$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143798.roa File: AS143798.roa (raw, json) Hash identifier: XQkO1R8+RUo7aL095R9aF39qUHm1dr0QR9Ml5GJdtUo= Subject key identifier: CC:B3:F5:A5:F9:9E:E5:BF:C8:CA:41:D9:A5:23:8A:52:68:3F:D6:09 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 51AB0DB5ED11C8C65D27B5EAED04B255AE6284EE Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143798.roa Signing time: Wed 04 Mar 2026 06:13:43 +0000 ROA not before: Wed 04 Mar 2026 06:08:43 +0000 ROA not after: Wed 03 Mar 2027 06:13:43 +0000 asID: 143798 IP address blocks: 240a:a47c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:ab:0d:b5:ed:11:c8:c6:5d:27:b5:ea:ed:04:b2:55:ae:62:84:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:43 2026 GMT Not After : Mar 3 06:13:43 2027 GMT Subject: CN=CCB3F5A5F99EE5BFC8CA41D9A5238A52683FD609 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:fd:3a:f5:c8:da:69:6f:be:20:bb:75:0b:d2: 0f:4e:1d:68:50:4b:a7:85:b9:44:a3:ad:d2:70:60: 51:cf:34:18:35:37:78:32:0d:59:68:cd:95:20:49: 57:ad:3b:78:03:67:9d:24:34:47:87:9b:89:37:de: 60:97:33:62:1a:cb:66:d2:fb:b4:a7:49:f0:cb:6b: d6:42:21:42:12:f6:ce:e7:ef:94:81:f1:a7:87:38: c6:ec:08:7d:67:58:f8:31:da:c9:a5:0d:79:65:09: e4:4d:3b:4f:06:66:7b:4e:53:cd:fe:da:57:88:3a: 9e:5d:b2:e0:59:51:4a:c4:23:40:0b:49:be:9f:9b: 71:3e:76:6e:03:29:55:4f:ce:5e:61:01:34:27:4f: 0a:75:d2:f7:9e:30:72:6c:36:61:ec:6c:31:c4:fd: 5f:57:28:b9:e3:d0:21:32:d0:d1:a7:e9:3e:73:c7: 5c:95:c9:25:e3:1b:a5:b6:96:f3:da:97:74:96:2a: 24:fe:77:94:e5:23:14:1a:8f:d8:90:a4:65:76:1a: 60:61:61:d4:4c:1e:a1:15:2e:01:9d:31:7c:14:d2: 17:b6:ee:5b:b6:46:7c:44:b7:64:a3:1c:41:15:ff: 55:e1:22:2e:f6:33:7d:cd:92:cb:eb:33:39:57:42: 1c:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:B3:F5:A5:F9:9E:E5:BF:C8:CA:41:D9:A5:23:8A:52:68:3F:D6:09 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143798.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a47c::/32 Signature Algorithm: sha256WithRSAEncryption 8c:e8:8c:b6:e5:b4:88:8a:d7:49:15:c9:a9:7c:90:09:ac:75: 18:3d:df:45:42:48:27:a8:79:c6:0c:7d:17:00:06:79:8b:01: de:f4:3d:bb:b3:8f:17:c1:d9:7c:15:49:2a:3a:d6:5d:23:f2: 77:e6:27:05:79:9a:68:3f:ce:6a:b5:28:30:32:65:ab:1f:a9: 2b:28:c2:a4:9f:77:8a:58:d3:fc:72:35:2e:b5:6c:cf:22:8f: e4:29:ef:8b:ee:af:5e:53:b3:c4:e8:9b:b5:6b:61:05:3d:09: fc:69:f4:87:3b:b9:f6:bb:8d:ef:f3:8d:7c:d4:a2:92:73:02: 27:a3:03:20:97:98:93:76:45:81:43:93:29:ec:59:b5:08:32: 38:85:c8:0b:ff:53:97:3b:b1:ce:3d:61:17:60:5f:e9:7b:21: 69:3a:54:6c:2d:fb:23:ed:b6:4f:33:f6:8e:eb:a5:5b:1c:c3: a7:9c:97:c6:bb:15:c6:8c:22:a0:1d:a3:d2:c5:25:92:90:3c: e1:d7:5a:69:85:29:7e:1e:db:f2:f6:45:c3:b9:f2:76:8c:98: 26:76:f0:d3:06:03:80:c3:7b:23:9b:e1:1c:94:88:11:de:d4: 4c:91:75:08:0a:3f:fc:31:73:b1:00:79:5b:27:97:38:52:92: 98:62:67:68 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUUasNte0RyMZdJ7Xq7QSyVa5ihO4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDg0M1oX DTI3MDMwMzA2MTM0M1owMzExMC8GA1UEAxMoQ0NCM0Y1QTVGOTlFRTVCRkM4Q0E0 MUQ5QTUyMzhBNTI2ODNGRDYwOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOv9OvXI2mlvviC7dQvSD04daFBLp4W5RKOt0nBgUc80GDU3eDINWWjNlSBJ V607eANnnSQ0R4ebiTfeYJczYhrLZtL7tKdJ8Mtr1kIhQhL2zufvlIHxp4c4xuwI fWdY+DHayaUNeWUJ5E07TwZme05Tzf7aV4g6nl2y4FlRSsQjQAtJvp+bcT52bgMp VU/OXmEBNCdPCnXS954wcmw2YexsMcT9X1couePQITLQ0afpPnPHXJXJJeMbpbaW 89qXdJYqJP53lOUjFBqP2JCkZXYaYGFh1EweoRUuAZ0xfBTSF7buW7ZGfES3ZKMc QRX/VeEiLvYzfc2Sy+szOVdCHKcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTMs/Wl +Z7lv8jKQdmlI4pSaD/WCTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzc5OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pHwwDQYJKoZIhvcNAQELBQADggEBAIzojLbltIiK10kVyal8kAmsdRg930VCSCeo ecYMfRcABnmLAd70PbuzjxfB2XwVSSo61l0j8nfmJwV5mmg/zmq1KDAyZasfqSso wqSfd4pY0/xyNS61bM8ij+Qp74vur15Ts8Tom7VrYQU9Cfxp9Ic7ufa7je/zjXzU opJzAiejAyCXmJN2RYFDkynsWbUIMjiFyAv/U5c7sc49YRdgX+l7IWk6VGwt+yPt tk8z9o7rpVscw6ecl8a7FcaMIqAdo9LFJZKQPOHXWmmFKX4e2/L2RcO58naMmCZ2 8NMGA4DDeyOb4RyUiBHe1EyRdQgKP/wxc7EAeVsnlzhSkphiZ2g= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:20 2026 by rpki-client