$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143443.roa File: AS143443.roa (raw, json) Hash identifier: JeE9Q295CzW4NK2UYUGBC3W5wVeDsMzNxcJnD4ecymI= Subject key identifier: EF:4B:24:9F:65:AB:EA:FA:54:CD:68:22:95:0E:E0:2C:D1:7E:62:E0 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2696E07B966902E70C00CE12249DDC108D669055 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143443.roa Signing time: Wed 04 Mar 2026 06:06:00 +0000 ROA not before: Wed 04 Mar 2026 06:01:00 +0000 ROA not after: Wed 03 Mar 2027 06:06:00 +0000 asID: 143443 IP address blocks: 240a:a319::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:96:e0:7b:96:69:02:e7:0c:00:ce:12:24:9d:dc:10:8d:66:90:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:00 2026 GMT Not After : Mar 3 06:06:00 2027 GMT Subject: CN=EF4B249F65ABEAFA54CD6822950EE02CD17E62E0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:52:78:f5:7e:19:77:92:e2:96:5e:38:8e:22: 77:95:72:93:c4:2e:2b:34:dc:d9:9b:70:bb:a7:a9: 49:61:03:ea:59:2c:27:0b:f9:71:f5:b9:77:18:e7: 54:4d:87:4d:8b:49:d7:b3:c8:13:f3:56:91:c4:74: 60:a8:e0:5e:72:72:bb:7b:98:36:00:57:c9:40:19: 29:b9:b3:e8:0b:dc:4e:e9:b1:25:11:fa:0d:6b:f1: 3e:48:e4:fe:c0:f4:8c:d0:6d:99:97:4b:f2:b5:0e: 93:ed:85:1c:55:ce:8c:fa:f4:b0:d9:a1:22:8e:95: 27:ae:a3:a6:81:32:11:38:e3:91:03:44:28:1b:47: bd:bd:99:70:e5:40:d8:e5:ae:9a:e7:7b:39:7e:f8: 56:65:6c:08:b0:63:b4:2e:3a:b9:97:c7:f1:86:fe: 1c:37:7e:d7:7d:2e:f1:87:3d:43:16:e7:8a:7a:d8: d9:28:35:f4:84:f2:8f:1c:d4:07:18:83:e7:ab:00: 1b:a5:b2:4f:9f:6d:50:7e:56:51:c0:21:77:03:c9: b8:64:85:e4:55:08:02:58:d1:8b:94:e2:5c:39:40: 67:90:a9:eb:fc:42:5a:07:51:4b:26:81:a9:ce:82: 6d:4d:3d:17:b4:e8:ff:06:a0:06:57:b0:9d:88:c0: 55:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:4B:24:9F:65:AB:EA:FA:54:CD:68:22:95:0E:E0:2C:D1:7E:62:E0 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143443.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a319::/32 Signature Algorithm: sha256WithRSAEncryption 99:f9:ec:78:6c:4f:e2:08:b5:e7:42:12:50:f7:56:20:1d:8e: 4d:01:bf:f2:e9:21:e6:4a:00:73:6b:ec:a7:de:6f:db:4a:de: 2f:79:6e:da:3b:ff:d8:a2:94:50:95:bd:2a:a9:3f:56:b9:fe: f2:c4:e0:34:29:f5:e2:c7:15:32:40:a3:f4:be:dd:3a:b2:13: 2e:37:67:98:4d:65:b9:73:d5:66:6d:b1:8a:67:44:fc:94:fa: 94:55:d2:62:9e:e4:36:f6:09:65:55:84:c1:53:d8:c1:b3:73: c1:ee:7e:ab:fd:ba:bc:39:57:a7:64:3e:be:c4:ce:82:91:6c: de:58:7f:82:d7:ef:01:4b:8c:5f:c3:d4:04:71:36:99:74:bb: 94:26:fe:4c:79:82:79:98:54:d3:50:f8:1c:c5:03:25:57:a9: 41:19:fe:3d:cd:0d:9c:a7:8e:91:1a:e3:62:04:ca:de:c6:79: 09:57:34:53:91:9c:c3:12:07:e6:47:f5:fa:8c:db:5f:1d:b4: 99:43:40:dc:0e:17:5c:28:ab:24:07:20:a4:a1:84:ab:68:4e: e1:8d:f4:82:11:ff:50:c9:b7:56:35:b1:ee:41:6f:db:f7:12: a3:6f:73:5c:95:0e:71:cf:26:08:e7:9b:07:68:6a:28:82:87: ef:4f:55:1f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJpbge5ZpAucMAM4SJJ3cEI1mkFUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEwMFoX DTI3MDMwMzA2MDYwMFowMzExMC8GA1UEAxMoRUY0QjI0OUY2NUFCRUFGQTU0Q0Q2 ODIyOTUwRUUwMkNEMTdFNjJFMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMlSePV+GXeS4pZeOI4id5Vyk8QuKzTc2Ztwu6epSWED6lksJwv5cfW5dxjn VE2HTYtJ17PIE/NWkcR0YKjgXnJyu3uYNgBXyUAZKbmz6AvcTumxJRH6DWvxPkjk /sD0jNBtmZdL8rUOk+2FHFXOjPr0sNmhIo6VJ66jpoEyETjjkQNEKBtHvb2ZcOVA 2OWumud7OX74VmVsCLBjtC46uZfH8Yb+HDd+130u8Yc9QxbninrY2Sg19ITyjxzU BxiD56sAG6WyT59tUH5WUcAhdwPJuGSF5FUIAljRi5TiXDlAZ5Cp6/xCWgdRSyaB qc6CbU09F7To/wagBlewnYjAVS8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTvSySf Zavq+lTNaCKVDuAs0X5i4DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQ0My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oxkwDQYJKoZIhvcNAQELBQADggEBAJn57HhsT+IItedCElD3ViAdjk0Bv/LpIeZK AHNr7Kfeb9tK3i95bto7/9iilFCVvSqpP1a5/vLE4DQp9eLHFTJAo/S+3TqyEy43 Z5hNZblz1WZtsYpnRPyU+pRV0mKe5Db2CWVVhMFT2MGzc8Hufqv9urw5V6dkPr7E zoKRbN5Yf4LX7wFLjF/D1ARxNpl0u5Qm/kx5gnmYVNNQ+BzFAyVXqUEZ/j3NDZyn jpEa42IEyt7GeQlXNFORnMMSB+ZH9fqM218dtJlDQNwOF1woqyQHIKShhKtoTuGN 9IIR/1DJt1Y1se5Bb9v3EqNvc1yVDnHPJgjnmwdoaiiCh+9PVR8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:48 2026 by rpki-client