$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143453.roa File: AS143453.roa (raw, json) Hash identifier: 8J6nuV8514oGM2XNhBVhnk5iIEZUv2v1LEmXQMNHnjI= Subject key identifier: 5A:01:20:AF:9C:53:79:49:B9:91:7B:87:19:3E:C1:DE:72:10:05:A2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 10CD5C63A70133FE22CC7DE3AC715A712A87109D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143453.roa Signing time: Wed 04 Mar 2026 06:05:40 +0000 ROA not before: Wed 04 Mar 2026 06:00:40 +0000 ROA not after: Wed 03 Mar 2027 06:05:40 +0000 asID: 143453 IP address blocks: 240a:a323::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:cd:5c:63:a7:01:33:fe:22:cc:7d:e3:ac:71:5a:71:2a:87:10:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:40 2026 GMT Not After : Mar 3 06:05:40 2027 GMT Subject: CN=5A0120AF9C537949B9917B87193EC1DE721005A2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:bc:bc:c7:85:50:8c:76:48:20:e5:94:e9:7e: 18:e0:2c:02:06:50:a7:d5:e3:67:60:85:87:d7:7c: 42:8c:8a:38:a2:d3:8d:7d:20:2e:b0:60:c5:9c:2c: 15:76:92:b1:34:93:59:c0:2d:a5:4f:95:72:ed:a2: 1c:b2:13:a6:4f:52:12:a9:33:b6:30:7d:5a:ee:fe: a4:8e:71:09:82:29:17:82:35:5d:95:84:0f:91:39: e1:72:c3:10:4a:1a:b0:a6:5d:96:49:48:19:8c:f2: 03:0a:f8:9c:ee:40:d2:05:bd:5c:fa:74:f4:48:88: d6:f6:8a:7b:72:df:35:c9:b6:3d:7b:7c:06:3c:15: ff:2b:4d:4a:d4:68:81:a5:b5:d4:90:8b:af:14:9d: 95:36:f9:df:5f:ea:51:0d:07:9f:1f:52:da:4b:da: 5d:f6:57:a6:ec:9d:3f:70:1c:1d:47:17:05:f7:bb: ab:15:33:bb:6d:fa:f4:6b:8d:d3:70:8e:0c:8f:bf: fc:fd:c3:8c:5d:44:c8:ca:b1:81:38:b0:ea:65:bf: 50:f8:0b:7b:82:22:6f:3f:70:d5:1a:1e:02:2c:b0: 52:e4:9e:e5:8e:5a:55:1c:21:2f:c5:e2:48:2b:6d: 47:95:5e:49:83:23:bd:e2:62:5d:08:bd:91:13:b9: 24:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:01:20:AF:9C:53:79:49:B9:91:7B:87:19:3E:C1:DE:72:10:05:A2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143453.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a323::/32 Signature Algorithm: sha256WithRSAEncryption 77:ee:fc:72:76:a9:e1:cc:f0:76:bf:69:6f:8b:52:83:d1:a8: 02:a3:b1:cd:54:cf:04:a2:28:d3:71:a9:9f:e7:dc:50:8d:95: ba:67:8d:11:a9:6f:2d:96:45:94:bd:68:f3:80:56:ab:61:ed: e2:6b:08:f0:f0:7e:d9:73:f5:5b:4f:0e:6e:e2:63:ed:90:fb: c2:eb:c0:74:a2:2c:aa:36:11:96:bb:02:ec:2f:4b:a3:99:76: 96:a6:44:37:85:0a:e2:fb:1b:03:5d:ce:50:43:59:cf:7c:89: 1a:7b:06:d9:f1:f7:54:31:a3:6d:fa:a3:5a:41:9f:fc:43:31: 03:3e:a0:73:ff:74:65:83:e8:4b:23:f2:95:c8:28:48:1f:6f: 61:04:ab:bb:e9:db:8c:d5:58:cb:37:aa:7a:ea:bf:aa:44:36: 1a:b0:fb:56:b3:30:be:7e:b0:1d:50:14:4b:ac:7c:4c:3a:3f: c0:62:fb:57:e2:a3:be:18:de:9a:14:69:ca:cc:cf:d7:03:17: df:21:ae:66:c2:2c:c9:14:1e:74:20:77:70:6d:de:d7:4a:f9: cc:25:ef:49:19:55:ab:c1:ed:bb:dc:cf:46:e4:23:fe:3a:14: e1:10:59:ea:e7:57:b9:8b:7b:f4:e3:31:e1:e2:cf:3d:d6:36: 55:5e:26:9c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUEM1cY6cBM/4izH3jrHFacSqHEJ0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA0MFoX DTI3MDMwMzA2MDU0MFowMzExMC8GA1UEAxMoNUEwMTIwQUY5QzUzNzk0OUI5OTE3 Qjg3MTkzRUMxREU3MjEwMDVBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALK8vMeFUIx2SCDllOl+GOAsAgZQp9XjZ2CFh9d8QoyKOKLTjX0gLrBgxZws FXaSsTSTWcAtpU+Vcu2iHLITpk9SEqkztjB9Wu7+pI5xCYIpF4I1XZWED5E54XLD EEoasKZdlklIGYzyAwr4nO5A0gW9XPp09EiI1vaKe3LfNcm2PXt8BjwV/ytNStRo gaW11JCLrxSdlTb531/qUQ0Hnx9S2kvaXfZXpuydP3AcHUcXBfe7qxUzu2369GuN 03CODI+//P3DjF1EyMqxgTiw6mW/UPgLe4Iibz9w1RoeAiywUuSe5Y5aVRwhL8Xi SCttR5VeSYMjveJiXQi9kRO5JNUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRaASCv nFN5SbmRe4cZPsHechAFojAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQ1My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oyMwDQYJKoZIhvcNAQELBQADggEBAHfu/HJ2qeHM8Ha/aW+LUoPRqAKjsc1UzwSi KNNxqZ/n3FCNlbpnjRGpby2WRZS9aPOAVqth7eJrCPDwftlz9VtPDm7iY+2Q+8Lr wHSiLKo2EZa7AuwvS6OZdpamRDeFCuL7GwNdzlBDWc98iRp7Btnx91Qxo236o1pB n/xDMQM+oHP/dGWD6Esj8pXIKEgfb2EEq7vp24zVWMs3qnrqv6pENhqw+1azML5+ sB1QFEusfEw6P8Bi+1fio74Y3poUacrMz9cDF98hrmbCLMkUHnQgd3Bt3tdK+cwl 70kZVavB7bvcz0bkI/46FOEQWernV7mLe/TjMeHizz3WNlVeJpw= -----END CERTIFICATE-----Generated at Sat Mar 28 13:06:17 2026 by rpki-client