$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143473.roa File: AS143473.roa (raw, json) Hash identifier: QPEY2B8ZlAfvWsbAq/3YFml2gUpgW+iWPJDIq+E/kSI= Subject key identifier: DC:0D:C2:4E:A5:5B:38:00:86:84:D0:CF:4C:60:BE:1C:9A:0E:37:D9 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3082D2A237792EEE0840F4B4D121FA47D130DD9E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143473.roa Signing time: Wed 04 Mar 2026 06:06:24 +0000 ROA not before: Wed 04 Mar 2026 06:01:24 +0000 ROA not after: Wed 03 Mar 2027 06:06:24 +0000 asID: 143473 IP address blocks: 240a:a337::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:82:d2:a2:37:79:2e:ee:08:40:f4:b4:d1:21:fa:47:d1:30:dd:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:24 2026 GMT Not After : Mar 3 06:06:24 2027 GMT Subject: CN=DC0DC24EA55B38008684D0CF4C60BE1C9A0E37D9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:66:61:2e:c2:9a:72:36:82:8a:6d:5a:be:e4: e1:fd:43:66:33:75:d7:cb:f7:c9:f3:48:bc:2e:a2: 7c:5a:4a:3d:40:3e:37:14:fb:da:1e:c8:5e:10:28: 25:72:10:88:78:f2:fd:c7:8d:0c:f0:2e:7e:44:68: f8:82:51:9c:1f:e2:44:a7:59:f3:da:29:ec:0d:08: cd:08:24:04:45:a6:c3:a2:02:69:43:d5:10:cc:99: 63:37:52:5c:e1:5e:7f:98:fc:01:1f:81:50:68:2e: 57:8f:9a:eb:1a:fc:46:53:c2:5f:4f:93:bb:d1:a8: 70:0b:05:60:97:30:4b:74:65:2c:6f:60:73:13:f9: 7c:0c:c0:d5:ca:81:d2:8b:0a:39:53:d5:57:b6:0e: ef:55:84:97:40:10:36:ff:3b:4c:e9:df:fa:d6:b9: 74:02:7f:56:32:8f:f5:d9:81:01:95:fa:22:92:b5: 08:40:fd:7a:ee:40:f0:26:47:32:74:03:df:1e:5c: 3f:39:71:4a:fe:e1:99:46:c0:d8:bc:39:fa:e8:cc: 3e:3f:93:35:ce:01:e7:16:15:32:16:ed:9f:9d:e3: 91:57:2a:d4:d9:7f:96:1a:69:e4:dd:28:a4:93:28: 64:56:eb:a5:83:da:51:3a:d3:19:88:80:f1:73:3a: c4:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:0D:C2:4E:A5:5B:38:00:86:84:D0:CF:4C:60:BE:1C:9A:0E:37:D9 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143473.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a337::/32 Signature Algorithm: sha256WithRSAEncryption 6f:79:4c:2d:10:cb:db:3e:82:fb:9c:d2:85:a2:6c:ef:e8:40: 9d:5d:8f:9a:fd:50:05:02:e9:9e:29:08:90:8a:91:fe:0f:3d: d7:dd:2b:1f:11:08:9e:9f:c3:91:a9:c5:1e:f2:08:93:10:91: 50:7b:c2:51:6f:cd:6b:31:a7:42:55:b0:22:c2:04:f6:3a:b6: 0d:d3:af:3d:de:5d:20:ee:73:08:9f:47:b4:e9:bf:5f:4c:1d: 19:8a:e5:94:b7:94:e9:5a:69:a0:41:ce:db:91:f0:3c:0f:f7: e6:da:2c:2c:c0:75:99:4d:4c:0e:88:8d:e9:04:07:bc:70:96: e9:f7:f6:23:a8:ac:22:84:29:92:c7:57:d7:7b:e5:d9:13:6a: d5:f4:42:84:a1:ef:61:5c:b0:f3:9f:21:4c:0d:3e:f9:11:f1: a1:ea:60:5a:ae:47:24:90:ad:4a:ba:86:41:48:1b:18:26:10: b3:82:4f:4e:ed:77:6b:ca:09:41:ab:94:86:25:f1:a6:70:86: 30:d5:42:90:0b:5b:37:c3:54:61:af:da:c1:7c:4a:95:5e:f7: f0:9c:55:e2:2e:23:07:b2:f5:12:75:cd:28:87:90:45:02:8b: 7c:33:f0:8b:c6:05:4e:1c:65:7c:ee:b5:a9:14:8b:28:4d:17: 77:c4:84:7f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMILSojd5Lu4IQPS00SH6R9Ew3Z4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEyNFoX DTI3MDMwMzA2MDYyNFowMzExMC8GA1UEAxMoREMwREMyNEVBNTVCMzgwMDg2ODRE MENGNEM2MEJFMUM5QTBFMzdEOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK5mYS7CmnI2goptWr7k4f1DZjN118v3yfNIvC6ifFpKPUA+NxT72h7IXhAo JXIQiHjy/ceNDPAufkRo+IJRnB/iRKdZ89op7A0IzQgkBEWmw6ICaUPVEMyZYzdS XOFef5j8AR+BUGguV4+a6xr8RlPCX0+Tu9GocAsFYJcwS3RlLG9gcxP5fAzA1cqB 0osKOVPVV7YO71WEl0AQNv87TOnf+ta5dAJ/VjKP9dmBAZX6IpK1CED9eu5A8CZH MnQD3x5cPzlxSv7hmUbA2Lw5+ujMPj+TNc4B5xYVMhbtn53jkVcq1Nl/lhpp5N0o pJMoZFbrpYPaUTrTGYiA8XM6xJkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTcDcJO pVs4AIaE0M9MYL4cmg432TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQ3My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ozcwDQYJKoZIhvcNAQELBQADggEBAG95TC0Qy9s+gvuc0oWibO/oQJ1dj5r9UAUC 6Z4pCJCKkf4PPdfdKx8RCJ6fw5GpxR7yCJMQkVB7wlFvzWsxp0JVsCLCBPY6tg3T rz3eXSDucwifR7Tpv19MHRmK5ZS3lOlaaaBBztuR8DwP9+baLCzAdZlNTA6IjekE B7xwlun39iOorCKEKZLHV9d75dkTatX0QoSh72FcsPOfIUwNPvkR8aHqYFquRySQ rUq6hkFIGxgmELOCT07td2vKCUGrlIYl8aZwhjDVQpALWzfDVGGv2sF8SpVe9/Cc VeIuIwey9RJ1zSiHkEUCi3wz8IvGBU4cZXzutakUiyhNF3fEhH8= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:27 2026 by rpki-client