$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143172.roa File: AS143172.roa (raw, json) Hash identifier: /qAe9WZAybCgOOdckVbPID1ZsNGsUpuIV2j4MNynj48= Subject key identifier: 9C:75:0A:00:FB:67:2A:96:18:00:BC:D8:8A:AE:15:87:B9:B8:19:A1 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 73BE1EF60E5DC931C345E1AAA2BF514614417D78 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143172.roa Signing time: Wed 04 Mar 2026 06:06:49 +0000 ROA not before: Wed 04 Mar 2026 06:01:49 +0000 ROA not after: Wed 03 Mar 2027 06:06:49 +0000 asID: 143172 IP address blocks: 240a:a20a::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:be:1e:f6:0e:5d:c9:31:c3:45:e1:aa:a2:bf:51:46:14:41:7d:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:49 2026 GMT Not After : Mar 3 06:06:49 2027 GMT Subject: CN=9C750A00FB672A961800BCD88AAE1587B9B819A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:ff:30:2a:f8:63:31:4e:92:47:2e:7a:9c:89: 55:49:e9:9f:43:21:b4:81:58:c3:12:9d:e3:bc:33: e3:25:8a:07:de:60:94:94:c5:d1:13:f9:77:01:af: 8d:c7:8e:51:d1:0e:2c:89:ba:f4:4e:22:7e:f3:72: f5:ae:ef:70:f2:01:86:54:18:71:a9:6c:96:96:c2: 8a:29:21:af:48:b2:3d:7d:87:38:11:3d:44:0c:ae: 07:18:79:41:c4:b5:12:a8:f6:ee:d2:79:21:a9:e0: 33:2f:c6:28:15:fc:24:18:54:b2:6c:3d:d1:5b:12: bd:c0:a0:bd:9a:4c:0a:83:36:79:f3:d1:18:e0:18: 00:8e:38:f5:68:9d:68:13:15:98:5b:09:39:f2:61: 01:c8:7f:0c:ba:da:2f:9d:3c:59:a1:07:08:96:f8: 01:9b:e4:8c:db:25:9a:06:88:0a:50:ef:74:c5:86: 45:ed:29:ef:e0:1c:84:4d:78:f2:12:2b:88:e4:bc: e6:2f:a2:8f:4c:ad:14:ce:b2:88:73:59:61:5e:60: 29:fc:5a:93:36:aa:c4:6b:eb:df:9d:44:c5:53:44: ac:fb:6c:3c:bd:dc:5b:54:d0:8b:36:7f:52:38:c5: f3:7a:84:5a:2e:5f:14:3d:67:e7:80:78:70:bd:3f: 59:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:75:0A:00:FB:67:2A:96:18:00:BC:D8:8A:AE:15:87:B9:B8:19:A1 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143172.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a20a::/32 Signature Algorithm: sha256WithRSAEncryption 6e:16:fb:b6:7c:bb:5b:05:12:0f:db:a6:4e:be:1f:e9:04:f5: 11:6c:20:40:9f:37:15:ee:64:b9:d4:fc:91:af:79:f8:e9:07: 4a:51:16:89:64:3b:c3:93:85:fc:84:f3:24:3b:47:91:87:cb: 95:bb:68:f6:8d:23:ab:93:07:e1:f1:cb:b7:35:a5:c9:19:bf: 69:ba:e2:aa:3b:05:3f:9d:e6:68:19:a5:9d:0c:d7:e7:d3:0d: 03:56:10:b6:0d:94:f6:71:f6:30:28:05:9b:dd:30:6a:3c:a1: 1a:01:e4:62:94:d1:e7:1f:d4:85:d0:e4:a3:51:cb:22:d1:9e: 77:a8:23:d2:11:e9:d9:71:1c:d8:46:d9:a1:44:9b:2d:d9:dc: 31:5a:c5:c7:32:6c:83:ff:f6:83:11:2b:7d:0a:1f:6b:9c:38: b2:76:35:cf:a9:f2:8b:e7:31:f2:47:82:70:97:a2:25:aa:86: ef:f4:54:0c:7b:85:fb:fb:fb:09:72:fd:bf:48:2a:86:d5:ef: 1c:0b:b8:46:8e:03:48:d0:a6:33:9a:f7:b7:39:70:87:dd:aa: ad:26:78:a7:44:03:3d:84:a1:e4:30:e4:58:b8:2b:0f:95:23: 39:a7:f0:b6:09:c7:5c:8b:3c:cc:a5:fc:d5:ee:55:43:43:5a: de:97:42:69 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUc74e9g5dyTHDReGqor9RRhRBfXgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDE0OVoX DTI3MDMwMzA2MDY0OVowMzExMC8GA1UEAxMoOUM3NTBBMDBGQjY3MkE5NjE4MDBC Q0Q4OEFBRTE1ODdCOUI4MTlBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALH/MCr4YzFOkkcuepyJVUnpn0MhtIFYwxKd47wz4yWKB95glJTF0RP5dwGv jceOUdEOLIm69E4ifvNy9a7vcPIBhlQYcalslpbCiikhr0iyPX2HOBE9RAyuBxh5 QcS1Eqj27tJ5IangMy/GKBX8JBhUsmw90VsSvcCgvZpMCoM2efPRGOAYAI449Wid aBMVmFsJOfJhAch/DLraL508WaEHCJb4AZvkjNslmgaIClDvdMWGRe0p7+AchE14 8hIriOS85i+ij0ytFM6yiHNZYV5gKfxakzaqxGvr351ExVNErPtsPL3cW1TQizZ/ UjjF83qEWi5fFD1n54B4cL0/WcsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBScdQoA +2cqlhgAvNiKrhWHubgZoTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzE3Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ogowDQYJKoZIhvcNAQELBQADggEBAG4W+7Z8u1sFEg/bpk6+H+kE9RFsIECfNxXu ZLnU/JGvefjpB0pRFolkO8OThfyE8yQ7R5GHy5W7aPaNI6uTB+Hxy7c1pckZv2m6 4qo7BT+d5mgZpZ0M1+fTDQNWELYNlPZx9jAoBZvdMGo8oRoB5GKU0ecf1IXQ5KNR yyLRnneoI9IR6dlxHNhG2aFEmy3Z3DFaxccybIP/9oMRK30KH2ucOLJ2Nc+p8ovn MfJHgnCXoiWqhu/0VAx7hfv7+wly/b9IKobV7xwLuEaOA0jQpjOa97c5cIfdqq0m eKdEAz2EoeQw5Fi4Kw+VIzmn8LYJx1yLPMyl/NXuVUNDWt6XQmk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:06 2026 by rpki-client