$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143463.roa File: AS143463.roa (raw, json) Hash identifier: Qq0p83FdNfE1NPxI5GlzUjgj+AAerLkTaNFPAkcjGaw= Subject key identifier: 87:4F:DD:58:50:17:2A:D6:43:71:8A:3E:DD:00:6F:BF:A7:E0:D5:6A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 427F84B8FBEBC4003110C1EB7119526F6D2D52CF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143463.roa Signing time: Wed 04 Mar 2026 06:06:00 +0000 ROA not before: Wed 04 Mar 2026 06:01:00 +0000 ROA not after: Wed 03 Mar 2027 06:06:00 +0000 asID: 143463 IP address blocks: 240a:a32d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:7f:84:b8:fb:eb:c4:00:31:10:c1:eb:71:19:52:6f:6d:2d:52:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:00 2026 GMT Not After : Mar 3 06:06:00 2027 GMT Subject: CN=874FDD5850172AD643718A3EDD006FBFA7E0D56A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:a2:e0:16:0e:a8:de:58:9b:f3:d1:92:84:f8: dd:37:a1:9f:ce:d7:21:19:c4:54:0c:a4:31:5f:36: 10:88:35:5b:76:26:e1:b2:1e:5a:15:82:5c:3f:08: 93:21:fd:11:96:3a:7f:b5:49:69:97:0c:36:6b:dc: 2b:0f:6b:5a:44:bf:4d:a8:1d:ae:97:42:da:ca:35: 5c:4a:c1:e8:9a:f3:31:60:c4:27:05:64:a5:d5:7c: 26:a8:8f:5b:3e:ce:62:0e:00:1d:fd:18:d2:2a:6f: c2:b6:d4:0c:5f:eb:07:e0:c3:0b:72:6f:fe:da:65: 6d:52:ee:85:f1:38:8e:15:28:1b:06:ee:5c:d4:bb: 09:e0:48:d9:07:a9:c6:f9:74:fa:5e:7a:e2:27:66: 51:78:34:f9:95:f1:a0:d4:2c:c6:3d:3d:42:e6:f7: 22:d0:82:fa:11:d7:af:19:d3:1f:01:01:36:c9:98: 9d:a1:c4:4d:a1:91:bd:fd:d9:33:58:20:bf:45:53: 50:f3:6a:3a:4d:1b:4b:22:a5:1d:c7:fe:92:19:ee: 9e:74:7c:ad:a7:03:bd:5b:f3:d7:00:c3:05:5a:af: 90:ef:7d:6c:0e:c7:86:08:c9:84:61:56:9c:31:62: fa:09:bb:da:89:ad:2d:40:21:ca:76:bb:44:27:dc: 5c:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:4F:DD:58:50:17:2A:D6:43:71:8A:3E:DD:00:6F:BF:A7:E0:D5:6A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143463.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a32d::/32 Signature Algorithm: sha256WithRSAEncryption a5:e9:49:26:81:81:67:7a:6c:db:79:ca:4a:c8:b0:a0:21:87: 94:03:bc:33:8c:49:cc:28:68:63:15:bd:54:7d:fd:45:31:62: 18:94:01:68:35:57:5c:2a:df:3e:79:e3:3c:af:0f:d6:86:fc: 33:50:11:8c:55:a3:f3:9d:97:0d:e9:81:c8:23:c1:2d:b7:c3: fd:8a:23:ce:1f:52:51:4a:30:56:30:58:19:86:3d:d5:5d:0e: ce:5d:1d:ad:6e:78:84:69:d5:c9:ed:40:65:80:f1:38:c8:20: aa:13:ba:93:9f:24:f2:a8:94:2c:44:b1:82:23:81:6e:66:a7: 54:0e:74:30:9c:af:12:7f:07:2f:98:e8:06:ab:50:97:59:35: 80:98:b9:ca:00:73:ce:2c:a8:68:4f:98:48:13:4a:c4:ee:c0: aa:52:e9:17:54:df:69:57:c2:27:fc:87:13:46:9d:64:f4:5d: a1:33:1e:72:e8:c6:a7:10:d5:83:a3:aa:fc:06:5d:79:9a:58: 3d:13:dc:27:07:59:83:2c:ff:e3:b4:3f:4c:2f:43:83:89:99: 2d:f1:97:22:5e:4c:53:4b:3b:90:a1:58:da:7f:63:6f:d7:0f: a2:60:b4:90:85:a3:45:39:8d:e2:74:55:c4:66:00:a6:72:88: f2:92:6a:51 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQn+EuPvrxAAxEMHrcRlSb20tUs8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEwMFoX DTI3MDMwMzA2MDYwMFowMzExMC8GA1UEAxMoODc0RkRENTg1MDE3MkFENjQzNzE4 QTNFREQwMDZGQkZBN0UwRDU2QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOui4BYOqN5Ym/PRkoT43Tehn87XIRnEVAykMV82EIg1W3Ym4bIeWhWCXD8I kyH9EZY6f7VJaZcMNmvcKw9rWkS/TagdrpdC2so1XErB6JrzMWDEJwVkpdV8JqiP Wz7OYg4AHf0Y0ipvwrbUDF/rB+DDC3Jv/tplbVLuhfE4jhUoGwbuXNS7CeBI2Qep xvl0+l564idmUXg0+ZXxoNQsxj09Qub3ItCC+hHXrxnTHwEBNsmYnaHETaGRvf3Z M1ggv0VTUPNqOk0bSyKlHcf+khnunnR8racDvVvz1wDDBVqvkO99bA7HhgjJhGFW nDFi+gm72omtLUAhyna7RCfcXIUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSHT91Y UBcq1kNxij7dAG+/p+DVajAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQ2My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oy0wDQYJKoZIhvcNAQELBQADggEBAKXpSSaBgWd6bNt5ykrIsKAhh5QDvDOMScwo aGMVvVR9/UUxYhiUAWg1V1wq3z554zyvD9aG/DNQEYxVo/Odlw3pgcgjwS23w/2K I84fUlFKMFYwWBmGPdVdDs5dHa1ueIRp1cntQGWA8TjIIKoTupOfJPKolCxEsYIj gW5mp1QOdDCcrxJ/By+Y6AarUJdZNYCYucoAc84sqGhPmEgTSsTuwKpS6RdU32lX wif8hxNGnWT0XaEzHnLoxqcQ1YOjqvwGXXmaWD0T3CcHWYMs/+O0P0wvQ4OJmS3x lyJeTFNLO5ChWNp/Y2/XD6JgtJCFo0U5jeJ0VcRmAKZyiPKSalE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:35 2026 by rpki-client