$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143401.roa File: AS143401.roa (raw, json) Hash identifier: iJ4x5/94Mn3z8A+go6oSzzM6boR+/PFN7NFFKrGPG6w= Subject key identifier: 73:5A:21:31:61:DB:71:B9:A8:5C:F7:B1:E8:46:17:CE:43:25:6C:02 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 70D2B716A3BA8B13EAD07724195ED165D873E17B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143401.roa Signing time: Wed 04 Mar 2026 06:07:19 +0000 ROA not before: Wed 04 Mar 2026 06:02:19 +0000 ROA not after: Wed 03 Mar 2027 06:07:19 +0000 asID: 143401 IP address blocks: 240a:a2ef::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:d2:b7:16:a3:ba:8b:13:ea:d0:77:24:19:5e:d1:65:d8:73:e1:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:19 2026 GMT Not After : Mar 3 06:07:19 2027 GMT Subject: CN=735A213161DB71B9A85CF7B1E84617CE43256C02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:3a:f9:be:02:64:e6:c5:46:d7:b7:23:44:44: 8f:75:e7:f3:b1:eb:2d:bd:51:2d:3c:09:df:78:7d: ff:9c:9d:c4:75:19:2d:a6:5f:e1:b2:2c:d3:01:a5: de:24:1f:1a:e2:0f:a0:90:a8:86:73:fc:1d:58:40: 49:65:32:0f:5d:59:5c:a6:87:e5:ff:cd:62:5e:98: ed:f6:de:97:92:a8:b1:65:ba:68:fa:06:d9:9f:78: b5:fd:bf:a8:1e:e7:43:48:be:46:7f:80:56:77:a3: ad:38:d3:64:76:0b:bc:1c:75:09:bd:11:88:a7:58: 68:ea:0a:27:27:bf:eb:bc:a2:03:74:f0:75:4e:4b: 29:da:7a:db:49:fa:0f:a0:d7:11:81:46:e7:73:a8: 54:94:9a:f2:5b:09:34:e1:5e:3e:fb:45:fa:a0:bc: c0:7d:5d:08:7e:79:5e:fc:cc:14:8a:54:02:ff:a5: 5b:2b:3f:b1:de:7f:9c:f5:2a:6b:35:82:61:f7:b5: b1:98:48:f8:86:48:f7:4f:bd:17:c9:fd:74:b0:11: 20:16:f4:fd:8a:37:ba:29:49:5b:ce:e1:78:8b:54: ec:4e:ab:cb:d4:89:69:88:8a:f3:31:0b:94:e3:af: 45:07:8d:99:82:dd:6b:b3:53:bd:3b:0e:cb:12:1a: 6d:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:5A:21:31:61:DB:71:B9:A8:5C:F7:B1:E8:46:17:CE:43:25:6C:02 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143401.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2ef::/32 Signature Algorithm: sha256WithRSAEncryption 5a:5c:61:48:c4:85:4e:97:fb:dd:3c:2c:91:4f:39:8f:a0:4a: ca:e8:83:3f:4c:f0:7a:a8:0f:6b:4a:f6:c9:39:82:b8:51:24: 20:dc:51:20:80:9e:2b:76:a2:f8:5e:cf:00:45:8b:1d:f7:b7: bd:e3:fe:25:03:46:b8:35:b9:b6:3f:bc:fd:e9:86:ce:bd:8a: b6:f6:14:52:39:33:77:7d:f3:89:98:7b:b5:72:7e:6d:14:56: 1e:79:b8:7f:e8:32:d3:db:c6:c0:9b:9d:91:ff:c3:69:9c:6d: e1:5c:73:b8:f4:79:91:9d:99:26:5f:94:66:d5:a6:95:c3:cc: 7a:7e:9d:0a:4d:d7:75:c3:66:cd:77:f1:39:b6:cd:c2:0e:fb: 56:c7:aa:06:78:98:a6:b5:86:3b:c6:8d:7f:73:8c:6f:55:34: b9:21:6e:88:e9:5a:a7:4c:e9:af:2c:a8:13:d3:1b:4b:5d:c2: dc:44:32:0b:4a:af:94:af:81:38:60:7d:11:17:c3:f3:2f:70: 59:91:85:cb:b1:2c:00:86:74:56:bc:fa:40:53:07:ec:56:63: 2e:11:e6:40:4e:bf:66:2d:69:25:11:de:92:c5:6a:d1:ff:7a: ea:57:d7:c5:37:a2:9d:25:cf:c1:85:9c:8a:05:09:f5:da:09: 9a:6e:ae:42 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUcNK3FqO6ixPq0HckGV7RZdhz4XswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIxOVoX DTI3MDMwMzA2MDcxOVowMzExMC8GA1UEAxMoNzM1QTIxMzE2MURCNzFCOUE4NUNG N0IxRTg0NjE3Q0U0MzI1NkMwMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM86+b4CZObFRte3I0REj3Xn87HrLb1RLTwJ33h9/5ydxHUZLaZf4bIs0wGl 3iQfGuIPoJCohnP8HVhASWUyD11ZXKaH5f/NYl6Y7fbel5KosWW6aPoG2Z94tf2/ qB7nQ0i+Rn+AVnejrTjTZHYLvBx1Cb0RiKdYaOoKJye/67yiA3TwdU5LKdp620n6 D6DXEYFG53OoVJSa8lsJNOFePvtF+qC8wH1dCH55XvzMFIpUAv+lWys/sd5/nPUq azWCYfe1sZhI+IZI90+9F8n9dLARIBb0/Yo3uilJW87heItU7E6ry9SJaYiK8zEL lOOvRQeNmYLda7NTvTsOyxIabSMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRzWiEx Ydtxuahc97HoRhfOQyVsAjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQwMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ou8wDQYJKoZIhvcNAQELBQADggEBAFpcYUjEhU6X+908LJFPOY+gSsrogz9M8Hqo D2tK9sk5grhRJCDcUSCAnit2ovhezwBFix33t73j/iUDRrg1ubY/vP3phs69irb2 FFI5M3d984mYe7Vyfm0UVh55uH/oMtPbxsCbnZH/w2mcbeFcc7j0eZGdmSZflGbV ppXDzHp+nQpN13XDZs138Tm2zcIO+1bHqgZ4mKa1hjvGjX9zjG9VNLkhbojpWqdM 6a8sqBPTG0tdwtxEMgtKr5SvgThgfREXw/MvcFmRhcuxLACGdFa8+kBTB+xWYy4R 5kBOv2YtaSUR3pLFatH/eupX18U3op0lz8GFnIoFCfXaCZpurkI= -----END CERTIFICATE-----Generated at Sat Mar 28 13:14:19 2026 by rpki-client