$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143467.roa File: AS143467.roa (raw, json) Hash identifier: sqLK0l9ryy+SUT0o8ZQzcXyHk3Sovo99wElRKm+sQnk= Subject key identifier: 76:C4:D2:34:A0:05:47:CB:21:A9:F4:FF:C1:81:8E:5E:8E:A8:1C:81 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5B10217C584FA40B6209DB5381DB3034450860BE Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143467.roa Signing time: Wed 04 Mar 2026 06:05:21 +0000 ROA not before: Wed 04 Mar 2026 06:00:21 +0000 ROA not after: Wed 03 Mar 2027 06:05:21 +0000 asID: 143467 IP address blocks: 240a:a331::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:10:21:7c:58:4f:a4:0b:62:09:db:53:81:db:30:34:45:08:60:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:21 2026 GMT Not After : Mar 3 06:05:21 2027 GMT Subject: CN=76C4D234A00547CB21A9F4FFC1818E5E8EA81C81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:ab:d6:b2:f1:60:3a:65:3e:5f:4b:a4:19:9a: 1d:f7:9b:54:99:e0:41:4e:4a:26:a1:5d:b7:2c:71: 3b:29:93:f2:58:5e:8a:22:94:3d:84:d7:e4:9a:6d: ae:58:3a:4b:8e:f8:bd:6e:bb:51:c0:51:c6:54:dc: ef:0e:c2:2b:c9:55:05:de:af:0f:ae:8a:48:ac:b5: 79:dc:b2:b2:b6:a8:52:5d:c0:e9:46:1d:6c:3f:0c: 2c:dd:36:78:0f:94:a1:cb:6e:38:41:85:9b:0b:1e: 1c:2e:3a:6b:1d:83:d6:84:f1:c6:d5:94:97:f9:c8: 9e:a4:0a:5c:04:ca:56:de:06:d8:27:1b:db:93:3d: fb:81:65:1f:96:5c:f9:f9:d2:23:6a:9f:8a:e1:49: 33:97:d0:f2:57:84:67:47:b5:c2:fa:c0:4a:3f:96: cb:e1:a8:00:fb:83:e6:ab:1f:7c:6b:22:dd:7f:8e: 50:c1:9a:c1:d1:f4:4d:12:66:bb:1b:d0:40:24:ed: d1:77:78:20:c9:6e:2f:f5:6e:92:4d:52:e6:ac:67: 0a:b1:ae:36:70:96:aa:44:44:7c:c0:5f:9e:ab:34: 9b:2f:33:61:5b:9f:88:0f:ba:de:b5:0b:65:45:c1: 57:59:90:9f:ad:b1:7b:e2:86:23:6c:b4:8a:02:97: 87:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:C4:D2:34:A0:05:47:CB:21:A9:F4:FF:C1:81:8E:5E:8E:A8:1C:81 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143467.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a331::/32 Signature Algorithm: sha256WithRSAEncryption c5:dd:f0:ad:a9:48:83:66:41:73:6d:67:e8:83:43:35:a8:15: f7:de:60:61:eb:1e:9c:41:90:02:da:34:eb:d4:3d:1a:7b:f4: 1a:00:21:0f:0f:2c:fd:51:de:8a:57:9c:d5:fd:81:4a:9f:f4: 18:31:e2:c6:32:eb:c2:90:4b:b8:0e:ce:0b:ac:b2:eb:ef:69: fb:99:cf:87:19:bf:83:4a:96:e5:24:af:cd:0c:28:8a:d4:13: 0a:be:9c:97:a8:1e:de:14:83:b2:f1:cc:3f:77:06:9b:ee:10: 25:09:12:86:de:34:09:bb:70:4e:5d:93:da:50:ea:1e:dd:32: b5:d3:4e:95:ed:f1:5d:6b:85:7f:d1:4b:b0:6a:17:2f:27:e1: b3:62:2f:ad:37:2a:94:f7:c1:66:99:c3:51:8a:fe:79:0b:cc: d7:22:a4:bf:16:35:3d:f4:07:2f:9a:71:b5:1c:b4:d4:52:4d: 31:c0:c7:d9:5b:e0:df:fa:0f:7e:63:fd:33:5e:da:68:eb:6c: c9:77:05:9d:05:62:bc:7b:4c:c4:4c:c6:e5:eb:0f:3b:16:ea: 0f:ce:0b:28:8c:74:51:23:3f:24:7f:7d:b4:d3:ea:b7:a7:fd: 59:68:53:3e:43:55:b2:34:23:e2:e3:5b:75:19:ae:9a:31:f4: ad:16:51:91 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWxAhfFhPpAtiCdtTgdswNEUIYL4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAyMVoX DTI3MDMwMzA2MDUyMVowMzExMC8GA1UEAxMoNzZDNEQyMzRBMDA1NDdDQjIxQTlG NEZGQzE4MThFNUU4RUE4MUM4MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMKr1rLxYDplPl9LpBmaHfebVJngQU5KJqFdtyxxOymT8lheiiKUPYTX5Jpt rlg6S474vW67UcBRxlTc7w7CK8lVBd6vD66KSKy1edyysraoUl3A6UYdbD8MLN02 eA+UoctuOEGFmwseHC46ax2D1oTxxtWUl/nInqQKXATKVt4G2Ccb25M9+4FlH5Zc +fnSI2qfiuFJM5fQ8leEZ0e1wvrASj+Wy+GoAPuD5qsffGsi3X+OUMGawdH0TRJm uxvQQCTt0Xd4IMluL/Vukk1S5qxnCrGuNnCWqkREfMBfnqs0my8zYVufiA+63rUL ZUXBV1mQn62xe+KGI2y0igKXhz8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR2xNI0 oAVHyyGp9P/BgY5ejqgcgTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQ2Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ozEwDQYJKoZIhvcNAQELBQADggEBAMXd8K2pSINmQXNtZ+iDQzWoFffeYGHrHpxB kALaNOvUPRp79BoAIQ8PLP1R3opXnNX9gUqf9Bgx4sYy68KQS7gOzgussuvvafuZ z4cZv4NKluUkr80MKIrUEwq+nJeoHt4Ug7LxzD93BpvuECUJEobeNAm7cE5dk9pQ 6h7dMrXTTpXt8V1rhX/RS7BqFy8n4bNiL603KpT3wWaZw1GK/nkLzNcipL8WNT30 By+acbUctNRSTTHAx9lb4N/6D35j/TNe2mjrbMl3BZ0FYrx7TMRMxuXrDzsW6g/O CyiMdFEjPyR/fbTT6ren/VloUz5DVbI0I+LjW3UZrpox9K0WUZE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:26 2026 by rpki-client