$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143446.roa File: AS143446.roa (raw, json) Hash identifier: iZiOOTf48nuhO9yfAE7SgAbrZHBGQqDIvR+UVK6qdqw= Subject key identifier: AF:88:65:02:D9:EE:F9:13:28:75:C8:91:E5:D8:30:62:05:36:B6:64 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 665C2F49E9E3B97DE435DCB5B8AFEC69A0A062E6 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143446.roa Signing time: Wed 04 Mar 2026 06:06:20 +0000 ROA not before: Wed 04 Mar 2026 06:01:20 +0000 ROA not after: Wed 03 Mar 2027 06:06:20 +0000 asID: 143446 IP address blocks: 240a:a31c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:5c:2f:49:e9:e3:b9:7d:e4:35:dc:b5:b8:af:ec:69:a0:a0:62:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:20 2026 GMT Not After : Mar 3 06:06:20 2027 GMT Subject: CN=AF886502D9EEF9132875C891E5D830620536B664 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:4c:21:e2:6f:72:1d:25:70:b0:9c:39:84:57: 31:21:87:88:61:39:e2:72:be:0d:29:c4:f2:dd:58: d6:71:d3:8f:00:4b:64:e4:c8:4e:c5:31:b2:a5:4e: 83:88:ee:b3:63:02:05:94:a9:a5:65:63:a0:ea:2d: 52:38:24:bc:9a:7c:02:62:68:1a:57:5c:50:4a:5e: 79:ad:36:d3:15:e6:39:7c:a0:1d:c8:6d:ed:58:45: 50:1e:ae:db:5a:0d:b2:ed:d0:92:f1:4c:af:36:ef: 69:6b:a4:82:c6:a5:df:5d:6b:87:21:65:ce:1f:d8: ac:e4:bb:62:5d:e2:88:cb:d3:09:2f:53:a4:fd:58: af:37:3c:65:07:4e:83:9d:f6:14:28:92:2a:f0:18: 06:83:49:f6:cf:a6:93:5d:a2:a1:70:65:a0:36:2c: 1b:4e:a3:8c:de:f7:95:da:b2:f0:ef:b7:4e:ac:56: ab:81:26:d6:c8:c6:a1:d2:a9:39:bc:15:07:d4:cd: 3b:a5:b6:d7:72:51:67:8c:db:74:94:3f:ab:49:1e: 8d:17:b6:36:0e:4e:60:b3:24:dd:d5:ec:e9:ae:87: ef:b0:80:96:37:14:af:bc:b7:74:a6:af:ff:1d:18: 7b:b9:bf:35:2e:61:68:59:25:32:8b:71:13:ea:64: 13:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:88:65:02:D9:EE:F9:13:28:75:C8:91:E5:D8:30:62:05:36:B6:64 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143446.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a31c::/32 Signature Algorithm: sha256WithRSAEncryption 81:6f:6c:07:c6:ab:a6:91:9e:13:29:9b:0a:f6:71:8c:35:d4: 7a:59:07:9a:58:97:79:9f:89:14:d7:98:0e:43:c7:bb:e9:59: 9c:88:48:25:29:88:3f:75:5a:62:51:b4:26:0f:d6:09:c5:c6: fb:c2:6e:17:fd:07:db:9f:6d:45:71:51:32:7e:ce:44:86:db: 0d:b1:e6:19:79:84:cf:05:6a:f3:a2:a9:54:ee:0d:46:63:e8: 68:ca:53:9b:76:24:05:f8:e1:b2:ea:17:91:81:11:4c:b3:d1: 10:37:ff:1e:8c:5a:94:6e:09:de:0e:1f:7a:90:7a:ad:ef:95: 08:ed:24:d1:05:da:8c:c5:bc:e8:f6:2e:5a:1d:fe:e7:7e:5a: d7:91:7c:47:4a:69:9b:f1:05:20:f5:6a:37:1f:d4:c3:e4:83: 17:0e:46:ad:80:42:79:38:64:17:28:ac:9f:52:86:11:31:e8: 2a:07:07:6c:2a:9b:13:93:d8:0d:11:38:c0:de:46:3a:4c:be: f8:e1:8b:b8:00:f3:b5:c6:1b:93:f9:fa:cd:9f:e6:1c:2f:12: 70:f1:27:6f:dc:d2:61:c5:ec:f1:3e:c1:3d:77:6b:66:58:bc: 08:2a:d1:d7:1d:32:ba:f5:42:f9:10:a1:82:4b:8d:be:1c:89: 2c:f6:10:7c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZlwvSenjuX3kNdy1uK/saaCgYuYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEyMFoX DTI3MDMwMzA2MDYyMFowMzExMC8GA1UEAxMoQUY4ODY1MDJEOUVFRjkxMzI4NzVD ODkxRTVEODMwNjIwNTM2QjY2NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKRMIeJvch0lcLCcOYRXMSGHiGE54nK+DSnE8t1Y1nHTjwBLZOTITsUxsqVO g4jus2MCBZSppWVjoOotUjgkvJp8AmJoGldcUEpeea020xXmOXygHcht7VhFUB6u 21oNsu3QkvFMrzbvaWukgsal311rhyFlzh/YrOS7Yl3iiMvTCS9TpP1Yrzc8ZQdO g532FCiSKvAYBoNJ9s+mk12ioXBloDYsG06jjN73ldqy8O+3TqxWq4Em1sjGodKp ObwVB9TNO6W213JRZ4zbdJQ/q0kejRe2Ng5OYLMk3dXs6a6H77CAljcUr7y3dKav /x0Ye7m/NS5haFklMotxE+pkE18CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSviGUC 2e75Eyh1yJHl2DBiBTa2ZDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQ0Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oxwwDQYJKoZIhvcNAQELBQADggEBAIFvbAfGq6aRnhMpmwr2cYw11HpZB5pYl3mf iRTXmA5Dx7vpWZyISCUpiD91WmJRtCYP1gnFxvvCbhf9B9ufbUVxUTJ+zkSG2w2x 5hl5hM8FavOiqVTuDUZj6GjKU5t2JAX44bLqF5GBEUyz0RA3/x6MWpRuCd4OH3qQ eq3vlQjtJNEF2ozFvOj2Llod/ud+WteRfEdKaZvxBSD1ajcf1MPkgxcORq2AQnk4 ZBcorJ9ShhEx6CoHB2wqmxOT2A0ROMDeRjpMvvjhi7gA87XGG5P5+s2f5hwvEnDx J2/c0mHF7PE+wT13a2ZYvAgq0dcdMrr1QvkQoYJLjb4ciSz2EHw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:07 2026 by rpki-client