$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143427.roa File: AS143427.roa (raw, json) Hash identifier: ZVu8D1rH0YQpiMmz4tDxtuzlupXkyEREE3pHa82F9KQ= Subject key identifier: 52:95:3B:5A:93:D5:A6:B3:72:4D:F9:00:80:09:8B:DB:35:E4:1A:14 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3D70FD4014BCB0D1D282C00F16C27C1E9D254D8F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143427.roa Signing time: Wed 04 Mar 2026 06:07:11 +0000 ROA not before: Wed 04 Mar 2026 06:02:11 +0000 ROA not after: Wed 03 Mar 2027 06:07:11 +0000 asID: 143427 IP address blocks: 240a:a309::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:70:fd:40:14:bc:b0:d1:d2:82:c0:0f:16:c2:7c:1e:9d:25:4d:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:11 2026 GMT Not After : Mar 3 06:07:11 2027 GMT Subject: CN=52953B5A93D5A6B3724DF90080098BDB35E41A14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:28:34:35:6a:27:11:b8:0a:e5:98:f8:65:36: 28:6b:db:9f:3e:37:fe:de:0b:a3:bd:06:ac:82:91: 81:ef:83:e8:9e:83:05:95:0d:97:88:9c:d5:5a:f6: 3b:95:45:09:b1:8c:b8:91:ee:45:a2:50:c5:ce:42: 76:f6:7c:ad:6b:0d:d3:1e:2f:1d:f8:21:68:d0:2b: 44:41:77:36:26:2e:96:b8:a7:33:15:76:24:67:a7: a3:0b:d8:22:13:3c:dd:80:ca:6b:c9:33:3c:cb:95: cc:c4:36:63:77:e8:e2:81:ba:4a:27:2d:15:dc:c8: 10:2c:e7:2e:e1:e7:50:43:cc:72:d7:5a:d1:1b:97: 65:e6:17:d6:ad:f1:dc:96:46:0a:cb:3e:c3:d1:06: 36:06:84:1a:16:f0:47:fc:86:f2:4b:54:7f:e0:f0: 03:18:11:8c:0c:db:38:d0:34:0a:c3:dd:cc:af:20: b3:c8:eb:9d:fd:da:ad:8e:3d:49:8b:01:4c:db:c0: 41:3f:9b:23:af:2b:96:89:2b:68:89:bf:44:fc:40: 25:1b:cc:bb:26:20:20:bf:3e:3c:f7:03:5c:be:3a: 87:4a:b2:88:7a:e4:1c:8e:ee:ac:85:49:68:94:79: ff:45:d2:cd:38:1c:7a:c1:64:61:7c:9b:cf:d6:68: ee:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:95:3B:5A:93:D5:A6:B3:72:4D:F9:00:80:09:8B:DB:35:E4:1A:14 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143427.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a309::/32 Signature Algorithm: sha256WithRSAEncryption 90:7f:71:26:96:ca:65:96:df:49:c7:71:07:06:86:61:a6:38: 6a:e2:0f:9b:8a:e1:30:17:d2:2b:30:f5:51:a2:14:06:02:d6: 11:6e:2b:3e:a6:c4:d1:be:ad:5e:9e:26:78:be:fd:2c:05:56: 29:1a:c4:09:ef:c3:c2:5d:74:16:3c:0b:8f:16:35:94:5d:f5: 06:1a:f9:9d:b3:39:50:74:89:67:1d:89:0f:3e:9a:0f:9d:d7: 11:33:3d:20:96:b3:95:9d:17:3b:12:2e:ce:5b:85:ef:4f:96: 46:24:cf:ac:9b:80:a9:41:e8:de:f8:a7:4f:1c:5b:5d:47:e4: f6:79:c3:9b:10:21:6e:75:4a:37:47:b5:2a:2f:49:00:60:fb: 10:71:a8:bb:64:73:83:d9:7b:85:2f:de:b4:95:4a:90:39:a0: 80:90:6b:ae:27:ca:0d:76:e0:36:84:3e:84:e9:b4:d5:7c:e4: de:18:11:05:2d:6d:8d:5a:b8:cf:5f:d4:2b:4c:50:a1:f5:85: f5:1a:bb:89:2d:0f:a9:0d:fa:17:57:d8:56:98:9b:f5:b9:60: fe:ee:dc:26:a8:44:c3:bd:8b:ef:77:2b:8d:d5:01:66:ab:44: 0b:9b:fe:a2:fa:ab:75:58:99:94:06:7f:e2:56:8e:a9:9a:7f: 80:bb:1c:3c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPXD9QBS8sNHSgsAPFsJ8Hp0lTY8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIxMVoX DTI3MDMwMzA2MDcxMVowMzExMC8GA1UEAxMoNTI5NTNCNUE5M0Q1QTZCMzcyNERG OTAwODAwOThCREIzNUU0MUExNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKYoNDVqJxG4CuWY+GU2KGvbnz43/t4Lo70GrIKRge+D6J6DBZUNl4ic1Vr2 O5VFCbGMuJHuRaJQxc5CdvZ8rWsN0x4vHfghaNArREF3NiYulrinMxV2JGenowvY IhM83YDKa8kzPMuVzMQ2Y3fo4oG6SictFdzIECznLuHnUEPMctda0RuXZeYX1q3x 3JZGCss+w9EGNgaEGhbwR/yG8ktUf+DwAxgRjAzbONA0CsPdzK8gs8jrnf3arY49 SYsBTNvAQT+bI68rlokraIm/RPxAJRvMuyYgIL8+PPcDXL46h0qyiHrkHI7urIVJ aJR5/0XSzTgcesFkYXybz9Zo7lsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRSlTta k9Wms3JN+QCACYvbNeQaFDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQyNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK owkwDQYJKoZIhvcNAQELBQADggEBAJB/cSaWymWW30nHcQcGhmGmOGriD5uK4TAX 0isw9VGiFAYC1hFuKz6mxNG+rV6eJni+/SwFVikaxAnvw8JddBY8C48WNZRd9QYa +Z2zOVB0iWcdiQ8+mg+d1xEzPSCWs5WdFzsSLs5bhe9PlkYkz6ybgKlB6N74p08c W11H5PZ5w5sQIW51SjdHtSovSQBg+xBxqLtkc4PZe4Uv3rSVSpA5oICQa64nyg12 4DaEPoTptNV85N4YEQUtbY1auM9f1CtMUKH1hfUau4ktD6kN+hdX2FaYm/W5YP7u 3CaoRMO9i+93K43VAWarRAub/qL6q3VYmZQGf+JWjqmaf4C7HDw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:11 2026 by rpki-client