$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143404.roa File: AS143404.roa (raw, json) Hash identifier: 1s6w8MvFQG37ITW0SxS9ofOzTdYIiAnubsnhF61F5Tw= Subject key identifier: D1:9E:7B:E1:E1:AF:5A:24:23:7E:E5:8D:67:A0:4C:8F:8A:33:B6:FF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 55EC2E31AD0F69BC7EB1636E614147501837E41C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143404.roa Signing time: Wed 04 Mar 2026 06:08:02 +0000 ROA not before: Wed 04 Mar 2026 06:03:02 +0000 ROA not after: Wed 03 Mar 2027 06:08:02 +0000 asID: 143404 IP address blocks: 240a:a2f2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:ec:2e:31:ad:0f:69:bc:7e:b1:63:6e:61:41:47:50:18:37:e4:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:03:02 2026 GMT Not After : Mar 3 06:08:02 2027 GMT Subject: CN=D19E7BE1E1AF5A24237EE58D67A04C8F8A33B6FF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:11:a8:ad:f6:a7:1c:c7:1d:b6:50:46:2e:53: 59:b0:d0:90:2f:ec:1b:47:37:e0:ca:cc:a4:40:85: b4:de:39:b5:44:9e:13:de:12:5d:84:37:90:6a:ff: dc:4d:4a:17:f3:d1:ad:de:a6:c7:1e:cd:c7:b2:0c: b1:39:63:8e:48:65:00:00:5a:0f:cf:6f:6f:5d:93: a6:de:1b:ff:ca:3b:69:4b:25:cc:0a:11:74:da:d2: e5:fd:49:57:35:8e:c1:93:8e:59:ec:f6:ec:83:76: 6f:f6:7b:dc:3b:2b:03:44:0b:37:7e:03:06:c7:c5: b8:96:28:61:81:a8:c7:5b:ff:3f:f4:81:1e:03:e3: 92:0a:59:47:a3:75:e2:1d:3f:52:4c:6a:a5:53:55: 44:25:31:5a:2e:ab:e4:2f:76:d4:e9:01:1b:16:55: 58:77:d9:61:77:51:91:48:36:73:a8:05:b1:78:29: 03:20:9e:d1:03:cb:b4:63:dd:2d:de:ce:58:5c:e4: 47:42:03:c7:ac:f4:bd:ef:e6:76:dd:27:9b:ee:b3: 87:ac:d1:d2:3c:6b:12:5a:4f:92:40:68:86:04:28: 2f:09:d2:a2:c7:b0:29:28:f1:53:be:55:b8:ee:13: e4:6e:93:cd:aa:9f:5a:05:82:e1:09:ca:1b:ca:c5: 79:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:9E:7B:E1:E1:AF:5A:24:23:7E:E5:8D:67:A0:4C:8F:8A:33:B6:FF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143404.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2f2::/32 Signature Algorithm: sha256WithRSAEncryption 79:10:af:d7:b9:a9:e6:7b:ee:5c:2a:f6:08:1c:4a:16:b6:b7: 00:a3:b0:cf:55:fb:b1:7b:83:e9:1a:6f:1b:71:9b:f3:68:21: bb:f0:39:87:12:5c:38:0e:10:e3:62:6a:80:39:54:f7:24:0b: 42:e6:89:d5:19:f8:82:dd:20:99:68:b4:f7:c5:ce:40:55:ae: 6c:ba:a5:59:43:01:6b:2a:4d:31:05:61:ce:14:c1:99:76:bf: 7f:8c:ff:85:4c:93:3f:5b:8b:83:0b:88:e5:6f:0d:ca:1d:18: c9:f2:da:32:3c:28:48:ea:e2:63:a6:16:ff:de:2a:9f:de:89: 4f:08:9c:8e:e3:1d:bd:c7:d2:6b:6f:3b:9e:8d:73:57:97:0a: cc:18:c1:9d:89:ea:51:48:04:e6:e2:f5:f2:eb:6c:8e:f7:53: 09:a2:b7:49:5c:e1:dc:5f:ca:bf:e1:a2:93:9c:7a:8f:a7:c3: ce:56:7b:65:86:04:36:f1:da:c4:9c:2c:86:ea:74:ae:03:31: bb:94:c5:63:2a:6d:1b:5e:a6:b6:1a:b9:3e:2e:d6:27:cb:bf: a1:77:7b:d4:2f:e9:28:0e:9e:2b:15:ea:62:90:c7:6c:cc:0c: d3:b4:fd:ea:b4:a4:ea:2f:b4:d6:52:91:4b:09:7a:96:ed:8e: 25:96:27:4c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVewuMa0Pabx+sWNuYUFHUBg35BwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDMwMloX DTI3MDMwMzA2MDgwMlowMzExMC8GA1UEAxMoRDE5RTdCRTFFMUFGNUEyNDIzN0VF NThENjdBMDRDOEY4QTMzQjZGRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOcRqK32pxzHHbZQRi5TWbDQkC/sG0c34MrMpECFtN45tUSeE94SXYQ3kGr/ 3E1KF/PRrd6mxx7Nx7IMsTljjkhlAABaD89vb12Tpt4b/8o7aUslzAoRdNrS5f1J VzWOwZOOWez27IN2b/Z73DsrA0QLN34DBsfFuJYoYYGox1v/P/SBHgPjkgpZR6N1 4h0/UkxqpVNVRCUxWi6r5C921OkBGxZVWHfZYXdRkUg2c6gFsXgpAyCe0QPLtGPd Ld7OWFzkR0IDx6z0ve/mdt0nm+6zh6zR0jxrElpPkkBohgQoLwnSosewKSjxU75V uO4T5G6TzaqfWgWC4QnKG8rFeTECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTRnnvh 4a9aJCN+5Y1noEyPijO2/zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQwNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ovIwDQYJKoZIhvcNAQELBQADggEBAHkQr9e5qeZ77lwq9ggcSha2twCjsM9V+7F7 g+kabxtxm/NoIbvwOYcSXDgOEONiaoA5VPckC0LmidUZ+ILdIJlotPfFzkBVrmy6 pVlDAWsqTTEFYc4UwZl2v3+M/4VMkz9bi4MLiOVvDcodGMny2jI8KEjq4mOmFv/e Kp/eiU8InI7jHb3H0mtvO56Nc1eXCswYwZ2J6lFIBObi9fLrbI73Uwmit0lc4dxf yr/hopOceo+nw85We2WGBDbx2sScLIbqdK4DMbuUxWMqbRteprYauT4u1ifLv6F3 e9Qv6SgOnisV6mKQx2zMDNO0/eq0pOovtNZSkUsJepbtjiWWJ0w= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:48 2026 by rpki-client