$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143442.roa File: AS143442.roa (raw, json) Hash identifier: CfawEoU0Gw/hia6dzv8NJMwGFdnBr4tvVNf2g76mUwk= Subject key identifier: CC:F3:04:69:88:EE:3C:36:07:EB:57:D5:CE:25:25:5A:37:D2:8C:5B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 398CA1240E153E582BFE27C9CC2F0970918B78A0 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143442.roa Signing time: Wed 04 Mar 2026 06:06:01 +0000 ROA not before: Wed 04 Mar 2026 06:01:01 +0000 ROA not after: Wed 03 Mar 2027 06:06:01 +0000 asID: 143442 IP address blocks: 240a:a318::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:8c:a1:24:0e:15:3e:58:2b:fe:27:c9:cc:2f:09:70:91:8b:78:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:01 2026 GMT Not After : Mar 3 06:06:01 2027 GMT Subject: CN=CCF3046988EE3C3607EB57D5CE25255A37D28C5B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:8d:a8:85:b2:da:d5:05:41:f6:3d:af:a5:06: 68:0d:ae:a6:c4:b0:19:63:f0:36:10:15:c9:f9:ee: 94:c1:2a:66:c5:6d:35:8a:d8:a6:ad:98:a9:99:52: da:ba:ab:15:16:e6:6e:cb:e9:34:fb:0d:7f:81:33: 10:b3:e2:a6:96:cb:07:b8:63:95:59:9b:aa:99:8d: 78:92:a2:9f:62:c1:0f:e0:08:7b:38:18:5b:6f:dd: 27:2a:c1:e7:1d:21:8c:74:1f:a9:e2:b6:cf:9e:bd: 54:db:6c:f1:1b:64:f0:d6:2d:a1:9c:3b:ea:52:a5: b3:23:86:f0:06:10:fc:44:34:dd:ba:7f:f2:16:50: 31:97:af:32:6c:61:b8:d3:ac:7a:f2:df:3e:fd:48: ec:05:84:b4:24:69:e7:01:72:9f:85:a2:34:20:7b: e8:22:69:ab:88:df:8d:f1:31:23:ae:99:ea:4a:a5: a0:3e:74:26:42:d7:82:f2:83:c8:c5:22:f9:2e:df: 96:6f:c9:21:db:59:31:94:2f:a2:85:d6:45:63:10: 79:b0:84:77:55:05:b9:93:c6:01:ec:91:9b:14:6d: 1b:ac:08:6e:01:7f:d6:4e:ca:70:0b:e6:2b:38:67: 46:fc:bc:dc:88:7d:b1:41:36:e2:78:f6:36:f8:34: 62:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:F3:04:69:88:EE:3C:36:07:EB:57:D5:CE:25:25:5A:37:D2:8C:5B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143442.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a318::/32 Signature Algorithm: sha256WithRSAEncryption 2a:5e:e3:65:30:68:fe:75:bd:a3:76:f8:89:12:be:00:e8:e1: 38:48:08:92:16:dc:d0:c6:84:ea:41:c4:4c:67:e3:fc:08:35: 00:bc:ac:56:8a:ff:67:2f:43:c9:68:2e:dd:bc:90:4a:57:7b: 79:a0:e7:ff:da:a3:e8:a3:9b:cc:9c:d2:05:cb:c4:10:e5:27: 59:a8:08:02:b4:20:be:ce:c3:8f:fe:00:f6:80:01:93:bf:84: 63:e9:0f:fd:86:8f:7a:a5:8b:27:62:93:29:05:d8:01:05:b7: 4c:75:07:3c:0c:73:bf:ff:a2:2b:68:bb:dd:fb:d1:be:7f:48: 89:86:b9:88:8b:aa:4e:bf:3e:af:10:8e:d1:b1:36:f2:fc:c6: 6d:fd:9c:d9:9c:db:36:c1:ed:7c:b1:65:d8:7d:14:61:a4:29: fd:fb:64:76:37:4e:6e:09:4c:ed:c8:bf:55:49:5b:77:a4:44: ad:85:8e:83:5f:54:7d:d9:3f:97:80:bd:e9:10:6f:10:6a:c0: 62:cd:e7:99:9b:92:24:65:96:d6:b0:9a:25:5f:76:fd:14:07: 6e:11:44:56:74:56:be:61:b4:58:8c:b7:72:f7:1e:cc:02:be: 35:57:a7:60:af:a3:b8:63:08:ef:32:f0:e8:dd:ff:25:bf:8c: c4:1b:75:b4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUOYyhJA4VPlgr/ifJzC8JcJGLeKAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEwMVoX DTI3MDMwMzA2MDYwMVowMzExMC8GA1UEAxMoQ0NGMzA0Njk4OEVFM0MzNjA3RUI1 N0Q1Q0UyNTI1NUEzN0QyOEM1QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOiNqIWy2tUFQfY9r6UGaA2upsSwGWPwNhAVyfnulMEqZsVtNYrYpq2YqZlS 2rqrFRbmbsvpNPsNf4EzELPippbLB7hjlVmbqpmNeJKin2LBD+AIezgYW2/dJyrB 5x0hjHQfqeK2z569VNts8Rtk8NYtoZw76lKlsyOG8AYQ/EQ03bp/8hZQMZevMmxh uNOsevLfPv1I7AWEtCRp5wFyn4WiNCB76CJpq4jfjfExI66Z6kqloD50JkLXgvKD yMUi+S7flm/JIdtZMZQvooXWRWMQebCEd1UFuZPGAeyRmxRtG6wIbgF/1k7KcAvm KzhnRvy83Ih9sUE24nj2Nvg0Yo8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTM8wRp iO48NgfrV9XOJSVaN9KMWzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQ0Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oxgwDQYJKoZIhvcNAQELBQADggEBACpe42UwaP51vaN2+IkSvgDo4ThICJIW3NDG hOpBxExn4/wINQC8rFaK/2cvQ8loLt28kEpXe3mg5//ao+ijm8yc0gXLxBDlJ1mo CAK0IL7Ow4/+APaAAZO/hGPpD/2Gj3qliydikykF2AEFt0x1BzwMc7//oitou937 0b5/SImGuYiLqk6/Pq8QjtGxNvL8xm39nNmc2zbB7XyxZdh9FGGkKf37ZHY3Tm4J TO3Iv1VJW3ekRK2FjoNfVH3ZP5eAvekQbxBqwGLN55mbkiRlltawmiVfdv0UB24R RFZ0Vr5htFiMt3L3HswCvjVXp2Cvo7hjCO8y8Ojd/yW/jMQbdbQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:18 2026 by rpki-client