$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143458.roa File: AS143458.roa (raw, json) Hash identifier: 6/M5hxMvOnLUaOyr8ZwsxBiYyeAQdfdzI40fxRJ+bXo= Subject key identifier: 3F:89:33:54:C4:15:75:FE:5E:2A:43:08:3E:EF:5A:31:74:83:B6:F0 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1A29B284553ECC64DC61CFC8C3B358BFBBF0DA0C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143458.roa Signing time: Wed 04 Mar 2026 06:06:34 +0000 ROA not before: Wed 04 Mar 2026 06:01:34 +0000 ROA not after: Wed 03 Mar 2027 06:06:34 +0000 asID: 143458 IP address blocks: 240a:a328::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:29:b2:84:55:3e:cc:64:dc:61:cf:c8:c3:b3:58:bf:bb:f0:da:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:34 2026 GMT Not After : Mar 3 06:06:34 2027 GMT Subject: CN=3F893354C41575FE5E2A43083EEF5A317483B6F0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:74:77:53:ad:da:83:a4:e0:01:49:67:96:ca: ee:40:43:1a:9f:0b:56:8d:1e:86:5f:f2:76:e3:47: da:97:87:ad:ef:32:85:34:76:dc:25:a4:7e:36:42: 0a:25:c6:d4:31:47:da:35:0f:a2:54:1e:51:61:07: 6d:4f:92:fd:f8:4a:a3:24:11:bf:06:66:95:59:0c: 76:a6:3f:89:d5:26:dc:96:68:cd:37:df:47:88:7d: bc:15:bb:83:4d:da:14:2d:f7:0e:f7:dc:81:62:90: 82:4a:0d:ab:17:4f:03:55:1b:15:24:80:cd:2c:75: 2b:ab:11:f9:70:9c:84:b9:3d:0d:9b:06:4d:e1:30: 81:16:1f:ad:2e:2c:34:4e:c8:ee:52:03:fb:c5:e8: 95:d0:9c:ff:1d:de:dc:7c:b5:b3:22:ea:3e:d4:97: 88:55:b0:1c:7a:fb:6b:2c:1e:fe:7c:43:4e:f7:b5: 24:cf:fa:4a:5d:04:73:74:e3:fd:6a:b1:1a:09:a4: 49:31:6e:07:b3:cd:1f:af:7d:f0:53:20:f6:a8:78: 54:82:82:bd:c1:a9:bd:fa:ab:68:10:b5:62:9a:29: ba:13:a6:a2:d7:c0:2e:40:2d:dd:5b:44:6c:ac:37: 48:f5:d6:07:ac:9e:c1:80:4a:59:20:c8:98:c0:4f: b5:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:89:33:54:C4:15:75:FE:5E:2A:43:08:3E:EF:5A:31:74:83:B6:F0 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143458.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a328::/32 Signature Algorithm: sha256WithRSAEncryption 90:12:66:bc:9f:5d:17:68:2c:77:40:98:4f:aa:1d:ec:76:9c: 17:28:c7:63:c7:85:cf:98:4a:ca:b3:a6:82:c0:7f:61:c6:95: ef:a9:fe:ee:69:26:e2:02:f7:de:33:24:c6:47:e7:da:69:8c: b0:02:2e:f6:65:94:0a:37:42:47:95:25:1d:ae:3a:58:48:6d: 25:91:10:f5:40:ec:3a:26:71:27:1c:53:e8:f5:fc:7c:3d:8e: 02:d7:a6:21:df:50:72:91:e9:fe:e3:ec:d6:3b:2d:4d:2b:42: 04:79:38:e8:cc:59:ec:98:45:75:0e:8c:cb:b2:19:b6:a4:39: 3a:f6:ce:44:59:5a:17:a6:07:64:a9:f4:15:ba:35:31:26:ba: ac:f8:f4:f9:74:60:79:52:2d:f9:f6:76:79:60:99:f0:0b:27: 5c:cd:0f:63:f5:0c:a1:a3:3e:2e:4a:d3:d7:ce:0c:1f:a3:cb: d8:83:32:1c:6e:df:52:a6:66:3b:1a:3c:b8:12:a7:ab:9e:91: 59:1e:43:25:4f:35:0e:04:ba:52:d2:05:81:4e:95:a8:7f:c6: 81:5e:d5:38:04:92:02:3d:65:57:44:c7:09:cd:4c:2b:f6:52: cf:a1:85:25:83:7e:54:b9:ae:e4:06:84:11:a2:32:b9:ac:dc: 4a:7f:27:53 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUGimyhFU+zGTcYc/Iw7NYv7vw2gwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEzNFoX DTI3MDMwMzA2MDYzNFowMzExMC8GA1UEAxMoM0Y4OTMzNTRDNDE1NzVGRTVFMkE0 MzA4M0VFRjVBMzE3NDgzQjZGMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK90d1Ot2oOk4AFJZ5bK7kBDGp8LVo0ehl/yduNH2peHre8yhTR23CWkfjZC CiXG1DFH2jUPolQeUWEHbU+S/fhKoyQRvwZmlVkMdqY/idUm3JZozTffR4h9vBW7 g03aFC33DvfcgWKQgkoNqxdPA1UbFSSAzSx1K6sR+XCchLk9DZsGTeEwgRYfrS4s NE7I7lID+8XoldCc/x3e3Hy1syLqPtSXiFWwHHr7aywe/nxDTve1JM/6Sl0Ec3Tj /WqxGgmkSTFuB7PNH6998FMg9qh4VIKCvcGpvfqraBC1YpopuhOmotfALkAt3VtE bKw3SPXWB6yewYBKWSDImMBPta8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ/iTNU xBV1/l4qQwg+71oxdIO28DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQ1OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oygwDQYJKoZIhvcNAQELBQADggEBAJASZryfXRdoLHdAmE+qHex2nBcox2PHhc+Y SsqzpoLAf2HGle+p/u5pJuIC994zJMZH59ppjLACLvZllAo3QkeVJR2uOlhIbSWR EPVA7DomcSccU+j1/Hw9jgLXpiHfUHKR6f7j7NY7LU0rQgR5OOjMWeyYRXUOjMuy GbakOTr2zkRZWhemB2Sp9BW6NTEmuqz49Pl0YHlSLfn2dnlgmfALJ1zND2P1DKGj Pi5K09fODB+jy9iDMhxu31KmZjsaPLgSp6uekVkeQyVPNQ4EulLSBYFOlah/xoFe 1TgEkgI9ZVdExwnNTCv2Us+hhSWDflS5ruQGhBGiMrms3Ep/J1M= -----END CERTIFICATE-----Generated at Sat Mar 28 13:15:18 2026 by rpki-client