$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143867.roa File: AS143867.roa (raw, json) Hash identifier: ID0JTO6oXriC5K7xZW+HTMlMmAWI5lmsrRkAJlDCL60= Subject key identifier: 28:20:89:A4:38:EA:05:E5:4C:45:1E:AA:5B:66:6F:A5:6B:B8:52:2E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 35BE63FA326FE3EB8A7CBFC3F1305F1072B259FA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143867.roa Signing time: Wed 04 Mar 2026 06:13:10 +0000 ROA not before: Wed 04 Mar 2026 06:08:10 +0000 ROA not after: Wed 03 Mar 2027 06:13:10 +0000 asID: 143867 IP address blocks: 240a:a4c1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:be:63:fa:32:6f:e3:eb:8a:7c:bf:c3:f1:30:5f:10:72:b2:59:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:10 2026 GMT Not After : Mar 3 06:13:10 2027 GMT Subject: CN=282089A438EA05E54C451EAA5B666FA56BB8522E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:14:15:cd:27:a4:89:10:19:77:59:b9:2a:e4: ff:c0:b7:34:d9:72:a8:a9:79:45:5c:f9:20:03:cd: 88:90:03:e0:56:06:d1:47:b4:05:53:ee:5f:8d:b2: 0c:38:87:fd:fb:e1:8e:cd:f8:9f:02:34:b3:a9:01: cc:c6:ce:62:9c:ed:d2:e3:77:1c:cd:c2:71:34:70: 0b:f5:5b:de:7a:84:2c:da:73:ee:f0:15:82:cd:ee: 22:84:60:56:a7:73:7c:c6:b0:9e:6d:63:25:7d:8d: 5d:6c:3f:6d:1f:a9:85:52:5b:ba:89:08:47:77:8a: 78:e8:85:7e:f6:99:75:c7:f6:6a:52:00:e6:ab:70: a9:5a:c2:cb:44:74:19:02:63:94:8d:3c:4e:b7:41: fb:92:53:22:cf:da:f1:ad:15:83:99:e6:48:19:7b: c2:d4:a8:11:85:11:52:67:45:3b:2b:05:a4:a5:bf: ce:d0:15:a6:10:63:a4:39:20:d5:6e:61:24:62:71: 7b:b7:b3:69:07:83:65:37:13:79:e3:2e:c5:3a:a5: ba:a0:bf:2d:53:bf:0b:40:d4:78:85:73:a5:73:55: 58:23:15:5c:93:a7:1b:05:f5:62:0c:cf:70:21:c4: 21:38:3d:23:f0:2a:80:5d:e8:4b:b3:84:3e:f0:b8: d6:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:20:89:A4:38:EA:05:E5:4C:45:1E:AA:5B:66:6F:A5:6B:B8:52:2E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143867.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4c1::/32 Signature Algorithm: sha256WithRSAEncryption a3:e9:e7:e5:c7:c8:ae:80:a4:1a:a1:26:f1:ae:dc:42:29:a1: 69:89:43:81:16:f6:68:09:5b:9a:ef:51:33:f4:e9:03:0c:12: db:a7:eb:40:7a:bf:cd:3f:e1:c5:e2:73:85:cb:0f:0a:0e:32: b2:c1:c6:d7:8e:8a:3a:6f:6b:2b:c5:5c:fd:12:52:48:33:0b: 2e:d2:2d:37:8c:7d:12:14:af:74:47:c4:bb:1a:7d:fa:d7:05: 01:d1:37:0f:5f:c1:b3:f0:3b:a7:f3:81:32:ff:3a:32:c4:83: d5:fc:35:29:46:f5:5c:01:14:93:7c:1d:be:80:06:3b:df:44: 1d:30:f3:9e:11:f6:a2:21:ba:d7:1f:60:b8:28:b7:93:87:bf: 8c:53:bb:b8:ed:12:d8:07:54:e6:74:d6:26:3a:2a:26:4b:a4: 9d:e2:14:03:54:e0:13:da:10:df:06:d8:04:9f:66:b0:dc:e4: 5b:d7:a1:b5:48:1e:82:50:67:61:d7:c3:24:ff:a3:27:29:50: d7:9a:d3:31:e8:cd:aa:8f:a4:28:2a:7b:b7:8d:4b:82:b9:b2: 94:66:8c:ca:61:d2:c1:59:cd:b5:30:5d:91:95:91:cb:ab:90: df:12:79:18:25:b8:36:64:14:60:09:0d:91:0d:08:cf:aa:45: d1:24:87:87 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNb5j+jJv4+uKfL/D8TBfEHKyWfowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgxMFoX DTI3MDMwMzA2MTMxMFowMzExMC8GA1UEAxMoMjgyMDg5QTQzOEVBMDVFNTRDNDUx RUFBNUI2NjZGQTU2QkI4NTIyRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK4UFc0npIkQGXdZuSrk/8C3NNlyqKl5RVz5IAPNiJAD4FYG0Ue0BVPuX42y DDiH/fvhjs34nwI0s6kBzMbOYpzt0uN3HM3CcTRwC/Vb3nqELNpz7vAVgs3uIoRg VqdzfMawnm1jJX2NXWw/bR+phVJbuokIR3eKeOiFfvaZdcf2alIA5qtwqVrCy0R0 GQJjlI08TrdB+5JTIs/a8a0Vg5nmSBl7wtSoEYURUmdFOysFpKW/ztAVphBjpDkg 1W5hJGJxe7ezaQeDZTcTeeMuxTqluqC/LVO/C0DUeIVzpXNVWCMVXJOnGwX1YgzP cCHEITg9I/AqgF3oS7OEPvC41pECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQoIImk OOoF5UxFHqpbZm+la7hSLjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzg2Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pMEwDQYJKoZIhvcNAQELBQADggEBAKPp5+XHyK6ApBqhJvGu3EIpoWmJQ4EW9mgJ W5rvUTP06QMMEtun60B6v80/4cXic4XLDwoOMrLBxteOijpvayvFXP0SUkgzCy7S LTeMfRIUr3RHxLsaffrXBQHRNw9fwbPwO6fzgTL/OjLEg9X8NSlG9VwBFJN8Hb6A BjvfRB0w854R9qIhutcfYLgot5OHv4xTu7jtEtgHVOZ01iY6KiZLpJ3iFANU4BPa EN8G2ASfZrDc5FvXobVIHoJQZ2HXwyT/oycpUNea0zHozaqPpCgqe7eNS4K5spRm jMph0sFZzbUwXZGVkcurkN8SeRgluDZkFGAJDZENCM+qRdEkh4c= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:06 2026 by rpki-client