$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143503.roa File: AS143503.roa (raw, json) Hash identifier: 2zcSm1Hbap+MT9vynJAwwmAB2PVRA8h+FonKPEOU49A= Subject key identifier: AF:B0:10:27:66:30:B2:36:9B:3A:9D:B9:3F:37:E6:FB:7F:52:8A:46 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2A6B604539115336BF22008A2BD4BA4A369D1B05 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143503.roa Signing time: Wed 04 Mar 2026 06:07:49 +0000 ROA not before: Wed 04 Mar 2026 06:02:49 +0000 ROA not after: Wed 03 Mar 2027 06:07:49 +0000 asID: 143503 IP address blocks: 240a:a355::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:6b:60:45:39:11:53:36:bf:22:00:8a:2b:d4:ba:4a:36:9d:1b:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:49 2026 GMT Not After : Mar 3 06:07:49 2027 GMT Subject: CN=AFB010276630B2369B3A9DB93F37E6FB7F528A46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:4a:67:77:eb:92:0e:90:0b:72:dd:b9:60:70: d4:ee:f8:e8:35:15:76:6a:c1:2b:d7:60:86:24:73: 75:a3:ab:c1:05:f2:b5:5c:8a:88:d9:55:8d:c0:12: 54:34:3d:67:c3:97:f1:06:25:a6:ce:1e:86:f3:26: 9f:7a:02:cb:10:04:6e:8e:ba:3a:98:0f:3a:cd:00: 23:c5:56:6b:a6:ba:44:0e:07:98:a2:83:eb:b3:e7: 1c:1f:61:7f:f6:7f:58:ae:53:f4:ed:8c:0f:3e:e5: 7f:cc:d6:f8:10:cd:4f:1c:52:a7:b3:02:d7:a2:e9: 91:49:da:10:ac:1e:40:96:0d:cf:32:82:44:b3:65: 75:0c:9d:05:66:e2:1b:a2:f9:33:e5:eb:65:19:9b: 82:7a:c1:15:00:2d:95:3d:5f:34:00:07:84:dc:3f: 56:a8:f5:66:47:f0:cf:20:7d:e4:e3:34:aa:20:eb: 7a:23:47:71:74:f8:0f:ab:3c:51:fa:8f:a5:68:1f: 51:2d:21:26:4d:35:ba:df:1c:a2:f5:9f:16:d2:77: 13:c0:a0:0e:e4:c4:03:38:81:a9:7d:97:71:66:ee: b3:d7:33:cb:5b:32:ae:e3:fd:fe:41:d2:ae:3b:20: 72:bc:57:d9:b9:71:bb:26:5f:b7:aa:71:cf:90:bd: 08:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:B0:10:27:66:30:B2:36:9B:3A:9D:B9:3F:37:E6:FB:7F:52:8A:46 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143503.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a355::/32 Signature Algorithm: sha256WithRSAEncryption ac:49:83:c9:e2:8d:ef:6a:08:9d:c5:ee:18:37:14:20:20:3d: 60:df:ec:a3:d5:4e:26:c0:fd:76:f3:17:8f:6d:f6:12:f3:e0: fe:bb:b4:66:fd:c8:2c:5a:c2:00:55:25:4b:a6:f2:e1:f9:69: b4:86:d8:2d:10:14:84:96:d6:c5:53:cc:e5:8b:3a:35:74:66: 7a:f9:fc:fd:53:fb:0f:6c:3c:06:0c:5b:80:bd:78:d2:da:fe: cf:e3:be:8c:5b:82:f4:17:1e:61:72:38:6a:6c:cc:ac:28:46: a9:46:78:da:ef:2e:ec:c9:14:5a:46:54:5a:93:96:c5:5e:ab: 14:78:9f:ae:ae:36:f4:db:aa:31:fe:d6:38:a2:0a:4a:1b:97: c0:80:26:4f:ff:0c:df:ca:62:b3:8a:de:18:fe:2f:e9:4b:7e: bc:a8:78:e8:1b:47:34:35:f8:c7:c2:1b:9d:0b:d3:23:ff:84: 09:83:ee:36:46:d3:84:e0:0d:7e:76:9f:6c:cf:9a:01:49:86: 33:25:98:d2:07:cd:fd:35:cc:fe:e9:fc:72:45:60:e5:be:40: 1e:28:43:9c:47:db:67:96:a8:6d:55:18:36:67:4f:bc:94:e7: 9f:be:f1:fe:78:17:3e:6b:54:6e:06:10:c5:e5:a6:15:df:71: 7a:35:9c:4e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKmtgRTkRUza/IgCKK9S6SjadGwUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI0OVoX DTI3MDMwMzA2MDc0OVowMzExMC8GA1UEAxMoQUZCMDEwMjc2NjMwQjIzNjlCM0E5 REI5M0YzN0U2RkI3RjUyOEE0NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALBKZ3frkg6QC3LduWBw1O746DUVdmrBK9dghiRzdaOrwQXytVyKiNlVjcAS VDQ9Z8OX8QYlps4ehvMmn3oCyxAEbo66OpgPOs0AI8VWa6a6RA4HmKKD67PnHB9h f/Z/WK5T9O2MDz7lf8zW+BDNTxxSp7MC16LpkUnaEKweQJYNzzKCRLNldQydBWbi G6L5M+XrZRmbgnrBFQAtlT1fNAAHhNw/Vqj1ZkfwzyB95OM0qiDreiNHcXT4D6s8 UfqPpWgfUS0hJk01ut8covWfFtJ3E8CgDuTEAziBqX2XcWbus9czy1syruP9/kHS rjsgcrxX2blxuyZft6pxz5C9CLMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSvsBAn ZjCyNps6nbk/N+b7f1KKRjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzUwMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o1UwDQYJKoZIhvcNAQELBQADggEBAKxJg8nije9qCJ3F7hg3FCAgPWDf7KPVTibA /XbzF49t9hLz4P67tGb9yCxawgBVJUum8uH5abSG2C0QFISW1sVTzOWLOjV0Znr5 /P1T+w9sPAYMW4C9eNLa/s/jvoxbgvQXHmFyOGpszKwoRqlGeNrvLuzJFFpGVFqT lsVeqxR4n66uNvTbqjH+1jiiCkobl8CAJk//DN/KYrOK3hj+L+lLfryoeOgbRzQ1 +MfCG50L0yP/hAmD7jZG04TgDX52n2zPmgFJhjMlmNIHzf01zP7p/HJFYOW+QB4o Q5xH22eWqG1VGDZnT7yU55++8f54Fz5rVG4GEMXlphXfcXo1nE4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:18 2026 by rpki-client