$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143410.roa File: AS143410.roa (raw, json) Hash identifier: lPr9tA5JOKcsQL0m8qKR6UWtRC2Gvh01qC1Di/77pDQ= Subject key identifier: A3:6F:5C:44:50:EC:66:14:5A:F9:DE:67:4E:16:73:B4:DC:50:72:03 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 69BF3485B047927664F161427839D27CE20984AB Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143410.roa Signing time: Wed 04 Mar 2026 06:07:41 +0000 ROA not before: Wed 04 Mar 2026 06:02:41 +0000 ROA not after: Wed 03 Mar 2027 06:07:41 +0000 asID: 143410 IP address blocks: 240a:a2f8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:bf:34:85:b0:47:92:76:64:f1:61:42:78:39:d2:7c:e2:09:84:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:41 2026 GMT Not After : Mar 3 06:07:41 2027 GMT Subject: CN=A36F5C4450EC66145AF9DE674E1673B4DC507203 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:07:1e:ad:70:93:eb:a2:11:a6:a4:53:c9:f8: 74:95:7b:67:0a:29:02:59:16:a7:95:5b:5b:14:73: 3f:0d:d0:b1:05:69:95:3e:cf:db:db:e4:10:e6:2e: 1b:64:2c:eb:59:35:a9:a4:22:af:07:ad:56:40:75: 07:ad:38:5e:50:ad:42:ca:44:2a:85:2e:01:85:6d: 12:9e:c2:e0:91:0a:5e:71:3d:42:53:10:53:59:81: dd:71:98:8d:32:fc:63:c9:de:8f:8b:f5:5c:43:85: 2d:38:a6:ca:ba:34:0d:33:1f:a2:91:dd:48:67:7c: 1c:50:39:da:fe:1c:0e:32:69:10:09:b8:f2:a1:ff: 6b:3d:60:44:75:9d:0c:ab:10:84:db:ac:ef:33:d7: cb:1c:1d:07:b7:11:b1:02:14:9d:01:c2:fa:12:5c: 47:75:98:75:27:ad:91:4f:c6:bc:08:92:59:f7:c0: 07:9b:cd:9e:62:d3:75:cc:a9:17:fc:a1:17:d7:54: 2c:de:b3:a4:b1:52:e1:b9:02:29:6b:86:49:0d:29: dc:fb:ef:53:e4:bb:82:51:5f:e0:81:df:f0:e5:db: 3a:fa:a7:2e:2d:93:11:bb:e9:f0:ad:57:0d:58:f3: 4c:9b:32:86:8c:98:64:51:6e:9d:09:06:3b:ba:05: dc:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:6F:5C:44:50:EC:66:14:5A:F9:DE:67:4E:16:73:B4:DC:50:72:03 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143410.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2f8::/32 Signature Algorithm: sha256WithRSAEncryption 1c:d1:e8:84:69:10:3e:95:97:46:c1:a1:38:dd:6f:58:5e:b7: b4:1f:89:ba:bc:04:68:22:e1:be:b7:67:e3:35:b5:96:1c:51: fd:8c:6e:7d:02:e6:65:0f:39:05:3b:f1:b2:f7:c6:46:e4:98: d6:30:c7:8a:4f:c9:c4:f2:72:a5:73:6d:77:ca:bc:83:82:af: b4:99:a8:55:cb:67:01:72:43:bd:c3:59:5f:d4:ef:c3:a1:86: fa:81:12:a4:33:65:02:c8:04:1c:e9:54:c4:c0:26:c2:ef:45: ce:27:59:75:bb:15:d2:fe:e0:5b:c4:3d:9d:8f:56:9c:a7:fb: a9:3d:a2:d0:c9:76:a3:da:ef:d8:fd:e5:82:d8:92:5b:4d:9d: 2c:5b:26:21:62:50:7c:4c:c2:9d:f5:6b:5f:a2:5a:d0:6f:39: 4f:4c:64:83:8a:c9:71:03:b8:57:45:4c:ad:42:4c:73:00:25: 88:38:90:3d:8a:6b:8e:13:15:37:22:3f:33:97:73:eb:98:93: 26:f6:06:a9:6c:64:dc:1d:70:e5:86:17:26:50:ae:df:01:e5: d4:b8:13:c5:a3:a4:8f:02:ac:5e:9f:be:cf:c6:8a:32:b9:e6: ed:2a:46:9c:7a:ac:f9:e4:1c:29:2e:ca:91:f1:57:42:2f:bf: af:a3:7a:fb -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUab80hbBHknZk8WFCeDnSfOIJhKswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI0MVoX DTI3MDMwMzA2MDc0MVowMzExMC8GA1UEAxMoQTM2RjVDNDQ1MEVDNjYxNDVBRjlE RTY3NEUxNjczQjREQzUwNzIwMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANQHHq1wk+uiEaakU8n4dJV7ZwopAlkWp5VbWxRzPw3QsQVplT7P29vkEOYu G2Qs61k1qaQirwetVkB1B604XlCtQspEKoUuAYVtEp7C4JEKXnE9QlMQU1mB3XGY jTL8Y8nej4v1XEOFLTimyro0DTMfopHdSGd8HFA52v4cDjJpEAm48qH/az1gRHWd DKsQhNus7zPXyxwdB7cRsQIUnQHC+hJcR3WYdSetkU/GvAiSWffAB5vNnmLTdcyp F/yhF9dULN6zpLFS4bkCKWuGSQ0p3PvvU+S7glFf4IHf8OXbOvqnLi2TEbvp8K1X DVjzTJsyhoyYZFFunQkGO7oF3J0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSjb1xE UOxmFFr53mdOFnO03FByAzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQxMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ovgwDQYJKoZIhvcNAQELBQADggEBABzR6IRpED6Vl0bBoTjdb1het7Qfibq8BGgi 4b63Z+M1tZYcUf2Mbn0C5mUPOQU78bL3xkbkmNYwx4pPycTycqVzbXfKvIOCr7SZ qFXLZwFyQ73DWV/U78OhhvqBEqQzZQLIBBzpVMTAJsLvRc4nWXW7FdL+4FvEPZ2P Vpyn+6k9otDJdqPa79j95YLYkltNnSxbJiFiUHxMwp31a1+iWtBvOU9MZIOKyXED uFdFTK1CTHMAJYg4kD2Ka44TFTciPzOXc+uYkyb2BqlsZNwdcOWGFyZQrt8B5dS4 E8WjpI8CrF6fvs/GijK55u0qRpx6rPnkHCkuypHxV0Ivv6+jevs= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:13 2026 by rpki-client