$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143488.roa File: AS143488.roa (raw, json) Hash identifier: hI2mwgZrMhKkEJCJAqFZZHSxGCPFSELEM+JGMNt7IE4= Subject key identifier: 82:E5:A0:08:EA:CB:C9:E8:B0:10:10:D3:71:10:16:22:8B:B6:09:67 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 226F86ABA0D53D0DE623A649345234DFC67BA4EE Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143488.roa Signing time: Wed 04 Mar 2026 06:07:53 +0000 ROA not before: Wed 04 Mar 2026 06:02:53 +0000 ROA not after: Wed 03 Mar 2027 06:07:53 +0000 asID: 143488 IP address blocks: 240a:a346::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:6f:86:ab:a0:d5:3d:0d:e6:23:a6:49:34:52:34:df:c6:7b:a4:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:53 2026 GMT Not After : Mar 3 06:07:53 2027 GMT Subject: CN=82E5A008EACBC9E8B01010D3711016228BB60967 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:5f:63:03:a0:17:c5:f2:9b:89:13:ca:1a:83: 2c:22:39:69:e1:be:30:4f:6c:31:68:24:3c:e5:69: c7:5f:9a:10:13:6e:2a:92:9b:ea:fc:0c:02:24:f6: d5:73:ac:18:f2:9b:f5:f1:25:77:54:63:46:f8:a1: 99:d7:e5:83:2d:86:1f:b7:66:05:8f:72:d3:da:ab: 58:74:02:63:91:c2:69:6c:e2:29:3b:70:95:3c:aa: c2:16:96:5f:d6:58:cb:ea:07:05:bb:86:a2:30:20: 16:76:1d:17:19:9e:b4:4a:f3:8c:93:1f:f7:d0:b2: e2:60:81:ba:4c:01:27:41:81:db:1d:f2:56:c3:e2: 91:04:8a:d7:aa:bb:4f:ea:fc:38:32:fb:45:a3:30: d6:89:be:06:85:b0:7c:9e:b4:70:c6:dd:1c:b4:03: a0:8a:63:60:aa:2a:3b:98:96:16:40:b5:ef:c3:a5: 28:91:3b:0c:eb:6e:9d:77:1c:27:b9:8e:7c:45:c2: 1c:fc:42:83:de:18:cc:bb:06:9e:89:a5:ac:98:28: d4:c2:ad:53:0d:d5:b5:ad:cb:7e:f1:19:d2:5f:dd: 4b:3c:41:d3:00:18:93:e3:0e:72:b7:44:58:69:06: e7:4c:de:7c:54:e8:e6:1a:41:64:62:ae:8f:6d:f3: a5:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:E5:A0:08:EA:CB:C9:E8:B0:10:10:D3:71:10:16:22:8B:B6:09:67 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143488.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a346::/32 Signature Algorithm: sha256WithRSAEncryption 5b:5b:09:4e:07:c0:1e:97:b7:e8:77:04:1c:ac:2f:5c:6f:be: 95:15:ac:ed:3e:c2:62:dc:ca:d5:5c:aa:b8:30:8d:4d:b4:32: 7b:8f:71:2c:56:ae:a1:26:f7:bc:a2:7b:93:f5:79:6b:12:d4: 95:c9:93:13:dc:b4:38:3d:c0:cc:56:d9:44:a6:36:96:97:93: 31:4b:39:b1:33:6b:5b:c3:a7:32:47:97:e5:1a:71:82:25:6d: ef:a5:db:d4:f4:25:78:94:eb:e8:2e:8a:e5:fb:61:28:95:45: 1a:d6:20:ad:68:27:ec:b5:11:8f:0d:30:8e:11:0d:30:3d:e7: 6b:31:b2:5b:fd:69:d8:f4:9c:ff:e9:40:4f:35:71:e3:bb:5b: c8:ee:69:b9:ff:24:9e:95:01:92:1a:b8:5a:bb:65:94:a2:c9: cf:07:39:30:b9:e6:1c:d4:7c:12:73:2b:25:43:6d:51:3a:18: 4a:c0:8c:59:f9:a9:bf:17:62:3f:00:8a:48:7d:5c:55:42:f7: 10:81:35:a3:ac:bf:f7:45:70:b3:8c:6a:e4:fc:1d:92:1c:98: e1:cf:04:41:30:ab:73:df:b0:6d:9d:a2:0b:22:28:26:1d:13: 02:e6:ce:d9:dd:c8:df:00:47:b7:32:40:13:af:af:b9:71:d6: 79:44:0f:73 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUIm+Gq6DVPQ3mI6ZJNFI038Z7pO4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI1M1oX DTI3MDMwMzA2MDc1M1owMzExMC8GA1UEAxMoODJFNUEwMDhFQUNCQzlFOEIwMTAx MEQzNzExMDE2MjI4QkI2MDk2NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMFfYwOgF8Xym4kTyhqDLCI5aeG+ME9sMWgkPOVpx1+aEBNuKpKb6vwMAiT2 1XOsGPKb9fEld1RjRvihmdflgy2GH7dmBY9y09qrWHQCY5HCaWziKTtwlTyqwhaW X9ZYy+oHBbuGojAgFnYdFxmetErzjJMf99Cy4mCBukwBJ0GB2x3yVsPikQSK16q7 T+r8ODL7RaMw1om+BoWwfJ60cMbdHLQDoIpjYKoqO5iWFkC178OlKJE7DOtunXcc J7mOfEXCHPxCg94YzLsGnomlrJgo1MKtUw3Vta3LfvEZ0l/dSzxB0wAYk+MOcrdE WGkG50zefFTo5hpBZGKuj23zpaUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSC5aAI 6svJ6LAQENNxEBYii7YJZzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQ4OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o0YwDQYJKoZIhvcNAQELBQADggEBAFtbCU4HwB6Xt+h3BBysL1xvvpUVrO0+wmLc ytVcqrgwjU20MnuPcSxWrqEm97yie5P1eWsS1JXJkxPctDg9wMxW2USmNpaXkzFL ObEza1vDpzJHl+UacYIlbe+l29T0JXiU6+guiuX7YSiVRRrWIK1oJ+y1EY8NMI4R DTA952sxslv9adj0nP/pQE81ceO7W8juabn/JJ6VAZIauFq7ZZSiyc8HOTC55hzU fBJzKyVDbVE6GErAjFn5qb8XYj8Aikh9XFVC9xCBNaOsv/dFcLOMauT8HZIcmOHP BEEwq3PfsG2dogsiKCYdEwLmztndyN8AR7cyQBOvr7lx1nlED3M= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:32 2026 by rpki-client