouwwDQYJKoZIhvcNAQELBQADggEBAM8lc8ww0oCKQNyAXCHTsmTQrpfCyl6Tba0X MMFMjaRFfbdCr5drqSlO89wUU6fpATC5dD/muCzujlAezwMYHkJz//rMBxJPfWaS +7yuUToaQzitDePcu9N7f20irvKEgVvhQHJFVttJzyjlJGSXLmd3vd1JQ5IaV5Yy W6DNUTvWwHs56croybvixdAgQ2iG+dUZDz+xHGRmKwAQAjU3Ph473j6l9c6ZXZNN wYcV/GcDYDW9fq5238KaE5FkloLXXFLQ88Ll94KGYxTvFHhclrig2snDpIiM5ftr L76oKFeUDuCHRpTxqu+fi6PTZb78b81ZWSsZ5P+DmCyYDuCe8/I= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:37 2026 by rpki-client