$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143421.roa File: AS143421.roa (raw, json) Hash identifier: NLjFgLOGLxT1lBZCOET26BJSUUcfe99bpf4UjXXfQyM= Subject key identifier: B7:87:82:CC:B9:2A:91:8C:29:98:9B:32:71:41:2B:3A:66:B4:A8:2C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 066652AFBE4579390261D55376A744800BCD9FBF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143421.roa Signing time: Wed 04 Mar 2026 06:06:36 +0000 ROA not before: Wed 04 Mar 2026 06:01:36 +0000 ROA not after: Wed 03 Mar 2027 06:06:36 +0000 asID: 143421 IP address blocks: 240a:a303::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:66:52:af:be:45:79:39:02:61:d5:53:76:a7:44:80:0b:cd:9f:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:36 2026 GMT Not After : Mar 3 06:06:36 2027 GMT Subject: CN=B78782CCB92A918C29989B3271412B3A66B4A82C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:20:42:a2:46:4c:15:a8:27:02:a6:f3:3e:c0: a0:9e:9c:77:bf:21:b8:b2:52:71:e3:9a:06:83:9b: 05:49:c9:6e:52:fe:74:4c:db:0a:ff:5a:96:c1:64: 6e:24:88:f3:52:01:d5:3d:5c:0e:90:2c:a6:ef:30: 18:19:7b:15:3d:7e:bd:ea:c9:93:d1:bf:7f:cc:37: ee:d5:24:00:f1:88:6d:e3:55:cd:1c:59:56:a5:42: 8c:6b:cb:b4:8e:db:38:2d:aa:de:79:f7:96:3d:24: 65:df:8d:63:8d:d2:53:be:97:f4:7a:18:26:94:5b: f9:cc:6e:ee:2c:2a:da:d6:ce:f9:d5:ad:43:fc:05: 79:d0:11:04:6d:45:26:46:f8:89:fb:55:f9:4c:4f: 6b:50:ca:ac:68:39:30:24:0a:f1:80:65:f5:c9:5c: 05:c9:99:30:26:20:e2:a2:b3:0d:d9:bd:d7:a7:06: 7d:ae:73:d1:aa:c0:a4:b2:92:40:fb:ea:a9:42:81: 5e:73:d6:ec:b0:32:5d:e2:b5:9f:c9:aa:42:c5:23: 4d:01:bf:85:98:3f:2d:b3:03:1d:c3:bb:9c:18:dd: e8:1d:d3:09:8b:45:e5:eb:dc:30:e7:46:b1:33:4c: 14:12:c5:23:f8:78:00:93:f7:0e:06:e3:1d:b5:7e: d8:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:87:82:CC:B9:2A:91:8C:29:98:9B:32:71:41:2B:3A:66:B4:A8:2C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143421.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a303::/32 Signature Algorithm: sha256WithRSAEncryption 0e:3f:d5:3c:e6:e4:7f:38:91:bd:fb:0e:65:21:bb:72:ba:7f: af:bb:fd:de:35:69:b6:b9:00:83:15:4d:94:e5:af:1a:11:a4: 2e:b9:01:94:5e:a3:9a:3e:fd:5c:47:a5:95:c6:c2:8b:e5:78: fa:b1:f1:86:e6:ea:35:38:82:4f:4b:04:7f:40:42:29:52:bd: 9b:01:cf:d0:11:dc:73:bb:b8:b1:a6:18:0d:14:a2:b3:a2:8d: 00:72:48:a3:af:54:e9:be:45:83:66:84:3b:25:66:a9:3e:d7: 00:21:45:fd:7a:6d:a4:95:b5:bd:9c:0a:d1:b3:40:9c:51:bd: 31:50:40:ac:18:71:23:d3:3e:c3:94:d1:aa:d9:07:a7:d7:08: 0b:07:59:cd:2b:f8:7f:47:c6:c5:33:33:68:89:be:5a:57:9c: 51:ea:ad:fc:a3:83:b8:e1:a8:c9:cb:83:a5:c3:cc:2e:f4:2b: 05:a6:c5:2d:ad:1a:29:b0:e7:53:1c:54:1b:a5:21:f5:4f:cc: 80:a1:2f:79:93:e5:24:fb:3f:b5:70:cc:af:aa:ed:f4:08:4d: 50:1f:60:c5:24:e9:a9:5e:3c:99:1f:e1:70:e4:d1:59:fa:9c: 41:3a:60:d2:e0:57:a2:4a:ee:42:76:be:5e:9f:ed:0f:8e:18: ff:1c:94:1b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBmZSr75FeTkCYdVTdqdEgAvNn78wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEzNloX DTI3MDMwMzA2MDYzNlowMzExMC8GA1UEAxMoQjc4NzgyQ0NCOTJBOTE4QzI5OTg5 QjMyNzE0MTJCM0E2NkI0QTgyQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALwgQqJGTBWoJwKm8z7AoJ6cd78huLJSceOaBoObBUnJblL+dEzbCv9alsFk biSI81IB1T1cDpAspu8wGBl7FT1+verJk9G/f8w37tUkAPGIbeNVzRxZVqVCjGvL tI7bOC2q3nn3lj0kZd+NY43SU76X9HoYJpRb+cxu7iwq2tbO+dWtQ/wFedARBG1F Jkb4iftV+UxPa1DKrGg5MCQK8YBl9clcBcmZMCYg4qKzDdm916cGfa5z0arApLKS QPvqqUKBXnPW7LAyXeK1n8mqQsUjTQG/hZg/LbMDHcO7nBjd6B3TCYtF5evcMOdG sTNMFBLFI/h4AJP3DgbjHbV+2LECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS3h4LM uSqRjCmYmzJxQSs6ZrSoLDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQyMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK owMwDQYJKoZIhvcNAQELBQADggEBAA4/1Tzm5H84kb37DmUhu3K6f6+7/d41aba5 AIMVTZTlrxoRpC65AZReo5o+/VxHpZXGwovlePqx8Ybm6jU4gk9LBH9AQilSvZsB z9AR3HO7uLGmGA0UorOijQBySKOvVOm+RYNmhDslZqk+1wAhRf16baSVtb2cCtGz QJxRvTFQQKwYcSPTPsOU0arZB6fXCAsHWc0r+H9HxsUzM2iJvlpXnFHqrfyjg7jh qMnLg6XDzC70KwWmxS2tGimw51McVBulIfVPzIChL3mT5ST7P7VwzK+q7fQITVAf YMUk6alePJkf4XDk0Vn6nEE6YNLgV6JK7kJ2vl6f7Q+OGP8clBs= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:45 2026 by rpki-client