$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143423.roa File: AS143423.roa (raw, json) Hash identifier: I6QaiouotFrzSa4C2utmIYOzbse2GrYCl16LtBDdcso= Subject key identifier: 7A:6F:0D:D8:71:46:8C:39:F0:CA:0D:1B:F0:44:7D:C1:59:B6:A7:38 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1BB4A5C323E8066EA5B6C446F576A0CEDF9E52F4 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143423.roa Signing time: Wed 04 Mar 2026 06:06:55 +0000 ROA not before: Wed 04 Mar 2026 06:01:55 +0000 ROA not after: Wed 03 Mar 2027 06:06:55 +0000 asID: 143423 IP address blocks: 240a:a305::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:b4:a5:c3:23:e8:06:6e:a5:b6:c4:46:f5:76:a0:ce:df:9e:52:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:55 2026 GMT Not After : Mar 3 06:06:55 2027 GMT Subject: CN=7A6F0DD871468C39F0CA0D1BF0447DC159B6A738 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:f7:1a:7c:a0:d6:8f:3d:9f:ca:35:e1:5a:63: 19:b0:3c:b2:a0:4f:d6:a6:30:a2:ad:41:84:81:e1: 1a:df:8b:2f:a4:a2:bc:0e:5c:ba:d6:1c:0b:31:92: aa:d6:36:61:6f:81:bc:ac:05:6b:67:e4:b0:b5:0c: 46:f3:3e:7d:48:80:27:d7:7e:3c:a9:2f:e4:af:63: b7:22:83:fc:f1:91:47:7c:03:75:1e:b6:b5:42:df: db:eb:81:73:2f:56:b7:52:32:9b:91:bb:37:e7:5c: 13:34:f6:9a:2c:47:29:a5:29:3e:3a:e1:08:dc:ce: 9a:6f:ba:b8:44:fd:09:69:6e:21:ee:ed:46:ac:ac: a8:9f:be:4f:88:1e:bd:d5:b4:ca:96:23:3d:47:e5: 37:7e:00:41:50:49:71:5c:e5:c8:52:3b:4e:19:9a: 0c:18:eb:56:3e:be:50:57:32:69:29:27:76:ce:42: 9f:b3:d8:03:0e:e1:d3:d1:78:42:40:9b:f1:bf:ef: d7:61:a5:4c:62:e9:95:eb:e6:85:c8:1d:97:27:1f: bd:4f:f1:a6:b8:2f:2c:f5:3d:76:87:b8:97:e7:3b: c7:80:58:a8:4a:da:4d:8b:f2:d0:5a:a3:b2:a4:72: 7b:9c:8c:73:23:59:d5:b4:65:a0:18:b1:ac:1a:88: 68:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:6F:0D:D8:71:46:8C:39:F0:CA:0D:1B:F0:44:7D:C1:59:B6:A7:38 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143423.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a305::/32 Signature Algorithm: sha256WithRSAEncryption 95:32:44:a1:1e:82:11:e1:0e:6e:45:d7:33:81:4e:eb:18:43: d7:a4:24:41:d9:90:d3:e4:65:ce:35:07:81:ea:e8:93:f4:7f: 4b:4c:8d:88:49:13:76:c5:9c:fd:7b:ee:02:8e:18:8a:d0:89: aa:89:28:f2:fc:0c:cd:74:6c:f7:15:41:1c:06:98:77:ed:07: 52:5d:28:0a:65:af:9f:1b:c6:64:b8:5d:ca:bd:2a:a7:76:2b: f0:57:83:06:72:b0:cb:b6:24:8a:0d:f9:2e:bc:fd:84:8c:55: eb:7a:70:6b:6c:27:37:84:5a:79:27:2c:aa:b4:b1:ec:a7:85: f5:43:6c:4a:a1:b4:37:e9:c6:59:1c:a5:d1:1f:e6:58:90:64: 48:94:af:89:11:ec:0d:aa:0e:2a:3f:43:22:ed:8a:c9:73:cf: 1f:c2:b4:6d:20:92:a5:0c:5a:d6:99:72:16:66:3d:50:4f:ad: 9f:bd:d6:26:b7:e8:75:99:6b:ab:a3:ff:76:de:93:32:29:ab: ea:9d:b3:65:6f:4b:af:cd:2c:36:1e:f5:e0:51:63:d9:01:26: c3:06:a3:8b:98:c1:74:6f:39:ee:97:c7:23:3f:18:0d:39:8a: 13:56:04:c8:ca:d7:c0:b1:54:8a:07:5a:0a:7e:9d:b1:5f:31: 8b:38:c6:03 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUG7SlwyPoBm6ltsRG9Xagzt+eUvQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE1NVoX DTI3MDMwMzA2MDY1NVowMzExMC8GA1UEAxMoN0E2RjBERDg3MTQ2OEMzOUYwQ0Ew RDFCRjA0NDdEQzE1OUI2QTczODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALX3Gnyg1o89n8o14VpjGbA8sqBP1qYwoq1BhIHhGt+LL6SivA5cutYcCzGS qtY2YW+BvKwFa2fksLUMRvM+fUiAJ9d+PKkv5K9jtyKD/PGRR3wDdR62tULf2+uB cy9Wt1Iym5G7N+dcEzT2mixHKaUpPjrhCNzOmm+6uET9CWluIe7tRqysqJ++T4ge vdW0ypYjPUflN34AQVBJcVzlyFI7ThmaDBjrVj6+UFcyaSknds5Cn7PYAw7h09F4 QkCb8b/v12GlTGLplevmhcgdlycfvU/xprgvLPU9doe4l+c7x4BYqEraTYvy0Fqj sqRye5yMcyNZ1bRloBixrBqIaJMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR6bw3Y cUaMOfDKDRvwRH3BWbanODAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQyMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK owUwDQYJKoZIhvcNAQELBQADggEBAJUyRKEeghHhDm5F1zOBTusYQ9ekJEHZkNPk Zc41B4Hq6JP0f0tMjYhJE3bFnP177gKOGIrQiaqJKPL8DM10bPcVQRwGmHftB1Jd KAplr58bxmS4Xcq9Kqd2K/BXgwZysMu2JIoN+S68/YSMVet6cGtsJzeEWnknLKq0 seynhfVDbEqhtDfpxlkcpdEf5liQZEiUr4kR7A2qDio/QyLtislzzx/CtG0gkqUM WtaZchZmPVBPrZ+91ia36HWZa6uj/3bekzIpq+qds2VvS6/NLDYe9eBRY9kBJsMG o4uYwXRvOe6XxyM/GA05ihNWBMjK18CxVIoHWgp+nbFfMYs4xgM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:25 2026 by rpki-client