$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143412.roa File: AS143412.roa (raw, json) Hash identifier: RY8ploWkj5wECCETlsB1bigysBSw1fkD8sckdWJtbUs= Subject key identifier: DB:C0:7A:67:90:65:11:DD:17:FF:E4:15:D0:84:D1:27:03:A3:1E:F5 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 08E279D6499ADB81C0D89EF74D8C63502DEFC674 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143412.roa Signing time: Wed 04 Mar 2026 06:07:47 +0000 ROA not before: Wed 04 Mar 2026 06:02:47 +0000 ROA not after: Wed 03 Mar 2027 06:07:47 +0000 asID: 143412 IP address blocks: 240a:a2fa::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:e2:79:d6:49:9a:db:81:c0:d8:9e:f7:4d:8c:63:50:2d:ef:c6:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:47 2026 GMT Not After : Mar 3 06:07:47 2027 GMT Subject: CN=DBC07A67906511DD17FFE415D084D12703A31EF5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:50:5a:5f:45:59:50:e9:a9:94:59:61:aa:7b: 4a:43:01:8a:62:fd:14:76:32:00:8f:a3:b9:3f:1b: 7d:1b:79:bf:bb:a7:a0:3a:2c:65:02:83:ea:92:92: a6:06:cb:60:47:6e:4a:15:1b:d9:30:52:b9:34:9b: f8:a5:73:01:d7:58:5a:45:11:99:41:0b:00:45:72: 76:5b:2e:22:ff:bc:b1:19:91:7a:40:24:57:3b:96: b9:72:93:75:6f:ae:e4:7c:ca:b5:e2:bb:44:7b:87: 4a:7c:6e:2b:c1:11:59:aa:a9:05:83:2f:80:51:b1: f6:34:03:cb:5f:1b:64:27:67:b9:8d:dc:f1:ff:c6: a7:3d:bc:12:87:e1:0a:05:67:8a:a4:8f:8b:ec:75: b3:57:f4:f0:b0:26:6c:88:8a:fd:16:4b:5d:2f:a7: a0:5f:f7:39:6f:68:f9:34:77:f7:f6:2a:46:b8:50: c1:59:f2:d3:01:43:2d:0a:bb:00:f6:7a:57:14:11: f1:38:51:eb:79:bd:4e:41:3f:9c:55:58:8d:c4:53: 75:6f:69:69:fb:67:1e:bd:8b:b9:3d:18:b7:bd:95: 61:57:71:bd:81:58:b3:90:cb:eb:3e:c2:9f:7a:56: c7:58:52:a3:10:b9:ae:2b:0b:6b:25:5e:f9:a8:de: 95:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:C0:7A:67:90:65:11:DD:17:FF:E4:15:D0:84:D1:27:03:A3:1E:F5 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143412.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2fa::/32 Signature Algorithm: sha256WithRSAEncryption 0f:dc:67:12:8e:f7:a9:04:72:6f:f2:40:6f:0b:74:13:98:c8: 4d:d3:63:35:ac:a1:06:1c:4d:2d:20:1a:00:9d:01:37:51:29: 17:14:f3:11:ec:77:c2:46:b0:ff:55:e1:c8:8d:b2:79:bf:4c: cc:dc:db:68:96:d7:f3:8a:e7:5f:46:5d:51:ce:f2:85:c4:0f: ac:b4:ee:80:3d:18:ac:b4:3d:37:3b:c4:51:1d:9c:4a:28:0a: 39:e1:88:f7:9a:d6:4f:de:56:96:37:96:9b:74:5c:ef:de:9c: 46:b8:a0:45:89:1c:1b:1b:e7:8d:9c:5b:de:27:4e:13:6b:38: 86:96:57:95:c5:68:e3:87:d0:a5:0f:9c:c3:36:54:5b:1d:ad: fb:46:7a:29:4e:0a:61:14:78:ef:17:f8:cd:aa:d0:b8:37:3b: 21:ff:04:61:6c:73:c6:46:3d:7e:0e:ff:be:17:b3:80:3a:ce: e4:c8:be:04:e7:32:7f:b2:49:c1:9a:81:07:b0:cb:75:83:10: 4d:02:99:af:ca:a0:7b:2a:2b:da:23:69:f8:c0:14:43:33:60: 87:35:c5:bb:d8:39:80:80:07:69:9e:b3:4e:8c:29:14:0c:4d: 35:d1:86:32:b9:65:00:fe:ca:d7:7c:c5:0c:80:bb:f2:99:98: 69:3e:73:60 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUCOJ51kma24HA2J73TYxjUC3vxnQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI0N1oX DTI3MDMwMzA2MDc0N1owMzExMC8GA1UEAxMoREJDMDdBNjc5MDY1MTFERDE3RkZF NDE1RDA4NEQxMjcwM0EzMUVGNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKZQWl9FWVDpqZRZYap7SkMBimL9FHYyAI+juT8bfRt5v7unoDosZQKD6pKS pgbLYEduShUb2TBSuTSb+KVzAddYWkURmUELAEVydlsuIv+8sRmRekAkVzuWuXKT dW+u5HzKteK7RHuHSnxuK8ERWaqpBYMvgFGx9jQDy18bZCdnuY3c8f/Gpz28Eofh CgVniqSPi+x1s1f08LAmbIiK/RZLXS+noF/3OW9o+TR39/YqRrhQwVny0wFDLQq7 APZ6VxQR8ThR63m9TkE/nFVYjcRTdW9paftnHr2LuT0Yt72VYVdxvYFYs5DL6z7C n3pWx1hSoxC5risLayVe+ajelX0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTbwHpn kGUR3Rf/5BXQhNEnA6Me9TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQxMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ovowDQYJKoZIhvcNAQELBQADggEBAA/cZxKO96kEcm/yQG8LdBOYyE3TYzWsoQYc TS0gGgCdATdRKRcU8xHsd8JGsP9V4ciNsnm/TMzc22iW1/OK519GXVHO8oXED6y0 7oA9GKy0PTc7xFEdnEooCjnhiPea1k/eVpY3lpt0XO/enEa4oEWJHBsb542cW94n ThNrOIaWV5XFaOOH0KUPnMM2VFsdrftGeilOCmEUeO8X+M2q0Lg3OyH/BGFsc8ZG PX4O/74Xs4A6zuTIvgTnMn+yScGagQewy3WDEE0Cma/KoHsqK9ojafjAFEMzYIc1 xbvYOYCAB2mes06MKRQMTTXRhjK5ZQD+ytd8xQyAu/KZmGk+c2A= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:11 2026 by rpki-client