$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143508.roa File: AS143508.roa (raw, json) Hash identifier: cX1ZPioUIVWWLOPlpd8gSZ+78EKLFJ3pK293/nWoH1Y= Subject key identifier: 5A:69:CA:C7:44:55:71:E2:29:E2:28:2B:66:29:40:E3:6B:C6:F3:04 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2006120E0FA84B782D3FBFFF644D99F0412A96C4 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143508.roa Signing time: Wed 04 Mar 2026 06:13:13 +0000 ROA not before: Wed 04 Mar 2026 06:08:13 +0000 ROA not after: Wed 03 Mar 2027 06:13:13 +0000 asID: 143508 IP address blocks: 240a:a35a::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:06:12:0e:0f:a8:4b:78:2d:3f:bf:ff:64:4d:99:f0:41:2a:96:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:13 2026 GMT Not After : Mar 3 06:13:13 2027 GMT Subject: CN=5A69CAC7445571E229E2282B662940E36BC6F304 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:49:7a:ba:3e:98:ee:a8:49:0c:98:3a:18:a0: 33:e0:0f:3f:5a:51:ba:3c:19:eb:0f:dc:60:95:93: a1:21:fb:69:4c:00:a5:64:b4:c5:68:f2:56:9b:8d: 47:19:09:54:72:11:3e:88:2c:f8:d7:67:a1:a1:0b: ea:9e:c4:cd:26:27:b2:4e:ed:e6:ff:5c:71:fb:04: a7:51:a2:a8:65:3e:a1:0e:ca:fe:d5:34:71:19:a2: f8:37:57:57:70:49:e1:55:47:4a:39:4d:5f:e3:c0: 61:66:eb:fd:6d:3a:5c:3a:3c:51:2e:53:f4:07:41: c6:b1:a2:78:2d:76:e8:30:ff:a1:9e:42:eb:5f:e8: 78:36:03:38:ac:e3:68:04:c1:40:ce:3e:e3:ed:14: d1:3e:15:4e:15:1a:25:34:f2:38:24:4c:74:3e:29: a5:23:a1:6b:05:ca:c6:de:8a:65:62:d8:db:40:6b: 87:27:cb:32:0f:2c:b8:a8:50:d2:3b:45:df:1d:44: da:5e:82:1a:7e:a5:a1:c6:52:1c:16:cf:4f:c5:16: dd:34:2a:33:55:22:8b:d1:28:f5:d5:d6:1e:3d:6e: 0a:0d:59:3e:2c:7b:47:a4:b1:09:32:4c:1a:c3:d5: f7:1e:10:ae:b8:94:74:9e:0e:89:8a:ef:31:e0:27: 01:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:69:CA:C7:44:55:71:E2:29:E2:28:2B:66:29:40:E3:6B:C6:F3:04 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143508.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a35a::/32 Signature Algorithm: sha256WithRSAEncryption 35:f5:f6:44:c3:4d:32:72:1a:c8:43:76:d9:f0:b8:cf:1c:7e: f5:76:c7:73:95:31:65:6a:cd:2d:7d:6d:d7:b3:8a:b5:44:ca: f3:6a:ed:10:b3:3a:8e:80:ec:4b:95:fb:50:9c:ed:87:7a:fc: 57:e4:6f:b5:25:83:53:ab:dc:20:ba:29:34:61:fc:1c:fd:ac: 15:d1:42:87:44:73:d4:7a:0d:88:a4:07:58:02:72:a5:51:dd: ea:c3:5b:66:27:cb:8b:c5:07:09:12:78:9a:c9:c1:9f:16:7e: 8c:12:d1:ca:a6:38:d4:41:38:e7:7f:ff:f4:bb:c3:cd:38:86: c1:90:44:ad:1a:f2:56:ed:18:a7:cf:04:93:cc:03:d6:da:4d: 75:b0:a8:15:49:54:8e:73:ff:ac:ad:6e:18:c6:ea:35:9a:96: 0e:fc:68:5f:fb:8e:9d:54:62:e5:55:ff:9a:30:82:66:da:38: c9:f5:a3:ed:a0:1f:ee:03:16:f1:ca:15:ef:2e:e8:85:fa:72: 07:9b:07:61:c0:6a:01:c9:67:16:6c:99:44:5e:df:ad:69:0e: 3f:c5:1a:5a:fd:39:24:53:63:7d:f3:ec:60:03:45:66:2c:2e: 10:15:6c:d0:9f:97:e2:4c:42:8b:ab:46:df:23:0c:c1:1c:60: 67:b3:ec:11 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUIAYSDg+oS3gtP7//ZE2Z8EEqlsQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgxM1oX DTI3MDMwMzA2MTMxM1owMzExMC8GA1UEAxMoNUE2OUNBQzc0NDU1NzFFMjI5RTIy ODJCNjYyOTQwRTM2QkM2RjMwNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANxJero+mO6oSQyYOhigM+APP1pRujwZ6w/cYJWToSH7aUwApWS0xWjyVpuN RxkJVHIRPogs+NdnoaEL6p7EzSYnsk7t5v9ccfsEp1GiqGU+oQ7K/tU0cRmi+DdX V3BJ4VVHSjlNX+PAYWbr/W06XDo8US5T9AdBxrGieC126DD/oZ5C61/oeDYDOKzj aATBQM4+4+0U0T4VThUaJTTyOCRMdD4ppSOhawXKxt6KZWLY20BrhyfLMg8suKhQ 0jtF3x1E2l6CGn6locZSHBbPT8UW3TQqM1Uii9Eo9dXWHj1uCg1ZPix7R6SxCTJM GsPV9x4QrriUdJ4OiYrvMeAnAXECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRaacrH RFVx4iniKCtmKUDja8bzBDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzUwOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o1owDQYJKoZIhvcNAQELBQADggEBADX19kTDTTJyGshDdtnwuM8cfvV2x3OVMWVq zS19bdezirVEyvNq7RCzOo6A7EuV+1Cc7Yd6/Ffkb7Ulg1Or3CC6KTRh/Bz9rBXR QodEc9R6DYikB1gCcqVR3erDW2Yny4vFBwkSeJrJwZ8WfowS0cqmONRBOOd///S7 w804hsGQRK0a8lbtGKfPBJPMA9baTXWwqBVJVI5z/6ytbhjG6jWalg78aF/7jp1U YuVV/5owgmbaOMn1o+2gH+4DFvHKFe8u6IX6cgebB2HAagHJZxZsmURe361pDj/F Glr9OSRTY33z7GADRWYsLhAVbNCfl+JMQourRt8jDMEcYGez7BE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:44 2026 by rpki-client