$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143440.roa File: AS143440.roa (raw, json) Hash identifier: YCKjcmw90ySTsNjQZJcL/49QBHht2u2DxuVZ9Gvia/8= Subject key identifier: 31:1A:E9:0A:BB:77:7A:49:AC:FE:2B:BC:AE:2C:58:58:27:FB:9C:0E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1C12CFA6193473791400FCCD3B2E0A0DF8DD3F22 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143440.roa Signing time: Wed 04 Mar 2026 06:07:56 +0000 ROA not before: Wed 04 Mar 2026 06:02:56 +0000 ROA not after: Wed 03 Mar 2027 06:07:56 +0000 asID: 143440 IP address blocks: 240a:a316::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:12:cf:a6:19:34:73:79:14:00:fc:cd:3b:2e:0a:0d:f8:dd:3f:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:56 2026 GMT Not After : Mar 3 06:07:56 2027 GMT Subject: CN=311AE90ABB777A49ACFE2BBCAE2C585827FB9C0E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:7f:79:b1:5e:c0:86:f4:4b:2f:b9:fe:4d:83: 7e:d6:df:83:78:bd:88:86:03:2d:c1:e5:3e:11:90: 93:d3:fd:e5:9e:65:82:cd:19:97:d6:af:75:b3:09: 5f:74:05:85:f3:6d:d9:bd:bb:8e:f2:46:7a:02:e1: 57:3b:a6:e0:37:e0:a4:c9:6e:dc:ff:70:c6:ee:1f: 59:9f:91:89:9a:71:c3:f0:1e:a0:ef:3c:3b:14:11: 10:2c:e0:b8:df:84:e0:41:a5:a4:f2:a2:34:de:82: 82:c9:53:ec:ac:92:d9:de:89:ab:6e:11:a5:ea:72: e9:01:8a:b8:03:8a:c4:d4:cb:fe:b5:0b:a8:53:51: d7:6d:16:64:3e:1e:2f:71:eb:2b:28:fa:1d:0b:dd: ee:2f:f4:f2:6d:57:a2:9d:6e:9d:11:fa:fc:17:73: 24:bf:91:58:cf:48:81:b5:be:60:15:db:c5:8f:65: 32:12:67:cf:7f:2d:7d:bc:4c:bd:e6:a4:82:c0:2f: ba:39:7c:6a:55:ac:c7:69:37:2b:d7:8f:7c:1b:ff: e9:06:7b:3b:61:f5:06:27:91:7c:77:89:38:9d:48: 50:c1:83:3d:52:0e:11:0f:59:db:ec:81:3c:fd:54: e5:9c:c4:aa:d9:e7:1b:d9:76:f7:89:fc:e1:26:ea: 41:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:1A:E9:0A:BB:77:7A:49:AC:FE:2B:BC:AE:2C:58:58:27:FB:9C:0E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143440.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a316::/32 Signature Algorithm: sha256WithRSAEncryption 64:fe:0a:4c:cd:b9:b3:18:d5:50:32:28:19:94:50:01:ea:3a: 32:a2:a8:7f:1a:3c:c9:33:f2:48:1d:75:c1:31:4c:06:a5:c2: 78:ae:fd:dc:04:12:2f:30:aa:d1:60:51:7e:73:30:02:a5:09: 56:f9:70:e2:74:84:65:3b:56:c3:3b:0f:a0:46:af:20:56:77: f0:51:28:7f:8f:05:06:33:cb:4c:6b:aa:5e:53:83:d9:ec:a8: 18:3c:8a:01:81:40:89:1a:80:7b:d1:db:a2:d3:29:06:89:3b: 64:20:e1:4c:20:51:f2:05:c2:af:e1:d1:7b:5f:58:d1:53:f6: 31:af:3d:c7:f2:b6:88:b0:b9:07:c6:66:47:1a:90:d2:2a:81: 19:24:f9:af:3e:7f:f2:09:b9:ed:57:11:fd:da:3d:8e:cd:35: be:cc:f5:84:b0:bd:a8:64:a3:df:93:8a:f7:8e:e2:d2:45:6b: 12:1e:a0:26:3c:fe:3f:1a:9b:10:7f:0e:04:97:a0:fe:34:a4: ae:92:b4:29:b5:b0:f9:1f:15:fa:b0:30:c5:9e:d5:81:57:16: b7:e3:24:2b:1d:1c:b9:df:67:b7:a3:11:96:a0:3f:8d:c5:5f: 5e:ea:8e:38:e8:ad:46:36:f1:65:cb:60:a8:8e:29:59:f9:be: 0a:7c:5a:c8 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUHBLPphk0c3kUAPzNOy4KDfjdPyIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI1NloX DTI3MDMwMzA2MDc1NlowMzExMC8GA1UEAxMoMzExQUU5MEFCQjc3N0E0OUFDRkUy QkJDQUUyQzU4NTgyN0ZCOUMwRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALB/ebFewIb0Sy+5/k2Dftbfg3i9iIYDLcHlPhGQk9P95Z5lgs0Zl9avdbMJ X3QFhfNt2b27jvJGegLhVzum4DfgpMlu3P9wxu4fWZ+RiZpxw/AeoO88OxQRECzg uN+E4EGlpPKiNN6CgslT7KyS2d6Jq24Rpepy6QGKuAOKxNTL/rULqFNR120WZD4e L3HrKyj6HQvd7i/08m1Xop1unRH6/BdzJL+RWM9IgbW+YBXbxY9lMhJnz38tfbxM veakgsAvujl8alWsx2k3K9ePfBv/6QZ7O2H1BieRfHeJOJ1IUMGDPVIOEQ9Z2+yB PP1U5ZzEqtnnG9l294n84SbqQcUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQxGukK u3d6Saz+K7yuLFhYJ/ucDjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQ0MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oxYwDQYJKoZIhvcNAQELBQADggEBAGT+CkzNubMY1VAyKBmUUAHqOjKiqH8aPMkz 8kgddcExTAalwniu/dwEEi8wqtFgUX5zMAKlCVb5cOJ0hGU7VsM7D6BGryBWd/BR KH+PBQYzy0xrql5Tg9nsqBg8igGBQIkagHvR26LTKQaJO2Qg4UwgUfIFwq/h0Xtf WNFT9jGvPcfytoiwuQfGZkcakNIqgRkk+a8+f/IJue1XEf3aPY7NNb7M9YSwvahk o9+TiveO4tJFaxIeoCY8/j8amxB/DgSXoP40pK6StCm1sPkfFfqwMMWe1YFXFrfj JCsdHLnfZ7ejEZagP43FX17qjjjorUY28WXLYKiOKVn5vgp8Wsg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:41 2026 by rpki-client