$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143455.roa File: AS143455.roa (raw, json) Hash identifier: 7b+KW1CEiJyq1zj7JPGmFz1WhNHpQZX1Votl2Xejgt0= Subject key identifier: 08:D7:D1:B9:0F:1D:49:41:3B:AD:83:E1:E6:91:D6:F9:6B:FE:F7:30 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 32E8CC69E1CF40D59222B8E78B90CA8C247E97F4 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143455.roa Signing time: Wed 04 Mar 2026 06:07:07 +0000 ROA not before: Wed 04 Mar 2026 06:02:07 +0000 ROA not after: Wed 03 Mar 2027 06:07:07 +0000 asID: 143455 IP address blocks: 240a:a325::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:e8:cc:69:e1:cf:40:d5:92:22:b8:e7:8b:90:ca:8c:24:7e:97:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:07 2026 GMT Not After : Mar 3 06:07:07 2027 GMT Subject: CN=08D7D1B90F1D49413BAD83E1E691D6F96BFEF730 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:f2:29:b1:b8:10:41:a2:b1:a0:a6:8d:d3:6e: 4d:22:73:ba:18:23:2e:b7:03:ea:41:02:bf:16:63: 1e:c5:ec:00:d8:c0:5a:b3:2b:0b:c7:67:d9:08:18: ea:e3:5b:e6:d6:1a:e9:1f:7a:ca:88:cc:dd:ca:6a: b0:e7:8b:7b:be:c5:91:45:14:39:9f:b9:f6:2c:83: 2e:f8:38:73:b9:f3:9f:59:e4:9f:c6:f3:9b:d0:6f: 66:f4:d4:52:e5:36:d4:2e:30:09:10:5b:ff:36:ee: 8c:f0:f8:61:5d:39:5f:e5:ba:88:6c:3a:4b:3b:56: fd:bc:9c:9f:ec:85:70:9a:72:4f:d5:6b:8c:0f:9d: b5:75:06:52:63:29:ac:55:ed:0b:cc:80:c0:21:7f: cf:8a:47:95:e0:ce:86:23:7d:36:ca:4d:a4:ba:c1: 83:d7:35:fe:f9:41:36:f1:d2:61:08:91:91:ee:f5: 57:d2:7c:dc:2f:f3:3a:9c:4f:83:51:a4:39:ea:e5: 1b:1e:90:68:12:79:87:8d:0e:ab:52:8e:1e:5f:62: 97:8b:03:7f:8e:3e:36:ad:b5:47:e3:83:97:35:68: 0b:0e:09:64:6f:e5:7b:b6:a0:e2:2f:ce:7b:77:45: e6:02:83:6a:6a:d8:75:82:98:de:85:ea:4a:1f:89: 26:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:D7:D1:B9:0F:1D:49:41:3B:AD:83:E1:E6:91:D6:F9:6B:FE:F7:30 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143455.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a325::/32 Signature Algorithm: sha256WithRSAEncryption 29:d5:9b:c7:88:77:1f:1f:e0:7c:f4:66:b1:d2:14:68:bb:1a: cd:b2:43:17:a5:3c:19:d5:36:ef:07:bb:99:9c:83:26:95:f4: d8:05:3f:d0:5b:e1:be:89:1f:ee:fc:77:e1:83:68:1a:da:aa: 79:6c:5b:41:77:e2:1d:c7:e7:28:1a:6f:cb:4a:3c:97:2f:05: 0f:49:5a:45:01:dc:6b:7c:99:7b:7f:27:bd:bd:4e:de:e4:0b: a7:59:cd:31:60:0d:6e:29:78:6c:ef:69:be:18:6f:9b:82:87: 74:83:ff:b3:fe:e8:cd:ff:6d:2e:7a:04:c7:3f:3b:63:70:a6: ec:e4:4d:24:e3:8d:34:fe:31:07:db:79:0c:7e:54:69:50:85: f0:41:b7:19:50:87:1f:3a:6c:08:47:13:89:aa:09:58:28:63: 4d:2c:0f:b3:c4:47:a0:b5:42:1a:0a:44:86:4b:f0:f5:95:5d: 4b:26:fc:10:a1:90:a0:44:ab:8e:98:47:6e:d7:2f:11:06:3f: 5c:a6:be:1e:15:69:55:0e:7b:0c:a4:8a:3b:63:42:84:dc:ee: cc:37:b1:47:8f:5f:d2:1b:d7:cf:8c:53:98:46:c4:d2:b2:06: 4b:e0:21:13:49:20:ef:51:91:3f:7c:d3:22:8a:ab:ea:14:07: ee:f1:0f:66 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMujMaeHPQNWSIrjni5DKjCR+l/QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIwN1oX DTI3MDMwMzA2MDcwN1owMzExMC8GA1UEAxMoMDhEN0QxQjkwRjFENDk0MTNCQUQ4 M0UxRTY5MUQ2Rjk2QkZFRjczMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOjyKbG4EEGisaCmjdNuTSJzuhgjLrcD6kECvxZjHsXsANjAWrMrC8dn2QgY 6uNb5tYa6R96yojM3cpqsOeLe77FkUUUOZ+59iyDLvg4c7nzn1nkn8bzm9BvZvTU UuU21C4wCRBb/zbujPD4YV05X+W6iGw6SztW/bycn+yFcJpyT9VrjA+dtXUGUmMp rFXtC8yAwCF/z4pHleDOhiN9NspNpLrBg9c1/vlBNvHSYQiRke71V9J83C/zOpxP g1GkOerlGx6QaBJ5h40Oq1KOHl9il4sDf44+Nq21R+ODlzVoCw4JZG/le7ag4i/O e3dF5gKDamrYdYKY3oXqSh+JJn0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQI19G5 Dx1JQTutg+Hmkdb5a/73MDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQ1NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oyUwDQYJKoZIhvcNAQELBQADggEBACnVm8eIdx8f4Hz0ZrHSFGi7Gs2yQxelPBnV Nu8Hu5mcgyaV9NgFP9Bb4b6JH+78d+GDaBraqnlsW0F34h3H5ygab8tKPJcvBQ9J WkUB3Gt8mXt/J729Tt7kC6dZzTFgDW4peGzvab4Yb5uCh3SD/7P+6M3/bS56BMc/ O2NwpuzkTSTjjTT+MQfbeQx+VGlQhfBBtxlQhx86bAhHE4mqCVgoY00sD7PER6C1 QhoKRIZL8PWVXUsm/BChkKBEq46YR27XLxEGP1ymvh4VaVUOewykijtjQoTc7sw3 sUePX9Ib18+MU5hGxNKyBkvgIRNJIO9RkT980yKKq+oUB+7xD2Y= -----END CERTIFICATE-----Generated at Sat Mar 28 13:15:14 2026 by rpki-client