$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143403.roa File: AS143403.roa (raw, json) Hash identifier: R4F2k9e/4M2z33ZB6ApCW0RcHdcx1bpS/GcsH6NS+/w= Subject key identifier: 30:6B:44:B4:29:A7:E9:6F:AE:A3:60:41:4F:42:87:43:DA:B2:C6:5D Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2F3BEA4FD1B6042497B2DB5DF210814C682E28F6 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143403.roa Signing time: Wed 04 Mar 2026 06:05:44 +0000 ROA not before: Wed 04 Mar 2026 06:00:44 +0000 ROA not after: Wed 03 Mar 2027 06:05:44 +0000 asID: 143403 IP address blocks: 240a:a2f1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:3b:ea:4f:d1:b6:04:24:97:b2:db:5d:f2:10:81:4c:68:2e:28:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:44 2026 GMT Not After : Mar 3 06:05:44 2027 GMT Subject: CN=306B44B429A7E96FAEA360414F428743DAB2C65D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:1a:f9:4f:eb:1d:7a:61:79:0f:38:ee:04:85: 4b:75:6d:a1:8f:81:ee:ca:bf:b3:19:8e:b3:1f:c9: 73:24:72:08:4e:3c:ab:0f:79:b4:3a:12:73:e8:7e: 3d:13:53:be:5a:ce:10:86:d9:8a:25:00:a8:d5:2d: 90:7a:59:c0:ac:61:68:c0:47:7f:8f:15:65:60:20: 30:97:2d:2a:1b:d9:0c:68:f2:32:78:18:13:e6:c6: 4e:47:1d:66:6a:f7:dc:19:72:01:34:07:31:b4:b9: 02:e5:d8:f0:ec:3d:15:b1:d1:19:17:19:24:c2:a6: 9d:c4:13:e1:2d:90:4b:2a:cb:61:82:61:ce:e8:07: 6b:f8:c9:fe:6a:5d:ab:84:56:b4:3b:ce:eb:08:6f: fc:7e:98:eb:f0:fb:ad:9b:f0:23:ed:ab:9f:0a:0e: 1a:9d:76:84:9b:6e:cb:25:e9:5f:8d:43:56:dd:af: 8b:28:59:5f:11:df:1d:e3:ff:ed:d1:fa:a2:6b:e6: 72:a1:f7:ce:8d:31:25:d6:28:99:87:c7:17:e0:43: 81:59:d1:b4:e1:87:5f:23:7c:8e:88:0f:ca:02:9f: e5:50:82:73:a6:1a:d2:1e:3b:2d:cd:ca:17:ba:1f: 4d:37:64:53:ea:dd:0c:f3:1e:f8:01:87:11:17:59: 92:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:6B:44:B4:29:A7:E9:6F:AE:A3:60:41:4F:42:87:43:DA:B2:C6:5D X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143403.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2f1::/32 Signature Algorithm: sha256WithRSAEncryption cc:38:e6:5e:97:26:ce:d9:a5:bf:25:e1:0f:ac:f2:48:88:1b: 8a:c2:b8:f1:d0:08:b8:fe:6f:2b:50:9c:6d:ae:24:f9:b8:8f: 0e:0e:47:cb:61:38:e3:6b:2c:3d:5a:27:b5:5d:df:6c:af:47: 09:ee:c5:f9:38:f0:8b:85:45:c2:c9:37:e6:1b:4e:5c:92:5d: 93:84:05:c1:5e:d2:63:27:cc:86:a8:fe:fd:a9:f9:9c:6a:05: 31:25:68:07:6d:f1:84:10:6d:df:46:b1:ad:60:53:da:c4:2e: 8c:ed:ac:48:5b:20:0b:fd:1f:39:72:a5:84:fa:78:7e:3c:d8: 0d:dc:76:60:84:bd:cb:8c:d8:d4:fb:16:f9:b7:95:ab:b8:25: 6c:17:81:f7:b0:27:23:d4:31:bc:ea:46:ca:b5:6e:22:55:42: fb:bb:0f:db:1d:d7:63:bc:e4:27:2e:b3:cf:b8:9a:9f:28:56: e9:19:57:d8:fc:e4:30:3e:c5:24:38:75:b4:65:51:e5:b3:db: 39:ad:fa:13:1c:5b:3e:29:89:91:46:84:f2:9a:ff:c5:7a:fc: 9d:2e:e9:84:67:02:f2:b7:ae:20:bd:da:58:eb:8b:f4:dd:da: 10:d4:03:d6:bd:5d:09:39:cd:57:6b:33:88:42:6d:7a:60:6c: 3c:93:42:99 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULzvqT9G2BCSXsttd8hCBTGguKPYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA0NFoX DTI3MDMwMzA2MDU0NFowMzExMC8GA1UEAxMoMzA2QjQ0QjQyOUE3RTk2RkFFQTM2 MDQxNEY0Mjg3NDNEQUIyQzY1RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOUa+U/rHXpheQ847gSFS3VtoY+B7sq/sxmOsx/JcyRyCE48qw95tDoSc+h+ PRNTvlrOEIbZiiUAqNUtkHpZwKxhaMBHf48VZWAgMJctKhvZDGjyMngYE+bGTkcd Zmr33BlyATQHMbS5AuXY8Ow9FbHRGRcZJMKmncQT4S2QSyrLYYJhzugHa/jJ/mpd q4RWtDvO6whv/H6Y6/D7rZvwI+2rnwoOGp12hJtuyyXpX41DVt2viyhZXxHfHeP/ 7dH6omvmcqH3zo0xJdYomYfHF+BDgVnRtOGHXyN8jogPygKf5VCCc6Ya0h47Lc3K F7ofTTdkU+rdDPMe+AGHERdZkgsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQwa0S0 Kafpb66jYEFPQodD2rLGXTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQwMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ovEwDQYJKoZIhvcNAQELBQADggEBAMw45l6XJs7Zpb8l4Q+s8kiIG4rCuPHQCLj+ bytQnG2uJPm4jw4OR8thOONrLD1aJ7Vd32yvRwnuxfk48IuFRcLJN+YbTlySXZOE BcFe0mMnzIao/v2p+ZxqBTElaAdt8YQQbd9Gsa1gU9rELoztrEhbIAv9HzlypYT6 eH482A3cdmCEvcuM2NT7Fvm3lau4JWwXgfewJyPUMbzqRsq1biJVQvu7D9sd12O8 5Ccus8+4mp8oVukZV9j85DA+xSQ4dbRlUeWz2zmt+hMcWz4piZFGhPKa/8V6/J0u 6YRnAvK3riC92ljri/Td2hDUA9a9XQk5zVdrM4hCbXpgbDyTQpk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:24 2026 by rpki-client