$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143400.roa File: AS143400.roa (raw, json) Hash identifier: WUqG4sIh/99bUW9eQdOQfoggti5VC8P3cfenMLbUONE= Subject key identifier: 72:C3:6E:A2:02:1A:99:FC:F7:63:9E:12:C2:D7:B6:4E:11:C7:B0:26 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 784CF09BC604ED4D02644D16208C8163A688DBED Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143400.roa Signing time: Wed 04 Mar 2026 06:05:38 +0000 ROA not before: Wed 04 Mar 2026 06:00:38 +0000 ROA not after: Wed 03 Mar 2027 06:05:38 +0000 asID: 143400 IP address blocks: 240a:a2ee::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:4c:f0:9b:c6:04:ed:4d:02:64:4d:16:20:8c:81:63:a6:88:db:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:38 2026 GMT Not After : Mar 3 06:05:38 2027 GMT Subject: CN=72C36EA2021A99FCF7639E12C2D7B64E11C7B026 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:ab:de:7d:3d:c9:2c:30:66:ca:6b:00:46:27: f2:c7:70:7c:76:af:2b:2d:91:c7:7e:55:cc:33:21: 8e:20:a2:f2:67:5e:cf:a7:14:4d:6b:32:42:fc:a9: 8e:bb:17:c8:5b:70:f4:a1:15:9a:4a:1f:d6:01:35: c6:69:04:f2:b3:c1:a1:08:d0:c5:f3:51:37:ac:5e: d5:64:7d:7d:e0:91:b3:d3:d9:7c:6f:b8:c4:e2:ce: af:d3:4e:b1:1c:dd:71:7b:52:8a:02:25:bc:b3:77: de:f3:84:5f:70:9a:58:fa:b7:a3:29:bb:f8:de:6f: 86:4a:93:7d:22:9a:ce:4c:9c:a0:d8:de:73:71:ed: 2e:b1:74:09:5e:c1:46:43:06:df:f5:b9:5a:dd:cd: 8e:d1:4d:a3:bc:7f:7c:40:e6:c3:04:d9:f3:0d:c4: 02:5f:f7:af:24:5d:28:d3:51:b0:bc:21:41:a0:56: 5f:31:25:c5:32:55:c1:92:2a:e1:32:d9:9d:66:a7: 10:d8:31:dd:c3:2b:b5:f5:73:dc:57:b0:88:8a:26: 5c:a5:b2:8d:4e:55:5a:ae:33:77:a5:30:7c:92:93: 88:d7:6c:c7:b0:ff:56:0c:46:d4:9e:f4:f9:8c:13: 53:f7:63:5a:43:08:62:32:95:12:45:68:eb:99:d9: 06:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:C3:6E:A2:02:1A:99:FC:F7:63:9E:12:C2:D7:B6:4E:11:C7:B0:26 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143400.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2ee::/32 Signature Algorithm: sha256WithRSAEncryption b3:b0:5f:09:d9:e0:d5:aa:8b:3c:e9:a5:34:7d:98:c1:59:40: 32:87:c9:f0:72:11:e3:84:63:83:aa:90:d4:83:d5:58:5e:57: 3e:8a:42:90:45:36:05:a1:9c:46:13:95:4d:db:5c:b5:0d:c8: f6:2b:6d:1e:6a:99:c2:c2:24:2c:9c:33:b5:ac:df:1e:f5:2b: 3f:3c:89:2c:ae:0e:ed:4e:3f:2a:8c:e5:a2:7d:d8:71:e7:9a: 31:68:5d:5b:9c:41:9f:4a:6c:ca:0b:35:73:a1:ba:e5:a7:61: 84:ae:a9:a0:ca:1f:e4:dc:43:c0:6c:a7:ea:56:9f:77:88:21: cd:ef:4a:fd:ca:fe:72:07:fa:0b:96:b6:9d:af:78:b6:2a:29: 14:a3:e7:4c:33:cf:ad:19:5b:ad:6a:3e:87:e6:d3:b5:9a:94: 92:de:52:69:0f:98:a8:34:ce:cc:03:25:e3:95:4a:e1:2d:88: 7b:91:c1:3e:19:d8:d3:79:99:04:6a:03:e3:d2:d1:b7:4f:63: 08:a8:2f:94:fc:03:1e:fd:b3:ae:e0:4e:2b:1a:72:30:fc:3f: ba:05:4b:43:bb:d1:1b:4d:9b:64:15:58:90:c5:2c:53:f6:33: 64:a2:04:30:26:16:f7:e2:b0:fd:c5:95:4e:b8:31:b1:36:e6: b1:cb:2a:09 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUeEzwm8YE7U0CZE0WIIyBY6aI2+0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAzOFoX DTI3MDMwMzA2MDUzOFowMzExMC8GA1UEAxMoNzJDMzZFQTIwMjFBOTlGQ0Y3NjM5 RTEyQzJEN0I2NEUxMUM3QjAyNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ+r3n09ySwwZsprAEYn8sdwfHavKy2Rx35VzDMhjiCi8mdez6cUTWsyQvyp jrsXyFtw9KEVmkof1gE1xmkE8rPBoQjQxfNRN6xe1WR9feCRs9PZfG+4xOLOr9NO sRzdcXtSigIlvLN33vOEX3CaWPq3oym7+N5vhkqTfSKazkycoNjec3HtLrF0CV7B RkMG3/W5Wt3NjtFNo7x/fEDmwwTZ8w3EAl/3ryRdKNNRsLwhQaBWXzElxTJVwZIq 4TLZnWanENgx3cMrtfVz3FewiIomXKWyjU5VWq4zd6UwfJKTiNdsx7D/VgxG1J70 +YwTU/djWkMIYjKVEkVo65nZBjMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRyw26i AhqZ/PdjnhLC17ZOEcewJjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQwMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ou4wDQYJKoZIhvcNAQELBQADggEBALOwXwnZ4NWqizzppTR9mMFZQDKHyfByEeOE Y4OqkNSD1VheVz6KQpBFNgWhnEYTlU3bXLUNyPYrbR5qmcLCJCycM7Ws3x71Kz88 iSyuDu1OPyqM5aJ92HHnmjFoXVucQZ9KbMoLNXOhuuWnYYSuqaDKH+TcQ8Bsp+pW n3eIIc3vSv3K/nIH+guWtp2veLYqKRSj50wzz60ZW61qPofm07WalJLeUmkPmKg0 zswDJeOVSuEtiHuRwT4Z2NN5mQRqA+PS0bdPYwioL5T8Ax79s67gTisacjD8P7oF S0O70RtNm2QVWJDFLFP2M2SiBDAmFvfisP3FlU64MbE25rHLKgk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:35 2026 by rpki-client