$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143435.roa File: AS143435.roa (raw, json) Hash identifier: pPPTMcE/O1r4jgk67LTABXZKnN7UOrygnjPbqRlC/qY= Subject key identifier: B9:73:24:EC:85:EF:FF:FA:7A:0D:07:0B:E8:38:BF:4F:3B:98:8D:83 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 38437E840D72D632A6C08FF53EF8AB4A6023B193 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143435.roa Signing time: Wed 04 Mar 2026 06:07:18 +0000 ROA not before: Wed 04 Mar 2026 06:02:18 +0000 ROA not after: Wed 03 Mar 2027 06:07:18 +0000 asID: 143435 IP address blocks: 240a:a311::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:43:7e:84:0d:72:d6:32:a6:c0:8f:f5:3e:f8:ab:4a:60:23:b1:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:18 2026 GMT Not After : Mar 3 06:07:18 2027 GMT Subject: CN=B97324EC85EFFFFA7A0D070BE838BF4F3B988D83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:27:31:a2:76:f0:e6:fb:17:e5:c0:d2:c4:ac: c4:8f:9d:6f:10:98:38:14:36:2d:e1:d1:bd:8a:a3: 71:92:ea:b4:56:a7:93:bd:8d:a5:be:a1:f9:bb:b3: fe:ed:25:7d:aa:e6:82:39:56:ff:e8:ec:d7:38:3f: 0b:e0:ca:1f:98:68:86:bd:76:cc:d6:35:16:e4:d5: 2e:8f:50:74:4b:12:d7:7d:61:77:be:bd:69:73:fc: 0b:e0:45:1d:f2:bc:9e:62:d9:f0:85:f5:11:08:22: 7e:aa:c0:84:5f:50:b1:e8:e3:53:60:d4:94:30:ba: 16:b4:7e:9d:e3:c7:89:4d:16:2c:bc:3a:ad:cb:52: 1d:75:31:70:0d:1f:16:3e:9e:85:37:ae:cc:25:ae: dc:2b:cd:41:6a:2d:13:8b:da:37:0a:56:b9:9e:84: ea:ea:6d:68:a5:dc:e2:75:70:0d:d5:5e:81:d9:38: 6e:12:93:b7:ac:81:90:b6:f6:bc:86:e1:7b:24:15: 52:d7:55:72:7f:c6:a0:79:52:28:46:0b:33:6c:d2: fd:d2:81:ee:db:0d:da:1b:54:f5:f7:31:2e:f4:f0: 1e:41:c3:64:97:90:1d:56:98:c4:5f:6e:48:7c:78: 41:a9:22:22:1a:a6:66:d7:a0:96:08:6a:6d:72:00: 3e:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:73:24:EC:85:EF:FF:FA:7A:0D:07:0B:E8:38:BF:4F:3B:98:8D:83 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143435.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a311::/32 Signature Algorithm: sha256WithRSAEncryption 0f:ac:5b:5e:d9:3e:d2:bd:f3:2d:25:3e:56:a0:6d:17:89:58: e5:12:ef:eb:62:42:04:84:6f:b5:a4:cd:07:d3:f7:de:87:19: 28:86:06:b5:a1:2e:cd:26:56:fc:d8:39:dc:63:dd:8b:95:65: 0c:ca:ac:98:f7:3d:a0:2b:45:b0:59:14:c9:15:b5:56:11:bf: 74:2f:df:b5:ab:c6:6d:0c:93:43:11:bb:90:ee:f3:00:b1:f8: 48:22:30:6c:f0:8c:06:0a:1a:64:2f:ab:bc:a1:ba:85:94:f2: 82:89:86:5a:2f:93:f9:50:89:4c:39:84:7d:15:20:93:f3:c7: b6:37:eb:d3:a7:ab:ab:85:aa:dd:7b:92:23:ec:58:91:04:ce: 01:76:bd:8d:87:b8:f6:e3:09:5d:c5:ac:84:86:bc:f6:ce:f5: e3:d0:1c:84:cb:5e:26:5c:9e:df:aa:7a:6e:44:68:d4:52:74: 69:1c:55:16:5b:60:46:01:1d:a5:7c:46:54:c1:ed:9d:33:98: 49:0c:14:3c:88:07:33:ef:53:9c:fb:b6:1d:81:3f:cc:be:ca: b9:f1:3b:aa:20:92:41:2e:f6:07:67:85:7d:ac:01:a0:2a:45: b1:8b:d8:9b:85:82:7a:17:d0:e4:9e:ed:97:56:b3:28:e9:ae: 2b:a2:f3:5a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUOEN+hA1y1jKmwI/1PvirSmAjsZMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIxOFoX DTI3MDMwMzA2MDcxOFowMzExMC8GA1UEAxMoQjk3MzI0RUM4NUVGRkZGQTdBMEQw NzBCRTgzOEJGNEYzQjk4OEQ4MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJgnMaJ28Ob7F+XA0sSsxI+dbxCYOBQ2LeHRvYqjcZLqtFank72Npb6h+buz /u0lfarmgjlW/+js1zg/C+DKH5hohr12zNY1FuTVLo9QdEsS131hd769aXP8C+BF HfK8nmLZ8IX1EQgifqrAhF9QsejjU2DUlDC6FrR+nePHiU0WLLw6rctSHXUxcA0f Fj6ehTeuzCWu3CvNQWotE4vaNwpWuZ6E6uptaKXc4nVwDdVegdk4bhKTt6yBkLb2 vIbheyQVUtdVcn/GoHlSKEYLM2zS/dKB7tsN2htU9fcxLvTwHkHDZJeQHVaYxF9u SHx4QakiIhqmZteglghqbXIAPl8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS5cyTs he//+noNBwvoOL9PO5iNgzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQzNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oxEwDQYJKoZIhvcNAQELBQADggEBAA+sW17ZPtK98y0lPlagbReJWOUS7+tiQgSE b7WkzQfT996HGSiGBrWhLs0mVvzYOdxj3YuVZQzKrJj3PaArRbBZFMkVtVYRv3Qv 37Wrxm0Mk0MRu5Du8wCx+EgiMGzwjAYKGmQvq7yhuoWU8oKJhlovk/lQiUw5hH0V IJPzx7Y369Onq6uFqt17kiPsWJEEzgF2vY2HuPbjCV3FrISGvPbO9ePQHITLXiZc nt+qem5EaNRSdGkcVRZbYEYBHaV8RlTB7Z0zmEkMFDyIBzPvU5z7th2BP8y+yrnx O6ogkkEu9gdnhX2sAaAqRbGL2JuFgnoX0OSe7ZdWsyjpriui81o= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:31 2026 by rpki-client