$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143800.roa File: AS143800.roa (raw, json) Hash identifier: 6uxRRNqqlI202gyyXrew5bPx8yQ2WU+962jd7qwfs2U= Subject key identifier: 88:40:8C:6D:D6:F4:F8:47:3F:94:BB:3E:0F:7D:0D:46:BA:6D:54:83 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4553D93691229979A3F2A2454CA84A33BDE09CEA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143800.roa Signing time: Wed 04 Mar 2026 06:13:11 +0000 ROA not before: Wed 04 Mar 2026 06:08:11 +0000 ROA not after: Wed 03 Mar 2027 06:13:11 +0000 asID: 143800 IP address blocks: 240a:a47e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:53:d9:36:91:22:99:79:a3:f2:a2:45:4c:a8:4a:33:bd:e0:9c:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:11 2026 GMT Not After : Mar 3 06:13:11 2027 GMT Subject: CN=88408C6DD6F4F8473F94BB3E0F7D0D46BA6D5483 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:80:71:34:45:d8:8e:f1:79:03:f0:33:f6:c0: 2a:2c:7d:a3:f2:3a:1d:0f:bb:d9:af:6f:60:97:64: a1:7b:a7:16:8d:aa:0e:dc:07:4e:10:3b:de:3d:55: 88:c0:93:9c:5c:1f:86:e9:55:cf:c8:95:91:02:3b: 50:33:57:07:ae:1e:9b:7a:05:4e:74:0d:9a:5f:27: 50:95:67:cf:4d:93:cd:33:c7:cd:24:9f:75:56:90: b5:5a:52:36:10:58:00:b6:3c:20:b6:bb:45:23:4b: fa:e7:a5:29:1a:e2:2f:c0:00:8a:10:ce:45:0b:5d: b2:9c:4a:a6:c0:00:9c:9b:26:66:9f:0c:6f:c5:d3: f4:75:35:61:97:a4:9a:d3:9d:2c:56:d9:45:76:4e: 71:82:39:83:be:8f:f1:01:79:94:85:cc:77:69:25: 0b:d7:9d:61:09:73:ac:eb:f8:45:36:15:e5:72:c1: 23:3b:15:b4:00:fa:91:55:8a:f5:2d:f0:3b:ba:17: e9:9b:53:66:59:3f:63:a6:cb:19:da:ab:05:e2:a5: df:41:e5:f8:30:3e:24:3b:51:3a:87:ba:a0:74:a3: 3c:21:ce:e9:77:60:db:68:7f:b5:a2:ec:7e:3c:02: b4:59:6a:a7:c4:74:e6:cc:6e:64:30:0d:c5:d0:7f: 48:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:40:8C:6D:D6:F4:F8:47:3F:94:BB:3E:0F:7D:0D:46:BA:6D:54:83 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143800.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a47e::/32 Signature Algorithm: sha256WithRSAEncryption a9:f6:47:59:b2:a0:73:f8:67:b2:60:0c:19:35:f2:cb:6c:1b: f3:89:3f:de:da:b2:d5:53:b6:37:a1:a7:44:d6:39:e6:4e:bd: 22:c1:c7:59:ff:22:f1:32:2d:8f:85:7d:cd:ca:52:0e:cb:ed: aa:96:ea:e6:20:b1:01:19:93:2f:e3:9b:f6:d2:ae:18:01:c4: 9a:96:c4:c2:f8:9e:a5:82:b4:8b:1c:4a:d4:01:75:5e:8c:c1: 5e:d2:39:23:d1:76:7f:39:70:48:ad:5d:ae:b7:5c:76:26:ff: 0f:ff:73:4b:3e:c6:d8:2a:86:9e:ee:58:d7:13:0f:ca:c0:58: 41:e0:e5:07:ab:55:88:74:9e:ec:b0:99:2b:ff:1a:a1:58:fd: d2:87:d9:f2:df:12:7a:f0:da:d4:a8:71:dc:17:ed:83:40:3c: d7:8b:50:da:f9:38:85:35:13:05:dc:02:de:57:eb:aa:7e:53: c7:92:ef:f1:c3:fd:fe:71:28:59:6b:e8:50:b4:d2:cf:67:63: 71:16:73:76:b0:3a:37:2f:03:bb:ad:ae:94:71:9f:b7:2a:98: 59:8f:d7:1d:b2:04:26:7c:75:5e:09:94:79:3b:43:58:55:31: 32:06:ba:bb:24:7e:93:4c:0d:85:cf:af:fb:2d:22:63:5a:e5: b4:53:6f:4a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIURVPZNpEimXmj8qJFTKhKM73gnOowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgxMVoX DTI3MDMwMzA2MTMxMVowMzExMC8GA1UEAxMoODg0MDhDNkRENkY0Rjg0NzNGOTRC QjNFMEY3RDBENDZCQTZENTQ4MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALqAcTRF2I7xeQPwM/bAKix9o/I6HQ+72a9vYJdkoXunFo2qDtwHThA73j1V iMCTnFwfhulVz8iVkQI7UDNXB64em3oFTnQNml8nUJVnz02TzTPHzSSfdVaQtVpS NhBYALY8ILa7RSNL+uelKRriL8AAihDORQtdspxKpsAAnJsmZp8Mb8XT9HU1YZek mtOdLFbZRXZOcYI5g76P8QF5lIXMd2klC9edYQlzrOv4RTYV5XLBIzsVtAD6kVWK 9S3wO7oX6ZtTZlk/Y6bLGdqrBeKl30Hl+DA+JDtROoe6oHSjPCHO6Xdg22h/taLs fjwCtFlqp8R05sxuZDANxdB/SEkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSIQIxt 1vT4Rz+Uuz4PfQ1Gum1UgzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzgwMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pH4wDQYJKoZIhvcNAQELBQADggEBAKn2R1myoHP4Z7JgDBk18stsG/OJP97astVT tjehp0TWOeZOvSLBx1n/IvEyLY+Ffc3KUg7L7aqW6uYgsQEZky/jm/bSrhgBxJqW xML4nqWCtIscStQBdV6MwV7SOSPRdn85cEitXa63XHYm/w//c0s+xtgqhp7uWNcT D8rAWEHg5QerVYh0nuywmSv/GqFY/dKH2fLfEnrw2tSocdwX7YNAPNeLUNr5OIU1 EwXcAt5X66p+U8eS7/HD/f5xKFlr6FC00s9nY3EWc3awOjcvA7utrpRxn7cqmFmP 1x2yBCZ8dV4JlHk7Q1hVMTIGurskfpNMDYXPr/stImNa5bRTb0o= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:30 2026 by rpki-client