$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143753.roa File: AS143753.roa (raw, json) Hash identifier: 5Ng7aQNVnnMZkQgktqRLij4TJYJvfCnE1dqIrW6ZRWA= Subject key identifier: 08:66:9B:5C:AD:67:98:10:85:99:F8:16:54:51:F3:01:B5:B8:A2:D6 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4A1CE771552191CAC24EFFDCAA5CAEB458AA1ACC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143753.roa Signing time: Wed 04 Mar 2026 06:14:12 +0000 ROA not before: Wed 04 Mar 2026 06:09:12 +0000 ROA not after: Wed 03 Mar 2027 06:14:12 +0000 asID: 143753 IP address blocks: 240a:a44f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:1c:e7:71:55:21:91:ca:c2:4e:ff:dc:aa:5c:ae:b4:58:aa:1a:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:12 2026 GMT Not After : Mar 3 06:14:12 2027 GMT Subject: CN=08669B5CAD6798108599F8165451F301B5B8A2D6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:16:d6:74:10:71:34:74:90:0b:c2:bc:11:7d: 2c:a2:d8:74:d9:f7:ad:e7:4b:c5:18:32:d5:33:58: a2:69:6d:29:41:37:e6:6f:01:9d:38:ed:2f:ea:b7: 93:c3:b9:ec:cd:64:e7:c5:5a:01:45:fd:6b:e7:17: c7:2b:4b:c1:60:48:c6:c3:6d:65:b5:39:8c:05:07: fe:fb:b4:56:38:a7:9e:f1:86:d0:5e:e9:59:b3:70: 5e:c6:e3:3c:93:9a:ea:0f:9c:70:bd:d3:ef:ca:ad: c3:4d:63:0a:73:27:cc:dc:a8:73:6b:66:e8:64:f3: 0d:8c:8e:9b:75:18:9a:ce:ad:d4:1a:b4:e2:5f:35: de:a3:84:de:19:bd:51:f4:1b:3c:68:aa:53:55:af: be:97:dc:f7:63:3e:66:cb:f8:e1:9c:ee:61:92:48: f7:65:e7:eb:1b:3c:0e:48:8e:71:e3:c0:95:b3:c5: ff:89:ab:cb:81:c8:65:2b:1d:ca:5d:2e:1e:c7:85: d3:ea:23:18:1b:0b:17:8d:34:2a:c4:d1:4b:b8:9b: e3:9c:f2:0c:af:8e:1b:0c:cb:1f:5f:4d:72:1b:aa: ca:93:03:0c:55:cc:37:b7:93:81:85:f7:18:ae:51: 45:8b:aa:2e:5f:4d:33:06:85:d1:f4:28:17:bb:6b: 62:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:66:9B:5C:AD:67:98:10:85:99:F8:16:54:51:F3:01:B5:B8:A2:D6 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143753.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a44f::/32 Signature Algorithm: sha256WithRSAEncryption bd:79:ff:51:2a:cd:4f:62:06:4a:94:06:04:15:7f:5a:2e:f1: ed:d8:c5:be:70:37:4d:05:13:7d:8d:32:45:67:d9:b9:dc:0f: 6a:b8:d8:d7:d5:a2:9a:e0:0e:bd:04:8a:bb:f7:41:61:68:75: 1a:de:be:60:79:ea:d1:6e:bf:2c:9e:01:de:fa:7f:e7:b7:32: b4:06:a7:32:8d:0c:ca:eb:38:e3:cf:e8:7f:fa:ad:c0:b0:5b: 4c:90:e9:eb:49:7e:81:db:fb:a9:84:69:ae:b3:56:66:1b:37: ed:c3:de:87:d2:7f:9e:e9:60:cd:c1:6d:b8:ed:88:cf:04:a6: 96:31:c5:76:16:ed:7b:08:27:91:85:16:c5:a6:25:2d:95:55: 60:e8:b1:9b:2c:0d:66:bc:0b:50:52:ca:5e:11:11:fb:3b:9d: 32:fd:5a:61:33:af:cd:47:b9:6d:97:75:9c:4a:c9:71:dd:f8: 2b:56:06:8b:d6:0f:d1:ff:e3:01:85:0f:40:b6:d4:f8:94:d7: c3:95:b2:b7:3a:ee:54:8c:b5:b2:9e:4f:30:93:fa:b2:91:05: 2d:0e:b9:0b:a7:fb:34:9e:08:6b:98:ea:89:bd:6e:3b:82:90: 32:5b:00:24:d9:e6:12:f0:59:43:84:7b:63:c2:c4:3d:37:3c: 1a:81:a3:37 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUShzncVUhkcrCTv/cqlyutFiqGswwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkxMloX DTI3MDMwMzA2MTQxMlowMzExMC8GA1UEAxMoMDg2NjlCNUNBRDY3OTgxMDg1OTlG ODE2NTQ1MUYzMDFCNUI4QTJENjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO8W1nQQcTR0kAvCvBF9LKLYdNn3redLxRgy1TNYomltKUE35m8BnTjtL+q3 k8O57M1k58VaAUX9a+cXxytLwWBIxsNtZbU5jAUH/vu0VjinnvGG0F7pWbNwXsbj PJOa6g+ccL3T78qtw01jCnMnzNyoc2tm6GTzDYyOm3UYms6t1Bq04l813qOE3hm9 UfQbPGiqU1Wvvpfc92M+Zsv44ZzuYZJI92Xn6xs8DkiOcePAlbPF/4mry4HIZSsd yl0uHseF0+ojGBsLF400KsTRS7ib45zyDK+OGwzLH19NchuqypMDDFXMN7eTgYX3 GK5RRYuqLl9NMwaF0fQoF7trYvMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQIZptc rWeYEIWZ+BZUUfMBtbii1jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzc1My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pE8wDQYJKoZIhvcNAQELBQADggEBAL15/1EqzU9iBkqUBgQVf1ou8e3Yxb5wN00F E32NMkVn2bncD2q42NfVoprgDr0Eirv3QWFodRrevmB56tFuvyyeAd76f+e3MrQG pzKNDMrrOOPP6H/6rcCwW0yQ6etJfoHb+6mEaa6zVmYbN+3D3ofSf57pYM3Bbbjt iM8EppYxxXYW7XsIJ5GFFsWmJS2VVWDosZssDWa8C1BSyl4REfs7nTL9WmEzr81H uW2XdZxKyXHd+CtWBovWD9H/4wGFD0C21PiU18OVsrc67lSMtbKeTzCT+rKRBS0O uQun+zSeCGuY6om9bjuCkDJbACTZ5hLwWUOEe2PCxD03PBqBozc= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:11 2026 by rpki-client