$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143852.roa File: AS143852.roa (raw, json) Hash identifier: FgyyniZ8gWAoe2aUe6u5RU2SCAGlEIUj7hbaIa87dMs= Subject key identifier: 32:D0:4A:19:5C:77:6B:6B:74:BD:5D:25:29:C2:02:50:A5:53:B8:7B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0E6E9086F2168B174EEA343FDCFCDC08ECB8EEBF Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143852.roa Signing time: Wed 04 Mar 2026 06:14:06 +0000 ROA not before: Wed 04 Mar 2026 06:09:06 +0000 ROA not after: Wed 03 Mar 2027 06:14:06 +0000 asID: 143852 IP address blocks: 240a:a4b2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:6e:90:86:f2:16:8b:17:4e:ea:34:3f:dc:fc:dc:08:ec:b8:ee:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:06 2026 GMT Not After : Mar 3 06:14:06 2027 GMT Subject: CN=32D04A195C776B6B74BD5D2529C20250A553B87B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:25:b6:48:c0:47:65:58:1e:95:54:7d:ad:ce: 53:41:67:77:f8:8d:bf:6c:db:a9:9b:81:08:a2:7c: 24:c2:e2:87:6f:a4:53:55:07:ef:f0:da:2f:a3:47: 45:75:29:3f:e4:56:02:ae:19:00:5a:08:5c:0c:25: 1d:9d:78:72:e7:66:35:a0:e8:e6:f8:66:23:28:0c: 34:09:ca:29:5d:a5:31:17:90:07:c0:6e:f2:65:f3: b1:2a:d1:cc:4f:a8:de:26:6a:59:68:b5:dd:07:27: aa:4c:f3:0f:30:1f:34:23:89:1d:26:cf:a8:8d:02: 01:54:a3:78:10:3e:b7:06:6e:cd:45:fa:d4:57:1c: ab:e4:9b:39:21:f1:52:e7:6a:23:75:47:73:76:84: ab:74:9b:07:7d:bd:21:27:fb:12:d3:bc:52:8d:38: 70:ff:20:aa:d6:22:3d:6d:8e:72:4f:74:5a:e8:54: 7a:ca:ed:8b:f1:ae:56:49:22:30:0c:37:db:84:b1: 61:15:16:2e:c1:f3:01:e4:70:8e:40:89:02:b9:42: 74:73:f9:f7:40:27:01:6c:0d:aa:93:61:15:b7:54: 01:66:f8:f6:4f:74:7a:ac:5e:04:05:bd:80:7c:b3: 71:c8:91:fa:dd:74:a6:a3:a5:50:29:91:9e:0a:42: 21:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:D0:4A:19:5C:77:6B:6B:74:BD:5D:25:29:C2:02:50:A5:53:B8:7B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143852.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4b2::/32 Signature Algorithm: sha256WithRSAEncryption 3f:e5:25:3b:1f:39:97:6a:76:44:1f:4e:cd:5e:c2:29:0d:02: db:12:72:d5:76:b8:c4:4a:eb:e1:3f:a2:58:f9:bb:94:f5:d4: 8b:cd:de:53:73:dd:6c:d9:6b:a4:8d:0e:ba:ce:e0:c8:ac:6a: c2:f1:e5:ae:66:a6:13:03:ab:a2:3a:5e:22:d2:c9:23:7f:a7: 1b:9a:6d:dc:5a:1b:c8:09:61:db:26:56:79:29:a9:0a:4c:c1: 2b:91:6c:91:5c:6e:e3:53:b7:00:40:fd:88:29:00:36:1a:43: ed:a8:bc:4b:54:fb:53:60:53:dd:6e:aa:35:47:3a:f1:3d:60: df:00:be:8c:40:66:02:a9:a0:bb:f8:1a:ac:99:dc:67:10:f9: 2c:76:45:65:ed:1f:db:b1:0d:49:9e:da:31:d0:8d:0e:da:31: 56:75:6c:0b:20:b8:61:1e:cc:6b:c8:26:b1:d1:8d:b9:39:08: 8c:f1:62:f1:23:1b:ab:b2:c4:b3:35:9f:b2:95:8a:53:dd:a5: de:59:1e:56:3c:ef:7d:63:41:c4:a9:32:7d:0a:ac:0b:80:f4: 99:d0:01:1f:02:8c:c3:fc:5b:0a:57:1f:02:c4:7e:ab:4c:52: 0d:be:23:e5:9d:44:8e:96:2b:17:46:b6:4f:f2:f5:20:d3:2a: 77:11:86:30 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDm6QhvIWixdO6jQ/3PzcCOy47r8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkwNloX DTI3MDMwMzA2MTQwNlowMzExMC8GA1UEAxMoMzJEMDRBMTk1Qzc3NkI2Qjc0QkQ1 RDI1MjlDMjAyNTBBNTUzQjg3QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKMltkjAR2VYHpVUfa3OU0Fnd/iNv2zbqZuBCKJ8JMLih2+kU1UH7/DaL6NH RXUpP+RWAq4ZAFoIXAwlHZ14cudmNaDo5vhmIygMNAnKKV2lMReQB8Bu8mXzsSrR zE+o3iZqWWi13QcnqkzzDzAfNCOJHSbPqI0CAVSjeBA+twZuzUX61Fccq+SbOSHx UudqI3VHc3aEq3SbB329ISf7EtO8Uo04cP8gqtYiPW2Ock90WuhUesrti/GuVkki MAw324SxYRUWLsHzAeRwjkCJArlCdHP590AnAWwNqpNhFbdUAWb49k90eqxeBAW9 gHyzcciR+t10pqOlUCmRngpCISECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQy0EoZ XHdra3S9XSUpwgJQpVO4ezAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzg1Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pLIwDQYJKoZIhvcNAQELBQADggEBAD/lJTsfOZdqdkQfTs1ewikNAtsSctV2uMRK 6+E/olj5u5T11IvN3lNz3WzZa6SNDrrO4MisasLx5a5mphMDq6I6XiLSySN/pxua bdxaG8gJYdsmVnkpqQpMwSuRbJFcbuNTtwBA/YgpADYaQ+2ovEtU+1NgU91uqjVH OvE9YN8AvoxAZgKpoLv4GqyZ3GcQ+Sx2RWXtH9uxDUme2jHQjQ7aMVZ1bAsguGEe zGvIJrHRjbk5CIzxYvEjG6uyxLM1n7KVilPdpd5ZHlY8731jQcSpMn0KrAuA9JnQ AR8CjMP8WwpXHwLEfqtMUg2+I+WdRI6WKxdGtk/y9SDTKncRhjA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:32 2026 by rpki-client