$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143709.roa File: AS143709.roa (raw, json) Hash identifier: pLV8pLjrsWn9IJJ1E7fzfK8vK9Vvi8o7hQWLpI8Ds74= Subject key identifier: A3:B3:57:B9:FD:59:13:DE:B7:0C:31:4C:03:41:73:7D:CB:1C:C2:9F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 53E26924052B7F36BD224DB0A78D4B05398FAEBB Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143709.roa Signing time: Wed 04 Mar 2026 06:15:24 +0000 ROA not before: Wed 04 Mar 2026 06:10:24 +0000 ROA not after: Wed 03 Mar 2027 06:15:24 +0000 asID: 143709 IP address blocks: 240a:a423::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:e2:69:24:05:2b:7f:36:bd:22:4d:b0:a7:8d:4b:05:39:8f:ae:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:24 2026 GMT Not After : Mar 3 06:15:24 2027 GMT Subject: CN=A3B357B9FD5913DEB70C314C0341737DCB1CC29F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:9e:31:4d:15:28:00:0f:7c:80:8b:08:91:65: 24:8b:ff:25:e4:51:cb:fd:6f:17:8b:15:3a:b1:b5: 29:28:ba:50:a2:d0:9d:a5:81:76:0a:df:59:3a:35: a8:2a:49:fd:1e:da:72:db:63:c3:8a:95:e0:05:b5: 08:eb:f6:dd:90:46:b8:8c:e7:25:5d:7d:37:be:f3: ea:fa:9a:6d:64:64:88:fa:c6:51:20:15:f2:fa:ca: ae:5e:db:53:1d:6f:4b:80:74:dc:bc:80:ff:6a:99: 9b:76:79:d9:11:93:c2:ec:6a:c9:43:0c:49:fb:b5: 77:d9:30:6b:71:63:5a:e1:26:02:87:82:61:80:72: a0:01:ad:1b:98:80:f4:73:75:d0:e6:45:96:ae:e8: 45:01:76:d4:8b:79:3a:05:96:bc:e5:f4:3b:b5:f9: 88:25:df:a9:49:92:fa:ab:ea:43:0d:20:ab:28:04: 73:ed:15:10:9a:ad:3f:d4:6b:15:8a:f9:a7:51:f3: 42:e7:84:56:e0:13:e0:a7:53:ce:ab:24:11:8d:83: 11:83:a9:92:45:26:db:ec:0a:ee:70:30:9a:18:ea: 0d:27:44:60:17:2b:83:1d:8a:5a:d6:82:6c:81:13: aa:aa:fd:e4:7d:16:d1:d7:fa:ae:dc:c8:bf:80:5a: e1:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:B3:57:B9:FD:59:13:DE:B7:0C:31:4C:03:41:73:7D:CB:1C:C2:9F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143709.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a423::/32 Signature Algorithm: sha256WithRSAEncryption 2d:86:ac:52:e8:b9:bc:1f:f2:12:70:a1:a2:93:d3:69:57:ce: 62:9f:2a:53:07:ca:be:97:81:c5:d1:77:ec:4a:13:61:97:ef: b1:99:6a:4c:8d:92:ea:f4:b0:11:3b:16:2c:59:ee:8e:b8:35: 13:6a:ad:37:5b:65:da:a4:c3:64:82:fe:71:96:c5:f9:c6:89: 2a:86:80:f8:cb:99:96:1b:06:62:81:a1:7c:be:5a:ad:bf:4a: d1:d5:29:28:f8:06:71:98:eb:ab:f5:66:32:13:ca:ce:a8:9d: c2:f1:ea:34:16:45:59:8f:9d:a2:68:e3:36:b0:3f:bb:ac:22: 94:04:57:8d:39:96:c8:38:4f:b9:10:ad:25:41:39:db:95:5d: 76:5b:fa:39:28:92:47:3e:d8:6d:29:f3:42:27:90:ea:d2:bc: d3:1c:22:0b:4a:71:ab:c5:76:d1:1f:93:8b:e4:c6:24:b2:c4: 34:9c:08:58:e7:ed:5c:a8:d5:47:23:1d:0a:f4:d5:07:58:ee: 35:83:98:35:f2:15:d5:9b:c1:6e:fb:02:4b:52:32:2f:66:cc: 6c:2f:3c:50:d6:f0:5d:7f:34:3c:0b:3a:7b:7b:ce:74:3b:27: ba:1e:e4:fb:15:c6:9c:1c:0f:b3:cc:4f:3e:c9:95:a3:82:2c: 45:d7:95:24 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUU+JpJAUrfza9Ik2wp41LBTmPrrswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAyNFoX DTI3MDMwMzA2MTUyNFowMzExMC8GA1UEAxMoQTNCMzU3QjlGRDU5MTNERUI3MEMz MTRDMDM0MTczN0RDQjFDQzI5RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALWeMU0VKAAPfICLCJFlJIv/JeRRy/1vF4sVOrG1KSi6UKLQnaWBdgrfWTo1 qCpJ/R7acttjw4qV4AW1COv23ZBGuIznJV19N77z6vqabWRkiPrGUSAV8vrKrl7b Ux1vS4B03LyA/2qZm3Z52RGTwuxqyUMMSfu1d9kwa3FjWuEmAoeCYYByoAGtG5iA 9HN10OZFlq7oRQF21It5OgWWvOX0O7X5iCXfqUmS+qvqQw0gqygEc+0VEJqtP9Rr FYr5p1HzQueEVuAT4KdTzqskEY2DEYOpkkUm2+wK7nAwmhjqDSdEYBcrgx2KWtaC bIETqqr95H0W0df6rtzIv4Ba4cECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSjs1e5 /VkT3rcMMUwDQXN9yxzCnzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzcwOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pCMwDQYJKoZIhvcNAQELBQADggEBAC2GrFLoubwf8hJwoaKT02lXzmKfKlMHyr6X gcXRd+xKE2GX77GZakyNkur0sBE7FixZ7o64NRNqrTdbZdqkw2SC/nGWxfnGiSqG gPjLmZYbBmKBoXy+Wq2/StHVKSj4BnGY66v1ZjITys6oncLx6jQWRVmPnaJo4zaw P7usIpQEV405lsg4T7kQrSVBOduVXXZb+jkokkc+2G0p80InkOrSvNMcIgtKcavF dtEfk4vkxiSyxDScCFjn7Vyo1UcjHQr01QdY7jWDmDXyFdWbwW77AktSMi9mzGwv PFDW8F1/NDwLOnt7znQ7J7oe5PsVxpwcD7PMTz7JlaOCLEXXlSQ= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:38 2026 by rpki-client