$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143457.roa File: AS143457.roa (raw, json) Hash identifier: IWRqkO2qvQvLPN5nBi1FJSIYi9HrTI2VfKVRD8n5n1E= Subject key identifier: 47:A1:D4:7C:CC:93:5D:A9:81:11:CD:06:ED:44:DA:73:BD:E9:D2:BE Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 650564A20054F7378AE23AE44752DE72D64F68E4 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143457.roa Signing time: Wed 04 Mar 2026 06:08:01 +0000 ROA not before: Wed 04 Mar 2026 06:03:01 +0000 ROA not after: Wed 03 Mar 2027 06:08:01 +0000 asID: 143457 IP address blocks: 240a:a327::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:05:64:a2:00:54:f7:37:8a:e2:3a:e4:47:52:de:72:d6:4f:68:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:03:01 2026 GMT Not After : Mar 3 06:08:01 2027 GMT Subject: CN=47A1D47CCC935DA98111CD06ED44DA73BDE9D2BE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:3a:9d:9e:89:a0:8b:0b:a2:b6:be:72:33:f8: 17:ec:bf:aa:f0:87:a3:02:8b:4c:6c:4a:02:90:a4: c8:65:8a:58:da:16:04:42:e6:70:93:59:2b:93:6e: 3a:09:8d:e3:25:04:26:b4:93:31:59:b7:c6:55:55: 3a:0b:39:93:f6:af:13:d5:75:c3:4f:34:8b:a4:83: 29:45:d7:34:1c:2c:76:5f:9e:b1:ee:58:48:e5:ba: 1e:b5:5a:f8:cc:d0:50:9a:cc:53:92:ed:59:c0:3b: 43:b6:3d:45:10:8a:5f:79:ec:28:c6:d6:dc:49:c6: 57:d6:c4:ce:ce:aa:91:73:b3:33:5c:0c:20:11:22: 4d:a8:a0:9e:6e:55:8b:78:34:85:57:27:8f:cb:52: c3:da:85:6a:fc:56:3e:42:01:d4:7a:e0:70:fe:c3: 16:b1:4d:84:25:26:f7:90:31:6b:9f:e4:9c:9e:46: 45:82:af:07:07:54:f0:47:ea:a3:0a:01:5c:c8:f2: aa:c1:c0:a7:a4:67:f9:89:51:e3:6e:20:34:1e:7d: e2:23:cb:49:89:e9:07:a7:25:ca:20:f2:9f:3e:4b: 9d:d3:3b:17:50:ea:07:95:8a:ad:43:08:a0:9e:d9: 82:6e:01:f5:fb:6e:32:dc:70:f0:63:d2:c8:3e:a0: 14:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:A1:D4:7C:CC:93:5D:A9:81:11:CD:06:ED:44:DA:73:BD:E9:D2:BE X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143457.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a327::/32 Signature Algorithm: sha256WithRSAEncryption c6:5a:80:31:5d:cb:79:bf:29:3a:8d:35:35:89:7d:54:17:5e: ea:60:e3:cb:1d:8c:3a:5e:ed:d1:ac:33:be:0e:52:fb:c1:a9: 15:69:0d:15:59:83:40:ca:13:bb:02:81:c0:a5:17:cf:de:19: 7e:b5:bb:e6:e9:34:13:f4:77:8c:9d:ef:ab:8c:22:54:7b:91: cc:1a:0c:79:65:a5:bf:c5:93:26:36:eb:c4:f7:81:3b:cf:b7: 1b:55:b4:e9:67:02:7e:79:f2:67:ce:26:8b:ae:b1:2c:3d:95: bd:84:a3:2c:0e:e3:d2:d6:0a:1a:e2:6b:2e:9d:4f:c6:0e:5e: 2b:54:a7:cb:76:91:90:35:01:3f:6f:f9:56:7e:f8:70:95:92: 6e:2e:6d:4a:63:97:8e:0d:cf:04:63:f1:4c:69:77:bd:11:92: a7:9b:fe:41:45:e6:e5:1a:ab:20:7c:e9:da:37:b2:e4:42:01: 3a:8f:8b:62:9a:75:c1:02:f6:43:91:f4:90:c1:a5:d8:f9:0e: d3:95:22:19:4c:3c:2c:b9:95:87:6b:70:be:21:48:c7:ad:bd: 13:e0:f5:52:18:bd:10:36:d1:c8:f6:68:e5:50:f8:f9:e4:46: 13:70:3f:af:8d:19:04:5f:6a:15:4f:f4:82:7b:9c:d4:1f:8a: bd:6a:c7:f6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZQVkogBU9zeK4jrkR1LectZPaOQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDMwMVoX DTI3MDMwMzA2MDgwMVowMzExMC8GA1UEAxMoNDdBMUQ0N0NDQzkzNURBOTgxMTFD RDA2RUQ0NERBNzNCREU5RDJCRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMs6nZ6JoIsLora+cjP4F+y/qvCHowKLTGxKApCkyGWKWNoWBELmcJNZK5Nu OgmN4yUEJrSTMVm3xlVVOgs5k/avE9V1w080i6SDKUXXNBwsdl+ese5YSOW6HrVa +MzQUJrMU5LtWcA7Q7Y9RRCKX3nsKMbW3EnGV9bEzs6qkXOzM1wMIBEiTaignm5V i3g0hVcnj8tSw9qFavxWPkIB1HrgcP7DFrFNhCUm95Axa5/knJ5GRYKvBwdU8Efq owoBXMjyqsHAp6Rn+YlR424gNB594iPLSYnpB6clyiDynz5LndM7F1DqB5WKrUMI oJ7Zgm4B9ftuMtxw8GPSyD6gFN0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRHodR8 zJNdqYERzQbtRNpzvenSvjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQ1Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oycwDQYJKoZIhvcNAQELBQADggEBAMZagDFdy3m/KTqNNTWJfVQXXupg48sdjDpe 7dGsM74OUvvBqRVpDRVZg0DKE7sCgcClF8/eGX61u+bpNBP0d4yd76uMIlR7kcwa DHllpb/FkyY268T3gTvPtxtVtOlnAn558mfOJouusSw9lb2EoywO49LWChriay6d T8YOXitUp8t2kZA1AT9v+VZ++HCVkm4ubUpjl44NzwRj8Uxpd70Rkqeb/kFF5uUa qyB86do3suRCATqPi2KadcEC9kOR9JDBpdj5DtOVIhlMPCy5lYdrcL4hSMetvRPg 9VIYvRA20cj2aOVQ+PnkRhNwP6+NGQRfahVP9IJ7nNQfir1qx/Y= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:09 2026 by rpki-client