$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143077.roa File: AS143077.roa (raw, json) Hash identifier: iihh+dtqxD/g/Z0FBJGanQ1XKl2Gv0vgZ9WYe2vGTbg= Subject key identifier: C7:6F:58:B5:A5:8D:43:E6:C1:AD:0E:42:97:2B:45:20:1A:3E:C6:A4 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5D0AD18DA005F8C136485A3844C63E71AD16F04B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143077.roa Signing time: Wed 04 Mar 2026 06:05:20 +0000 ROA not before: Wed 04 Mar 2026 06:00:20 +0000 ROA not after: Wed 03 Mar 2027 06:05:20 +0000 asID: 143077 IP address blocks: 240a:a1ab::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:0a:d1:8d:a0:05:f8:c1:36:48:5a:38:44:c6:3e:71:ad:16:f0:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:20 2026 GMT Not After : Mar 3 06:05:20 2027 GMT Subject: CN=C76F58B5A58D43E6C1AD0E42972B45201A3EC6A4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:0b:51:d0:b6:cd:59:f8:b7:8e:60:fe:92:8e: 62:49:dc:cd:a4:5f:8a:2a:8c:7d:ce:16:0c:8f:62: 41:26:e4:7b:b7:7d:82:69:ca:2a:74:e0:59:d0:7a: b4:0d:08:0d:5f:5a:a9:21:1c:f9:aa:ca:ee:28:64: dc:b3:5a:cb:6d:4d:ed:c4:6c:b1:f4:ab:35:29:9f: d6:bb:d3:79:5e:45:c6:c8:cf:2f:ad:98:55:ef:f7: 35:6b:47:75:ec:5c:86:81:39:08:b6:a6:9c:75:37: d9:5c:e1:ad:ce:d9:ae:f2:08:18:ef:0c:ea:b1:32: d2:9b:23:70:3f:c9:5f:4e:af:ea:28:f3:42:7b:0d: da:21:29:5d:2c:f3:22:e6:78:04:52:db:41:02:3c: 27:f4:ff:82:19:b8:7d:75:09:a1:2c:ea:9f:d0:b2: 71:19:0c:fe:7d:1f:0a:58:8b:29:08:c0:fc:8b:23: 68:3f:e4:df:b8:d1:7e:a2:a4:72:db:a8:c7:33:be: f9:32:19:5b:93:97:10:69:57:f3:a9:53:20:ab:a9: 81:78:32:46:66:43:3c:16:92:c7:50:cb:ce:5b:b5: c5:31:8e:f4:6a:8b:53:07:3f:09:ac:5f:d5:09:0c: b7:f6:d3:ca:89:f3:f9:dc:5f:e8:a9:2c:67:99:bd: 5b:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:6F:58:B5:A5:8D:43:E6:C1:AD:0E:42:97:2B:45:20:1A:3E:C6:A4 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143077.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1ab::/32 Signature Algorithm: sha256WithRSAEncryption 31:51:1c:06:a3:03:ae:9b:29:11:1b:6c:a3:a2:64:5b:36:04: 57:40:5b:af:bd:1f:8e:8f:f9:26:b6:5c:2c:71:5b:5c:03:08: 01:44:9e:fa:66:2a:d5:a3:06:0d:19:13:ab:0e:40:18:95:f6: 0b:2a:d4:fd:1f:aa:87:d8:38:9c:33:bd:3c:84:05:f2:c5:16: ce:91:55:3e:83:00:97:f9:1e:91:20:53:8d:48:83:d0:71:d5: 34:93:bb:20:9b:db:65:f6:35:10:9f:53:3b:a5:0b:42:23:3c: 10:49:ac:82:3a:60:00:40:cb:2d:bd:a8:56:fa:99:b5:bb:4f: 1e:2a:66:f6:1b:d8:6a:15:23:ad:fb:d5:85:ca:24:6f:cc:2c: 5c:a1:f2:a6:b6:b7:dd:a6:59:b6:23:58:ed:79:76:b4:d6:fa: fa:49:b7:1a:e6:0b:64:fb:fd:18:e7:29:88:a2:3b:57:5c:e7: b3:22:ca:83:10:6f:b8:03:4a:df:41:db:e0:2b:29:07:64:b8: 91:2c:a7:b8:ac:dd:5e:ca:3f:cd:59:ab:4c:55:6e:9e:7b:17: 16:f5:92:f8:c0:f2:67:07:47:19:16:48:52:de:cd:23:a8:4c: a8:81:5a:a5:f8:5d:12:27:ed:a5:fb:b7:6e:4e:21:80:fa:97: 03:fb:54:8c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUXQrRjaAF+ME2SFo4RMY+ca0W8EswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAyMFoX DTI3MDMwMzA2MDUyMFowMzExMC8GA1UEAxMoQzc2RjU4QjVBNThENDNFNkMxQUQw RTQyOTcyQjQ1MjAxQTNFQzZBNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJoLUdC2zVn4t45g/pKOYknczaRfiiqMfc4WDI9iQSbke7d9gmnKKnTgWdB6 tA0IDV9aqSEc+arK7ihk3LNay21N7cRssfSrNSmf1rvTeV5FxsjPL62YVe/3NWtH dexchoE5CLamnHU32Vzhrc7ZrvIIGO8M6rEy0psjcD/JX06v6ijzQnsN2iEpXSzz IuZ4BFLbQQI8J/T/ghm4fXUJoSzqn9CycRkM/n0fCliLKQjA/IsjaD/k37jRfqKk ctuoxzO++TIZW5OXEGlX86lTIKupgXgyRmZDPBaSx1DLzlu1xTGO9GqLUwc/Caxf 1QkMt/bTyonz+dxf6KksZ5m9WwECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTHb1i1 pY1D5sGtDkKXK0UgGj7GpDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzA3Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oaswDQYJKoZIhvcNAQELBQADggEBADFRHAajA66bKREbbKOiZFs2BFdAW6+9H46P +Sa2XCxxW1wDCAFEnvpmKtWjBg0ZE6sOQBiV9gsq1P0fqofYOJwzvTyEBfLFFs6R VT6DAJf5HpEgU41Ig9Bx1TSTuyCb22X2NRCfUzulC0IjPBBJrII6YABAyy29qFb6 mbW7Tx4qZvYb2GoVI6371YXKJG/MLFyh8qa2t92mWbYjWO15drTW+vpJtxrmC2T7 /RjnKYiiO1dc57MiyoMQb7gDSt9B2+ArKQdkuJEsp7is3V7KP81Zq0xVbp57Fxb1 kvjA8mcHRxkWSFLezSOoTKiBWqX4XRIn7aX7t25OIYD6lwP7VIw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:57 2026 by rpki-client