$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143477.roa File: AS143477.roa (raw, json) Hash identifier: w2E8RRfOxsqwhXMh4STBzC0yZX2PcUoCAHn1WoByZAc= Subject key identifier: BD:96:65:44:AD:75:44:83:56:40:18:3F:60:49:AA:29:8F:C5:3F:23 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4CC84A1F641AEC61757444B48B07CC0B50A61CC8 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143477.roa Signing time: Wed 04 Mar 2026 06:05:39 +0000 ROA not before: Wed 04 Mar 2026 06:00:39 +0000 ROA not after: Wed 03 Mar 2027 06:05:39 +0000 asID: 143477 IP address blocks: 240a:a33b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:c8:4a:1f:64:1a:ec:61:75:74:44:b4:8b:07:cc:0b:50:a6:1c:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:39 2026 GMT Not After : Mar 3 06:05:39 2027 GMT Subject: CN=BD966544AD7544835640183F6049AA298FC53F23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:90:f6:01:22:17:47:74:d8:38:e0:93:c3:17: 92:7f:f1:c6:cc:30:c5:9c:3c:fb:8d:99:a5:3f:26: 51:aa:2b:66:37:b8:59:40:5f:ec:9e:63:40:67:1d: 64:1c:0d:3d:59:2a:2f:7f:32:f7:eb:b5:9d:84:4c: ca:9e:85:45:af:af:14:24:b6:e3:79:41:1e:8b:44: ef:78:fd:c0:f7:a0:78:6e:1d:bd:b8:24:81:6e:84: 1c:05:a1:3f:8e:25:3e:95:b2:da:69:53:68:72:1a: 44:24:fe:23:d7:f5:57:07:ed:e2:d5:69:be:85:cd: f2:31:07:da:bc:bb:0e:ec:45:94:aa:68:88:aa:d4: 2a:d8:57:6e:3d:de:43:56:10:4a:13:23:00:8c:9f: c1:23:0c:6b:cf:eb:fa:5a:9d:4c:e2:10:ce:19:a0: 1e:55:3a:b7:c0:9c:a7:4e:8e:db:0d:d0:5d:c7:0f: e6:10:9f:c3:c3:22:60:d2:6e:a6:f6:e1:82:db:8f: 43:5a:c1:92:45:fc:9d:f3:99:44:32:4a:59:c0:17: 27:4c:94:98:bb:67:2c:85:9e:be:49:75:48:45:b1: 18:63:c1:07:42:f9:30:06:1f:fb:b0:fb:76:8b:d3: 0e:49:68:6b:2d:52:f0:a3:c5:bf:31:6c:dd:b3:46: ab:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:96:65:44:AD:75:44:83:56:40:18:3F:60:49:AA:29:8F:C5:3F:23 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143477.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a33b::/32 Signature Algorithm: sha256WithRSAEncryption 60:2d:ca:ad:90:58:d8:96:5f:7a:1f:c4:74:6a:b8:15:65:3c: 03:66:21:91:0e:dc:b5:57:df:f1:12:77:70:3b:83:37:56:ea: 23:91:72:70:71:56:82:17:32:77:bd:5d:94:69:2d:bc:98:38: 31:11:75:13:05:be:7d:50:5a:f8:63:d8:2c:5f:10:dd:fa:5f: 3c:88:c3:31:35:80:03:7e:b2:43:e9:40:01:14:88:9e:eb:a3: 7f:4c:f8:3a:46:d0:78:10:3d:ae:3c:73:0e:89:51:e1:db:b2: 1e:53:6c:ee:c2:59:b1:ae:45:bf:0f:1b:8a:1a:f3:3d:ed:62: 22:46:14:e2:38:74:ca:fd:eb:df:f5:c7:18:30:9d:cb:49:7b: 6b:f7:77:2c:7b:d5:96:8b:06:b4:88:df:56:68:e6:d1:fc:4e: 17:8e:10:fa:28:4f:5e:19:63:e2:9c:34:74:f3:fb:1d:ba:3d: 2a:70:a5:aa:14:d8:68:17:08:31:89:b2:2a:86:3d:11:73:14: cb:7a:e8:7a:55:03:6f:c5:61:b9:01:a4:ff:0d:44:c7:85:17: c4:27:8c:6d:85:a8:8a:e5:07:0d:34:22:88:75:70:ed:d2:43: 3a:7d:66:51:67:6a:2e:74:03:57:83:c7:d7:5e:b8:a0:2c:31: ec:5f:6a:91 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTMhKH2Qa7GF1dES0iwfMC1CmHMgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDAzOVoX DTI3MDMwMzA2MDUzOVowMzExMC8GA1UEAxMoQkQ5NjY1NDRBRDc1NDQ4MzU2NDAx ODNGNjA0OUFBMjk4RkM1M0YyMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALWQ9gEiF0d02Djgk8MXkn/xxswwxZw8+42ZpT8mUaorZje4WUBf7J5jQGcd ZBwNPVkqL38y9+u1nYRMyp6FRa+vFCS243lBHotE73j9wPegeG4dvbgkgW6EHAWh P44lPpWy2mlTaHIaRCT+I9f1Vwft4tVpvoXN8jEH2ry7DuxFlKpoiKrUKthXbj3e Q1YQShMjAIyfwSMMa8/r+lqdTOIQzhmgHlU6t8Ccp06O2w3QXccP5hCfw8MiYNJu pvbhgtuPQ1rBkkX8nfOZRDJKWcAXJ0yUmLtnLIWevkl1SEWxGGPBB0L5MAYf+7D7 dovTDkloay1S8KPFvzFs3bNGq7sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS9lmVE rXVEg1ZAGD9gSaopj8U/IzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQ3Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK ozswDQYJKoZIhvcNAQELBQADggEBAGAtyq2QWNiWX3ofxHRquBVlPANmIZEO3LVX 3/ESd3A7gzdW6iORcnBxVoIXMne9XZRpLbyYODERdRMFvn1QWvhj2CxfEN36XzyI wzE1gAN+skPpQAEUiJ7ro39M+DpG0HgQPa48cw6JUeHbsh5TbO7CWbGuRb8PG4oa 8z3tYiJGFOI4dMr969/1xxgwnctJe2v3dyx71ZaLBrSI31Zo5tH8TheOEPooT14Z Y+KcNHTz+x26PSpwpaoU2GgXCDGJsiqGPRFzFMt66HpVA2/FYbkBpP8NRMeFF8Qn jG2FqIrlBw00Ioh1cO3SQzp9ZlFnai50A1eDx9deuKAsMexfapE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:53 2026 by rpki-client