$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143441.roa File: AS143441.roa (raw, json) Hash identifier: CN2zMGs1ytlT+lxb0Pdgw4mDiEVavtyStyCrrmtmYN4= Subject key identifier: AC:CD:E5:E7:E3:BD:1E:34:2E:5C:93:8A:02:E0:C6:AB:54:7B:F8:9F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0446EBBAE0E72FB95083104BFB6B025B67115760 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143441.roa Signing time: Wed 04 Mar 2026 06:07:40 +0000 ROA not before: Wed 04 Mar 2026 06:02:40 +0000 ROA not after: Wed 03 Mar 2027 06:07:40 +0000 asID: 143441 IP address blocks: 240a:a317::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:46:eb:ba:e0:e7:2f:b9:50:83:10:4b:fb:6b:02:5b:67:11:57:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:40 2026 GMT Not After : Mar 3 06:07:40 2027 GMT Subject: CN=ACCDE5E7E3BD1E342E5C938A02E0C6AB547BF89F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:a1:ba:be:e4:78:eb:20:af:7a:ea:76:c8:8d: c9:80:08:3e:48:69:bc:b6:98:a6:5a:50:d6:d1:02: 2e:01:16:25:dd:14:c1:a0:85:d4:cc:30:3f:84:49: 19:04:64:3e:52:fc:2f:4e:9d:98:8a:50:bb:12:74: 3c:c0:fa:b4:b6:56:58:4d:b6:c0:e5:37:61:12:68: 98:8f:1f:4c:62:9a:15:20:d5:7e:bc:c6:f6:06:a6: d3:6d:5f:d9:76:fb:33:03:ac:cc:76:a6:9f:47:f0: bb:fe:7c:f8:fc:01:94:bd:dc:c9:f9:82:69:9f:9d: ad:c6:e9:19:9c:e3:92:83:e3:2c:c9:dd:6d:52:56: 2a:d3:e8:5a:67:bd:61:f8:6c:98:2d:5f:7e:52:03: 12:1a:22:6a:4c:2a:b0:ec:0e:7a:bb:55:b0:3b:22: 5d:e5:30:45:1d:6f:f0:c0:65:35:bf:98:f3:3c:fa: cf:b5:43:5d:23:3a:2e:c1:dc:08:76:db:32:0c:53: 8d:da:d9:f5:3f:83:c5:6b:9b:e0:63:a1:b7:2a:80: 8b:8f:fe:0e:e5:da:92:5f:cd:09:1f:87:26:5c:5f: d7:2f:45:9d:e1:26:69:fb:91:d6:88:7d:2c:9f:c5: 6e:a1:ff:78:d5:6e:6a:08:3e:34:dc:eb:6e:35:6d: d8:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:CD:E5:E7:E3:BD:1E:34:2E:5C:93:8A:02:E0:C6:AB:54:7B:F8:9F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143441.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a317::/32 Signature Algorithm: sha256WithRSAEncryption 66:97:f5:fc:bd:58:3a:e1:7b:78:eb:a6:62:8f:d4:99:03:1c: 6c:dd:88:e9:a7:1b:2f:e7:ba:13:40:10:1f:0d:99:ac:ae:3c: 77:9d:92:e3:60:16:06:09:eb:4c:ac:85:fc:68:0e:63:16:7e: c8:76:50:33:b1:e8:2b:92:5d:d0:97:cb:a8:a7:f3:0d:9c:10: 72:a7:03:9d:61:e6:f4:39:c9:fc:48:e1:fa:fd:59:77:ba:48: 0f:f4:64:09:7e:65:43:7c:6c:dd:f7:23:bb:92:68:d0:fd:a6: b5:27:58:05:d5:f3:90:3d:f7:65:bc:18:49:5c:03:eb:96:27: e2:8c:11:c8:1c:94:8c:96:44:63:fd:bf:d2:d1:8a:06:36:89: bf:0e:4f:d1:1e:e0:b1:81:84:9f:b3:f0:10:1c:05:f4:cd:37: 14:8e:37:91:28:a2:0d:80:16:51:5e:16:e6:4b:13:0a:83:58: 61:cf:29:32:d4:f5:c5:0c:88:eb:6a:60:42:1f:4d:1e:44:82: 73:31:dd:6c:63:b1:b7:cd:0d:4e:c9:c0:b2:1f:9b:8a:e0:0f: 16:59:e3:3c:a0:ec:1b:86:4c:60:11:45:dc:44:08:a7:fa:e5: 31:8e:2b:a3:3c:12:64:75:62:5d:53:17:81:dc:47:a7:01:78: b5:0f:59:c1 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBEbruuDnL7lQgxBL+2sCW2cRV2AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI0MFoX DTI3MDMwMzA2MDc0MFowMzExMC8GA1UEAxMoQUNDREU1RTdFM0JEMUUzNDJFNUM5 MzhBMDJFMEM2QUI1NDdCRjg5RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANChur7keOsgr3rqdsiNyYAIPkhpvLaYplpQ1tECLgEWJd0UwaCF1MwwP4RJ GQRkPlL8L06dmIpQuxJ0PMD6tLZWWE22wOU3YRJomI8fTGKaFSDVfrzG9gam021f 2Xb7MwOszHamn0fwu/58+PwBlL3cyfmCaZ+drcbpGZzjkoPjLMndbVJWKtPoWme9 YfhsmC1fflIDEhoiakwqsOwOertVsDsiXeUwRR1v8MBlNb+Y8zz6z7VDXSM6LsHc CHbbMgxTjdrZ9T+DxWub4GOhtyqAi4/+DuXakl/NCR+HJlxf1y9FneEmafuR1oh9 LJ/FbqH/eNVuagg+NNzrbjVt2B0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSszeXn 470eNC5ck4oC4MarVHv4nzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQ0MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oxcwDQYJKoZIhvcNAQELBQADggEBAGaX9fy9WDrhe3jrpmKP1JkDHGzdiOmnGy/n uhNAEB8NmayuPHedkuNgFgYJ60yshfxoDmMWfsh2UDOx6CuSXdCXy6in8w2cEHKn A51h5vQ5yfxI4fr9WXe6SA/0ZAl+ZUN8bN33I7uSaND9prUnWAXV85A992W8GElc A+uWJ+KMEcgclIyWRGP9v9LRigY2ib8OT9Ee4LGBhJ+z8BAcBfTNNxSON5Eoog2A FlFeFuZLEwqDWGHPKTLU9cUMiOtqYEIfTR5EgnMx3WxjsbfNDU7JwLIfm4rgDxZZ 4zyg7BuGTGARRdxECKf65TGOK6M8EmR1Yl1TF4HcR6cBeLUPWcE= -----END CERTIFICATE-----Generated at Sat Mar 28 14:30:36 2026 by rpki-client