$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143869.roa File: AS143869.roa (raw, json) Hash identifier: xVXSY29HxLuQvv4RFnHL0hniBCbAWi/yPCwJFse6K6M= Subject key identifier: 11:EB:B2:5F:DE:D9:78:22:FC:72:E1:EA:17:17:ED:38:79:BB:A3:CC Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 45A02B9D3A6DE78C5D5CBCB0BAA0604418630780 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143869.roa Signing time: Wed 04 Mar 2026 06:14:22 +0000 ROA not before: Wed 04 Mar 2026 06:09:22 +0000 ROA not after: Wed 03 Mar 2027 06:14:22 +0000 asID: 143869 IP address blocks: 240a:a4c3::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:a0:2b:9d:3a:6d:e7:8c:5d:5c:bc:b0:ba:a0:60:44:18:63:07:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:22 2026 GMT Not After : Mar 3 06:14:22 2027 GMT Subject: CN=11EBB25FDED97822FC72E1EA1717ED3879BBA3CC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:69:66:91:9a:35:5f:c0:be:fa:cf:e3:6b:72: 5d:43:e2:82:5a:4d:10:26:18:b2:52:62:c2:e8:26: 31:7e:a7:42:65:e9:cb:24:12:0c:e5:97:35:4a:ca: 82:3d:f0:31:4a:57:75:03:6e:3c:01:d3:17:b7:e4: 5a:9a:90:f5:81:9d:92:fb:40:bb:0a:be:23:8c:70: 5c:8f:a1:78:bf:cb:ff:22:ab:7f:47:57:8b:62:87: cb:cb:0b:29:c9:ae:d2:1e:74:10:b0:8f:4a:cb:a9: 5e:eb:93:c9:df:8d:47:a3:9d:a6:a5:2b:a7:4d:74: 17:63:e8:c3:4f:3d:85:07:00:a1:62:df:a2:27:16: 79:ef:90:0f:1d:16:85:bc:00:38:a1:21:42:bc:9c: d0:c5:61:5e:bc:18:23:c8:3f:c9:ba:36:dd:2c:6c: c7:7f:22:f3:ce:84:95:62:2b:9c:45:1d:58:12:a7: c1:a7:12:b2:25:7b:f8:8a:49:e0:0e:79:e7:19:40: af:2a:c3:e6:92:eb:dd:4e:5c:d0:14:19:ac:b4:a0: e4:eb:ec:c3:23:57:fe:a8:d5:93:e4:ca:36:98:fe: ed:20:5c:2d:5f:a7:53:34:41:a9:a0:66:3a:52:7d: 9a:5c:19:af:9a:1f:c7:e2:f0:84:e3:4e:f1:70:e2: 32:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:EB:B2:5F:DE:D9:78:22:FC:72:E1:EA:17:17:ED:38:79:BB:A3:CC X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143869.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4c3::/32 Signature Algorithm: sha256WithRSAEncryption a8:98:21:88:d9:d4:0a:5c:6b:b8:3c:64:33:1e:d2:5e:f5:e5: ad:4b:7d:40:a3:af:ad:ec:e5:ca:8f:63:f6:4a:13:c8:f2:cd: 75:0c:ca:55:a2:a8:96:bd:d5:25:96:0b:df:7f:e8:51:31:ab: dd:73:14:87:ab:3c:95:4f:9b:7d:d7:94:bf:dd:bd:11:c9:b9: 86:6b:08:06:fc:72:0e:76:cb:b3:e3:e7:ca:dd:be:5d:4b:27: 5e:6c:4f:8f:47:34:7f:b3:80:61:2e:96:27:82:84:53:04:38: b9:74:6c:4b:4d:da:31:79:1e:7d:87:1f:b5:8d:ec:90:0d:7b: a6:2a:e2:f1:29:a0:77:18:32:95:b7:b1:53:ea:9c:26:bf:31: c7:71:a0:ec:c5:20:60:30:c2:61:46:1f:77:43:f5:0d:f1:6a: 54:5d:e4:86:66:a6:3f:a9:a1:5d:5c:99:38:17:bf:48:56:b3: 6f:90:42:c5:c3:53:96:94:dc:46:a8:51:ba:17:9c:e3:0b:9b: ee:66:47:40:a6:b0:5b:95:5c:7b:35:67:e9:c8:ab:59:b2:02: fb:ce:31:2a:01:a4:bd:b2:36:43:8b:08:84:f2:85:5a:d2:dc: 2f:39:f5:33:49:28:8d:e5:d2:d7:03:a9:51:e8:dc:72:01:b1: 10:22:b1:e8 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIURaArnTpt54xdXLywuqBgRBhjB4AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkyMloX DTI3MDMwMzA2MTQyMlowMzExMC8GA1UEAxMoMTFFQkIyNUZERUQ5NzgyMkZDNzJF MUVBMTcxN0VEMzg3OUJCQTNDQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALppZpGaNV/AvvrP42tyXUPiglpNECYYslJiwugmMX6nQmXpyyQSDOWXNUrK gj3wMUpXdQNuPAHTF7fkWpqQ9YGdkvtAuwq+I4xwXI+heL/L/yKrf0dXi2KHy8sL Kcmu0h50ELCPSsupXuuTyd+NR6OdpqUrp010F2Pow089hQcAoWLfoicWee+QDx0W hbwAOKEhQryc0MVhXrwYI8g/ybo23Sxsx38i886ElWIrnEUdWBKnwacSsiV7+IpJ 4A555xlAryrD5pLr3U5c0BQZrLSg5OvswyNX/qjVk+TKNpj+7SBcLV+nUzRBqaBm OlJ9mlwZr5ofx+LwhONO8XDiMk0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQR67Jf 3tl4Ivxy4eoXF+04ebujzDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzg2OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pMMwDQYJKoZIhvcNAQELBQADggEBAKiYIYjZ1Apca7g8ZDMe0l715a1LfUCjr63s 5cqPY/ZKE8jyzXUMylWiqJa91SWWC99/6FExq91zFIerPJVPm33XlL/dvRHJuYZr CAb8cg52y7Pj58rdvl1LJ15sT49HNH+zgGEulieChFMEOLl0bEtN2jF5Hn2HH7WN 7JANe6Yq4vEpoHcYMpW3sVPqnCa/McdxoOzFIGAwwmFGH3dD9Q3xalRd5IZmpj+p oV1cmTgXv0hWs2+QQsXDU5aU3EaoUboXnOMLm+5mR0CmsFuVXHs1Z+nIq1myAvvO MSoBpL2yNkOLCITyhVrS3C859TNJKI3l0tcDqVHo3HIBsRAiseg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:07 2026 by rpki-client