$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143803.roa File: AS143803.roa (raw, json) Hash identifier: ZZoLF/0TCSmzfqjr/fJ0z10No2vVJeUUEi0A9AXSu6s= Subject key identifier: DB:2A:F5:CF:00:15:15:0C:1C:24:33:4F:4E:58:97:F0:4A:99:FF:CE Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3C6B3FC2E94789BEFB40EA0BFA9AEE2FF723105A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143803.roa Signing time: Wed 04 Mar 2026 06:14:32 +0000 ROA not before: Wed 04 Mar 2026 06:09:32 +0000 ROA not after: Wed 03 Mar 2027 06:14:32 +0000 asID: 143803 IP address blocks: 240a:a481::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:6b:3f:c2:e9:47:89:be:fb:40:ea:0b:fa:9a:ee:2f:f7:23:10:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:32 2026 GMT Not After : Mar 3 06:14:32 2027 GMT Subject: CN=DB2AF5CF0015150C1C24334F4E5897F04A99FFCE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:7d:5c:b8:77:97:50:1f:5c:43:bd:77:4e:e9: d6:ca:1d:5f:ca:fd:71:d8:f6:e1:8e:09:e7:66:7e: bb:bf:4e:91:41:22:42:7c:ac:65:41:03:98:52:95: 19:a4:72:09:3b:4a:75:c1:22:9e:47:c5:29:33:06: 02:f1:df:8f:8f:a7:d7:f0:29:b4:fc:1a:e7:16:e2: 6c:db:69:c0:56:c7:b0:19:91:ab:c8:e7:85:e8:76: 4a:54:5a:d0:85:fe:5b:cf:0c:5c:42:12:db:1b:a8: 93:6b:7e:db:7b:5a:8b:22:87:51:e3:d6:7e:ce:a4: 80:3d:bc:35:64:cd:49:e3:22:27:33:cc:a7:d1:a8: 9b:ae:46:60:76:e1:33:de:4c:a0:82:f7:cf:2b:14: a5:66:82:1e:37:9d:5d:c2:72:d9:47:73:86:3f:50: 69:fc:65:03:65:af:0b:fd:c4:fa:fc:f9:05:d7:4f: c2:53:32:dc:ee:d5:f0:5d:89:0a:c3:5a:76:46:00: 68:fe:b6:2d:77:74:1d:a3:33:9a:5a:a8:f2:b6:b9: 67:50:60:c4:4e:27:6c:83:41:39:99:d4:ee:b4:d8: 4f:e7:2e:ea:3e:dd:74:33:1d:2b:64:86:a2:b0:16: a0:16:73:09:be:d2:0f:87:e4:f5:dd:37:35:26:18: 13:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:2A:F5:CF:00:15:15:0C:1C:24:33:4F:4E:58:97:F0:4A:99:FF:CE X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143803.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a481::/32 Signature Algorithm: sha256WithRSAEncryption 75:65:57:0d:1f:d5:a3:8a:36:88:8a:bd:c2:dd:8e:a8:4b:80: 0d:1c:44:90:ae:9d:e4:cd:89:f5:cf:b9:5a:2a:a6:1c:a0:a2: 02:a9:93:ae:84:49:89:f6:18:19:14:0c:a1:2a:f8:d5:c9:cb: cc:40:11:e1:ad:df:ba:76:4d:04:f3:82:ed:d7:67:3c:33:25: 13:54:a9:b0:8f:99:25:e6:f2:91:3a:62:b9:0f:83:22:09:e2: ee:8c:c3:46:99:95:f8:d6:ce:83:df:c2:d4:2b:5c:f1:25:64: 75:3c:42:bd:fe:73:1f:b3:10:31:0a:42:f9:1a:8d:c7:ef:87: f4:1a:a0:0c:6c:86:83:a9:7d:00:b1:de:85:7e:8c:a9:fe:70: 40:98:6c:b9:99:15:29:a2:7e:36:43:85:fd:83:55:19:da:38: 01:d5:f7:00:5e:45:15:cc:b4:c8:40:ed:8a:0e:6a:24:6e:b6: cb:a4:3a:7b:ab:f6:03:0e:fa:f3:f9:fa:09:35:ce:a9:30:7d: 46:d9:76:df:89:fe:81:e2:bd:f8:a2:c6:0f:9b:da:f1:72:cb: 0b:c2:e4:28:26:47:d7:fd:fd:e4:0a:92:23:8b:16:38:11:3c: c4:f1:b5:1e:2a:3c:8a:53:d0:57:bc:38:8a:c8:0d:37:76:97: f5:b4:22:34 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPGs/wulHib77QOoL+pruL/cjEFowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkzMloX DTI3MDMwMzA2MTQzMlowMzExMC8GA1UEAxMoREIyQUY1Q0YwMDE1MTUwQzFDMjQz MzRGNEU1ODk3RjA0QTk5RkZDRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALR9XLh3l1AfXEO9d07p1sodX8r9cdj24Y4J52Z+u79OkUEiQnysZUEDmFKV GaRyCTtKdcEinkfFKTMGAvHfj4+n1/AptPwa5xbibNtpwFbHsBmRq8jnheh2SlRa 0IX+W88MXEIS2xuok2t+23taiyKHUePWfs6kgD28NWTNSeMiJzPMp9Gom65GYHbh M95MoIL3zysUpWaCHjedXcJy2Udzhj9QafxlA2WvC/3E+vz5BddPwlMy3O7V8F2J CsNadkYAaP62LXd0HaMzmlqo8ra5Z1BgxE4nbINBOZnU7rTYT+cu6j7ddDMdK2SG orAWoBZzCb7SD4fk9d03NSYYE3ECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTbKvXP ABUVDBwkM09OWJfwSpn/zjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzgwMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pIEwDQYJKoZIhvcNAQELBQADggEBAHVlVw0f1aOKNoiKvcLdjqhLgA0cRJCuneTN ifXPuVoqphygogKpk66ESYn2GBkUDKEq+NXJy8xAEeGt37p2TQTzgu3XZzwzJRNU qbCPmSXm8pE6YrkPgyIJ4u6Mw0aZlfjWzoPfwtQrXPElZHU8Qr3+cx+zEDEKQvka jcfvh/QaoAxshoOpfQCx3oV+jKn+cECYbLmZFSmifjZDhf2DVRnaOAHV9wBeRRXM tMhA7YoOaiRutsukOnur9gMO+vP5+gk1zqkwfUbZdt+J/oHivfiixg+b2vFyywvC 5CgmR9f9/eQKkiOLFjgRPMTxtR4qPIpT0Fe8OIrIDTd2l/W0IjQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:59 2026 by rpki-client