$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143494.roa File: AS143494.roa (raw, json) Hash identifier: B23nxUkIb4MvjR7q9cgt3vvllKsysjXAvMFMkIkaDPg= Subject key identifier: 02:31:2F:1B:73:DD:17:F2:E8:97:2C:04:81:B3:27:F6:95:3B:1D:A0 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0E93E1D932D0428D8EBB5D88488ECD7F00D12541 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143494.roa Signing time: Wed 04 Mar 2026 06:06:43 +0000 ROA not before: Wed 04 Mar 2026 06:01:43 +0000 ROA not after: Wed 03 Mar 2027 06:06:43 +0000 asID: 143494 IP address blocks: 240a:a34c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:93:e1:d9:32:d0:42:8d:8e:bb:5d:88:48:8e:cd:7f:00:d1:25:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:43 2026 GMT Not After : Mar 3 06:06:43 2027 GMT Subject: CN=02312F1B73DD17F2E8972C0481B327F6953B1DA0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:96:70:2c:41:1a:e6:c2:b4:35:5e:35:8c:83: 2d:ce:cc:5b:95:83:05:ce:30:b8:a1:42:3e:c4:be: d8:d9:c7:2b:76:7d:dd:2b:71:a3:1b:ab:ef:fd:25: d8:9f:69:81:35:30:9a:cc:f8:5a:4d:58:b6:53:fb: 1f:49:12:40:b2:12:35:1d:91:a8:84:62:68:89:b1: a9:fe:7d:30:23:1e:d3:eb:ef:a2:db:07:43:70:39: 7a:8a:6a:7a:57:d8:e9:cf:16:8e:59:f3:fa:33:36: 02:38:bb:57:e4:eb:5a:77:f6:b2:25:e3:07:43:43: e6:77:b0:a9:9b:2a:83:c7:28:80:46:4b:d4:26:76: 3a:ee:de:ec:be:54:f9:03:34:31:e6:f8:6e:44:4a: 6f:a7:6a:75:a3:58:b2:05:f9:7a:43:8c:bb:c1:d4: 42:12:4e:ed:af:a9:1d:73:45:a0:ae:90:8d:33:03: 01:d6:62:2c:7c:50:6a:29:98:a5:c1:5c:fd:45:f5: 41:df:1c:10:2c:9c:bf:dc:0d:75:6d:c9:2a:12:93: 65:6b:3e:8b:27:a8:2f:3d:b2:f2:f9:df:a5:e4:76: de:25:c3:58:ec:78:cf:7a:ec:b1:bb:15:37:3a:9a: df:6e:e4:c0:c8:0a:81:8f:7c:cd:17:6e:d8:5d:69: f9:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:31:2F:1B:73:DD:17:F2:E8:97:2C:04:81:B3:27:F6:95:3B:1D:A0 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143494.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a34c::/32 Signature Algorithm: sha256WithRSAEncryption c5:55:41:ad:fc:08:23:bf:34:47:cc:50:f7:e9:f6:75:b4:31: d9:6b:64:f5:ea:86:97:39:1b:ef:de:50:e4:f2:33:52:70:aa: 82:25:f0:f9:bb:92:cd:9b:50:31:c4:d0:17:65:a1:13:f4:3f: 86:09:f5:4c:f2:8c:61:83:49:4e:6d:5a:7a:60:90:15:22:fa: 13:41:10:f8:d9:7e:b8:26:3a:f4:f1:8b:ff:6c:fa:3a:ac:5a: d3:ea:38:1e:ec:06:3e:53:16:e3:af:f8:32:75:15:f5:f9:84: c1:a7:bf:57:3a:34:2c:38:57:67:79:ed:24:87:6f:ec:9c:96: d2:e8:5a:47:ba:97:9c:d9:5b:95:c8:50:ae:f8:70:9a:e0:14: 2d:a3:d3:fd:bd:f7:19:f1:ab:fb:8d:0a:d4:f5:5a:a5:af:84: 41:c2:64:f4:fe:c3:9c:91:7b:2b:99:a4:9b:03:5b:1c:a1:41: 83:e4:80:2e:ea:0a:7b:0a:6a:80:49:44:55:fe:e6:ce:bb:2e: ae:a1:f5:29:3f:7b:4e:7b:24:8c:c8:e1:1e:18:7f:18:3a:77: 0d:51:78:03:c6:fe:74:d6:0b:eb:a1:64:f5:9e:5a:90:ba:8a: ff:fc:1c:66:6a:80:2c:53:bb:d3:49:0c:bd:b1:6f:41:d5:f7: b2:80:fe:90 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDpPh2TLQQo2Ou12ISI7NfwDRJUEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE0M1oX DTI3MDMwMzA2MDY0M1owMzExMC8GA1UEAxMoMDIzMTJGMUI3M0REMTdGMkU4OTcy QzA0ODFCMzI3RjY5NTNCMURBMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN+WcCxBGubCtDVeNYyDLc7MW5WDBc4wuKFCPsS+2NnHK3Z93Stxoxur7/0l 2J9pgTUwmsz4Wk1YtlP7H0kSQLISNR2RqIRiaImxqf59MCMe0+vvotsHQ3A5eopq elfY6c8Wjlnz+jM2Aji7V+TrWnf2siXjB0ND5newqZsqg8cogEZL1CZ2Ou7e7L5U +QM0Meb4bkRKb6dqdaNYsgX5ekOMu8HUQhJO7a+pHXNFoK6QjTMDAdZiLHxQaimY pcFc/UX1Qd8cECycv9wNdW3JKhKTZWs+iyeoLz2y8vnfpeR23iXDWOx4z3rssbsV Nzqa327kwMgKgY98zRdu2F1p+UsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQCMS8b c90X8uiXLASBsyf2lTsdoDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQ5NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o0wwDQYJKoZIhvcNAQELBQADggEBAMVVQa38CCO/NEfMUPfp9nW0MdlrZPXqhpc5 G+/eUOTyM1JwqoIl8Pm7ks2bUDHE0BdloRP0P4YJ9UzyjGGDSU5tWnpgkBUi+hNB EPjZfrgmOvTxi/9s+jqsWtPqOB7sBj5TFuOv+DJ1FfX5hMGnv1c6NCw4V2d57SSH b+ycltLoWke6l5zZW5XIUK74cJrgFC2j0/299xnxq/uNCtT1WqWvhEHCZPT+w5yR eyuZpJsDWxyhQYPkgC7qCnsKaoBJRFX+5s67Lq6h9Sk/e057JIzI4R4Yfxg6dw1R eAPG/nTWC+uhZPWeWpC6iv/8HGZqgCxTu9NJDL2xb0HV97KA/pA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:08 2026 by rpki-client