$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143072.roa File: AS143072.roa (raw, json) Hash identifier: 1z848ib6ndp7grtlTG90lZ7X5t7FKCbfgaXWnRCn+0k= Subject key identifier: EA:08:F9:69:5D:0F:59:20:6A:DB:62:C5:53:D2:B7:DC:5D:C9:CD:DB Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2F006CCCCEFD7F559B6863EC3B2EEB95E6317F29 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143072.roa Signing time: Wed 04 Mar 2026 06:07:22 +0000 ROA not before: Wed 04 Mar 2026 06:02:22 +0000 ROA not after: Wed 03 Mar 2027 06:07:22 +0000 asID: 143072 IP address blocks: 240a:a1a6::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:00:6c:cc:ce:fd:7f:55:9b:68:63:ec:3b:2e:eb:95:e6:31:7f:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:22 2026 GMT Not After : Mar 3 06:07:22 2027 GMT Subject: CN=EA08F9695D0F59206ADB62C553D2B7DC5DC9CDDB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:bc:80:91:d4:08:2f:c7:f2:46:4e:db:37:fe: 19:b7:49:ea:f2:f6:96:c7:3f:8d:2e:e2:c9:67:4e: 05:f5:4f:b0:bf:0f:df:11:79:0e:dc:d2:54:e8:af: d8:ce:bc:cd:93:47:23:bb:e6:ac:c2:2f:95:52:37: 80:88:9d:67:89:03:0c:07:5a:66:df:dd:b8:d8:c0: 9a:bd:3e:da:7a:62:d4:1b:2c:8a:e9:1d:5e:c3:f7: 86:63:a6:85:2e:1e:16:9e:c2:2d:f4:26:52:55:6d: 67:d5:9f:3e:d9:7b:0b:b0:9b:0c:2f:d0:ad:7a:a8: 43:07:9b:56:b6:7e:ce:11:1d:01:26:ba:96:60:03: 47:d8:22:99:ac:2e:95:f9:48:63:2f:9f:74:4b:29: 67:b1:d9:e5:7d:db:1f:c4:d3:47:2f:c1:27:04:a1: e8:7e:3c:77:0f:e8:53:67:4a:27:fa:b0:ed:4c:b1: 69:79:ba:2c:c0:93:8b:06:7f:e7:84:83:88:1d:0d: b4:7e:5e:fe:ee:9e:59:16:69:78:ae:c4:e6:4b:aa: 1c:c4:8d:fe:68:e6:57:14:87:60:fa:89:9d:73:b8: b6:40:8f:ba:6f:6a:93:05:73:fc:07:a0:75:55:68: 4e:64:72:c1:c8:d6:12:09:83:b6:97:c5:e5:63:f8: d0:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:08:F9:69:5D:0F:59:20:6A:DB:62:C5:53:D2:B7:DC:5D:C9:CD:DB X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143072.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1a6::/32 Signature Algorithm: sha256WithRSAEncryption 21:36:aa:72:9d:3b:c9:d3:41:6d:0a:7d:ed:0a:ee:c3:38:69: ab:2b:26:94:93:67:9b:d4:6c:76:27:fd:c8:66:8c:ec:d0:f5: 29:b3:5f:a9:7e:bd:3d:31:cc:5f:2b:b1:c2:e6:7e:8a:b1:6b: ff:9d:fc:a7:73:d6:f8:5c:47:c4:1d:04:56:20:3f:80:e9:83: 93:93:4c:4d:9b:5f:5d:fe:76:bd:41:8b:aa:b1:55:fc:cc:99: a8:b1:a2:19:c0:60:6e:68:06:5f:ec:fd:96:78:13:71:ac:64: 54:06:75:b7:de:60:af:42:69:d8:c6:91:12:68:6d:03:f1:ab: c7:80:db:dd:25:62:25:dd:76:fa:17:20:9f:4a:3a:4b:8d:5a: 0f:80:db:65:df:f8:f2:53:ea:7c:6e:5a:d8:80:5a:dd:a3:33: b1:4f:39:bd:0d:0a:d8:57:a0:49:87:9c:23:5e:dc:27:f7:c3: d7:04:0a:3d:37:89:11:81:f2:3a:5f:e5:59:5b:0f:a5:07:90: 70:50:60:1f:ed:75:8b:39:4b:bb:8e:4f:4c:6d:4e:69:c9:c6: 66:3b:db:76:10:de:e9:6b:d7:ab:c1:1a:42:53:37:de:99:12: 97:73:ed:29:6c:68:12:27:f8:2a:0b:84:d9:c1:3a:a5:ab:e8: 08:d6:e4:96 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULwBszM79f1WbaGPsOy7rleYxfykwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIyMloX DTI3MDMwMzA2MDcyMlowMzExMC8GA1UEAxMoRUEwOEY5Njk1RDBGNTkyMDZBREI2 MkM1NTNEMkI3REM1REM5Q0REQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALS8gJHUCC/H8kZO2zf+GbdJ6vL2lsc/jS7iyWdOBfVPsL8P3xF5DtzSVOiv 2M68zZNHI7vmrMIvlVI3gIidZ4kDDAdaZt/duNjAmr0+2npi1BssiukdXsP3hmOm hS4eFp7CLfQmUlVtZ9WfPtl7C7CbDC/QrXqoQwebVrZ+zhEdASa6lmADR9gimawu lflIYy+fdEspZ7HZ5X3bH8TTRy/BJwSh6H48dw/oU2dKJ/qw7UyxaXm6LMCTiwZ/ 54SDiB0NtH5e/u6eWRZpeK7E5kuqHMSN/mjmVxSHYPqJnXO4tkCPum9qkwVz/Aeg dVVoTmRywcjWEgmDtpfF5WP40I0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTqCPlp XQ9ZIGrbYsVT0rfcXcnN2zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzA3Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oaYwDQYJKoZIhvcNAQELBQADggEBACE2qnKdO8nTQW0Kfe0K7sM4aasrJpSTZ5vU bHYn/chmjOzQ9SmzX6l+vT0xzF8rscLmfoqxa/+d/Kdz1vhcR8QdBFYgP4Dpg5OT TE2bX13+dr1Bi6qxVfzMmaixohnAYG5oBl/s/ZZ4E3GsZFQGdbfeYK9CadjGkRJo bQPxq8eA290lYiXddvoXIJ9KOkuNWg+A22Xf+PJT6nxuWtiAWt2jM7FPOb0NCthX oEmHnCNe3Cf3w9cECj03iRGB8jpf5VlbD6UHkHBQYB/tdYs5S7uOT0xtTmnJxmY7 23YQ3ulr16vBGkJTN96ZEpdz7SlsaBIn+CoLhNnBOqWr6AjW5JY= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:02 2026 by rpki-client