$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143479.roa File: AS143479.roa (raw, json) Hash identifier: ur5xASTDQ0i3OuFLXx9ajc1HpzdqDjDnXhDwydgPmOk= Subject key identifier: D3:AA:96:C3:7C:AA:00:05:48:32:CA:5B:A8:82:8C:44:95:83:07:DF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5F6282128CE77822CC3D3AD4112C2D36B2068B18 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143479.roa Signing time: Wed 04 Mar 2026 06:07:55 +0000 ROA not before: Wed 04 Mar 2026 06:02:55 +0000 ROA not after: Wed 03 Mar 2027 06:07:55 +0000 asID: 143479 IP address blocks: 240a:a33d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:62:82:12:8c:e7:78:22:cc:3d:3a:d4:11:2c:2d:36:b2:06:8b:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:55 2026 GMT Not After : Mar 3 06:07:55 2027 GMT Subject: CN=D3AA96C37CAA00054832CA5BA8828C44958307DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:13:30:04:5a:3e:92:49:d6:78:01:f8:37:19: e6:a0:68:d8:68:2b:62:4d:bb:22:95:88:1a:be:c9: 78:98:3e:d5:62:82:69:3a:5f:1e:95:e4:31:a6:b9: f2:7f:d7:2a:f4:5e:8e:66:0d:78:ed:a3:91:4b:6f: 99:e9:2b:5f:71:29:63:30:5d:60:b8:85:4f:1c:1f: 10:1a:17:ac:8b:88:56:c0:09:cb:e0:f8:c8:ab:aa: 30:fc:7a:51:08:dc:81:d9:66:6e:65:f6:eb:6e:24: 66:c3:cf:da:03:1a:f3:cc:30:44:3f:f1:b6:56:c7: 32:72:08:95:d5:d6:df:44:52:64:75:75:64:b2:7c: 86:8f:b7:97:2f:b1:2a:5e:21:ad:8c:bf:59:c2:af: 3e:58:9b:83:83:a6:6a:5b:4e:1d:16:19:28:de:cf: db:04:67:04:2e:ab:c6:bf:9e:bc:06:fa:3a:10:8b: 79:0b:31:46:94:6f:2b:87:53:bb:3e:ed:4e:95:5f: 9c:8b:64:1d:c1:1e:7e:38:55:31:0b:f7:7b:fa:94: fa:95:33:e9:86:b8:89:a3:0b:c2:c9:45:41:dc:10: 69:22:c4:ae:53:7d:da:02:ba:7f:69:35:44:a3:91: 10:da:26:72:e3:4c:fc:a6:ee:f1:a7:a0:bb:78:65: 83:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:AA:96:C3:7C:AA:00:05:48:32:CA:5B:A8:82:8C:44:95:83:07:DF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143479.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a33d::/32 Signature Algorithm: sha256WithRSAEncryption cd:96:f4:48:15:3d:79:bf:b3:0f:c8:14:18:a4:97:dc:f1:58: da:6f:51:02:57:dd:3b:a7:bf:1b:d3:0e:69:05:54:3e:63:f9: 57:20:e9:dd:0c:51:a5:e1:ef:9b:f0:23:a4:3f:e6:ac:c3:9e: 06:aa:3b:f5:e8:b2:42:00:5c:c7:30:21:98:b6:ba:c7:d1:ac: cb:55:41:95:a7:21:ec:db:93:71:11:40:c5:49:3c:82:1c:81: 0d:aa:ab:a3:62:fd:33:10:05:8c:3f:a1:59:ea:d0:01:af:9a: 3e:12:03:e7:46:30:60:b3:39:4e:da:4e:0e:9f:c6:47:18:e0: 4d:af:35:89:21:ac:91:95:6d:e8:25:87:ed:87:0c:60:b6:1a: 16:7f:cb:e1:b6:c7:99:9c:ce:50:25:36:00:e3:50:82:41:4f: 11:e9:4e:c6:ec:7a:95:c1:79:b1:e5:3a:b5:ea:39:d5:b4:a9: 19:a0:93:ba:ce:4f:5c:9e:ca:7d:17:76:7a:ba:53:17:21:54: ee:e9:b8:1d:55:e3:f8:95:cf:62:f0:0a:15:56:30:e2:75:90: 03:be:94:64:98:45:66:ec:7a:a9:d2:d5:af:1d:d7:0e:83:60: a9:7f:56:11:c3:67:0c:05:67:0a:f5:69:e9:23:10:df:7a:e5: 51:b9:c6:2c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUX2KCEozneCLMPTrUESwtNrIGixgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI1NVoX DTI3MDMwMzA2MDc1NVowMzExMC8GA1UEAxMoRDNBQTk2QzM3Q0FBMDAwNTQ4MzJD QTVCQTg4MjhDNDQ5NTgzMDdERjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMsTMARaPpJJ1ngB+DcZ5qBo2GgrYk27IpWIGr7JeJg+1WKCaTpfHpXkMaa5 8n/XKvRejmYNeO2jkUtvmekrX3EpYzBdYLiFTxwfEBoXrIuIVsAJy+D4yKuqMPx6 UQjcgdlmbmX2624kZsPP2gMa88wwRD/xtlbHMnIIldXW30RSZHV1ZLJ8ho+3ly+x Kl4hrYy/WcKvPlibg4OmaltOHRYZKN7P2wRnBC6rxr+evAb6OhCLeQsxRpRvK4dT uz7tTpVfnItkHcEefjhVMQv3e/qU+pUz6Ya4iaMLwslFQdwQaSLErlN92gK6f2k1 RKORENomcuNM/Kbu8aegu3hlg/cCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTTqpbD fKoABUgyyluogoxElYMH3zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQ3OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oz0wDQYJKoZIhvcNAQELBQADggEBAM2W9EgVPXm/sw/IFBikl9zxWNpvUQJX3Tun vxvTDmkFVD5j+Vcg6d0MUaXh75vwI6Q/5qzDngaqO/XoskIAXMcwIZi2usfRrMtV QZWnIezbk3ERQMVJPIIcgQ2qq6Ni/TMQBYw/oVnq0AGvmj4SA+dGMGCzOU7aTg6f xkcY4E2vNYkhrJGVbeglh+2HDGC2GhZ/y+G2x5mczlAlNgDjUIJBTxHpTsbsepXB ebHlOrXqOdW0qRmgk7rOT1yeyn0Xdnq6UxchVO7puB1V4/iVz2LwChVWMOJ1kAO+ lGSYRWbseqnS1a8d1w6DYKl/VhHDZwwFZwr1aekjEN965VG5xiw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:40 2026 by rpki-client