$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143402.roa File: AS143402.roa (raw, json) Hash identifier: UwWoeYNrQOwoorULFnZ3WdKT8NgyfXwBUmyqrCiFpWk= Subject key identifier: D3:F1:7D:21:76:63:19:05:1F:D7:C4:ED:5C:C2:19:1F:60:F3:54:EE Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 33BB468C94A6E7EFACA9AB0DA8BDCB60F79B62DE Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143402.roa Signing time: Wed 04 Mar 2026 06:05:27 +0000 ROA not before: Wed 04 Mar 2026 06:00:27 +0000 ROA not after: Wed 03 Mar 2027 06:05:27 +0000 asID: 143402 IP address blocks: 240a:a2f0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:bb:46:8c:94:a6:e7:ef:ac:a9:ab:0d:a8:bd:cb:60:f7:9b:62:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:27 2026 GMT Not After : Mar 3 06:05:27 2027 GMT Subject: CN=D3F17D21766319051FD7C4ED5CC2191F60F354EE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:1e:33:80:fc:77:67:f5:07:83:00:9a:d9:eb: f7:59:d2:2b:af:58:26:03:02:89:02:44:7e:4b:20: 6a:49:eb:c3:12:ed:55:eb:83:c1:06:8d:28:da:b1: 86:45:37:11:a9:f0:db:46:83:0d:22:f8:b8:f3:37: f0:90:bc:6b:80:74:c5:10:9a:fb:95:7d:75:7f:db: 9f:e2:5e:cc:cd:84:eb:62:d5:22:30:45:d6:22:d4: 35:b4:00:4b:d1:2b:72:78:7e:5f:97:d5:75:9f:66: 8c:c8:f5:20:9b:2b:c6:de:18:e0:66:b2:34:63:a7: 1e:23:95:b8:50:33:59:51:b8:a7:bb:db:32:09:d9: 9c:b7:e9:1a:cc:57:02:f7:55:47:a9:35:28:24:4b: c8:f0:74:42:2e:43:82:e3:c6:ee:40:7a:1c:8c:ab: cb:81:1e:db:e9:46:97:7b:30:ca:63:30:96:ff:62: 92:20:fc:43:05:ad:da:e4:50:f5:ce:b2:b9:8a:a0: a1:c9:e0:7a:53:d0:5d:1b:38:0b:e7:b9:66:2a:93: de:4b:21:6b:5b:bf:8f:ba:9d:16:9b:e5:80:a2:e0: 04:8f:d5:87:49:67:75:9e:c6:7f:9d:a3:f1:56:ca: 35:76:f0:76:3a:b4:9e:6e:23:6f:5e:44:ea:b4:88: cf:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:F1:7D:21:76:63:19:05:1F:D7:C4:ED:5C:C2:19:1F:60:F3:54:EE X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143402.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2f0::/32 Signature Algorithm: sha256WithRSAEncryption 6d:bf:1c:de:90:ac:af:41:61:49:8c:49:08:4c:65:d1:7f:27: e8:1c:b5:32:31:55:ca:9d:c7:53:b7:f3:4a:0e:92:57:05:23: b0:c3:9c:0b:9a:c7:41:f5:24:e8:d3:9e:76:09:11:d3:7f:f8: 08:a1:8c:f5:3f:68:1f:23:8e:12:51:61:35:55:d5:12:47:76: 2b:2d:97:a0:9e:28:7b:c5:a3:6f:c9:95:fc:54:0f:5d:a5:97: e8:f4:27:f0:f2:23:23:3d:fd:01:30:9a:32:81:48:ba:77:f5: 31:ed:fd:9f:ad:f6:92:45:40:22:17:f7:41:d8:82:d3:9c:fc: c6:7b:52:61:1f:5b:a0:50:94:98:65:1d:a4:f2:1d:e9:ee:df: 07:38:15:a5:d3:0b:7a:d3:6b:c2:9a:71:d5:da:57:62:ab:7e: c5:ee:75:d5:29:b4:a9:0c:f7:f7:15:a1:0a:26:f5:64:e0:fb: d1:4f:94:4b:9d:f7:a6:c5:34:ba:a4:16:ec:5d:71:a7:be:31: 4a:fb:84:48:90:1a:3c:8a:bd:81:aa:6f:4a:1a:21:58:8d:a3: 99:05:89:a9:f0:ba:93:93:8d:57:5c:20:d0:3f:22:8d:68:17: 74:d4:9a:1b:2e:00:d9:44:7c:13:66:1e:87:ee:a0:22:c7:12: e1:bd:d0:43 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUM7tGjJSm5++sqasNqL3LYPebYt4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAyN1oX DTI3MDMwMzA2MDUyN1owMzExMC8GA1UEAxMoRDNGMTdEMjE3NjYzMTkwNTFGRDdD NEVENUNDMjE5MUY2MEYzNTRFRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM0eM4D8d2f1B4MAmtnr91nSK69YJgMCiQJEfksgaknrwxLtVeuDwQaNKNqx hkU3Eanw20aDDSL4uPM38JC8a4B0xRCa+5V9dX/bn+JezM2E62LVIjBF1iLUNbQA S9Ercnh+X5fVdZ9mjMj1IJsrxt4Y4GayNGOnHiOVuFAzWVG4p7vbMgnZnLfpGsxX AvdVR6k1KCRLyPB0Qi5DguPG7kB6HIyry4Ee2+lGl3swymMwlv9ikiD8QwWt2uRQ 9c6yuYqgocngelPQXRs4C+e5ZiqT3ksha1u/j7qdFpvlgKLgBI/Vh0lndZ7Gf52j 8VbKNXbwdjq0nm4jb15E6rSIz08CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTT8X0h dmMZBR/XxO1cwhkfYPNU7jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQwMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ovAwDQYJKoZIhvcNAQELBQADggEBAG2/HN6QrK9BYUmMSQhMZdF/J+gctTIxVcqd x1O380oOklcFI7DDnAuax0H1JOjTnnYJEdN/+AihjPU/aB8jjhJRYTVV1RJHdist l6CeKHvFo2/JlfxUD12ll+j0J/DyIyM9/QEwmjKBSLp39THt/Z+t9pJFQCIX90HY gtOc/MZ7UmEfW6BQlJhlHaTyHenu3wc4FaXTC3rTa8KacdXaV2KrfsXuddUptKkM 9/cVoQom9WTg+9FPlEud96bFNLqkFuxdcae+MUr7hEiQGjyKvYGqb0oaIViNo5kF ianwupOTjVdcINA/Io1oF3TUmhsuANlEfBNmHofuoCLHEuG90EM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:54 2026 by rpki-client