$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143489.roa File: AS143489.roa (raw, json) Hash identifier: 6r/ePHu3hJEHKqZ3ye4P51aMBnPYgzqrg63YGff1e9c= Subject key identifier: 60:98:43:BD:E8:38:CE:13:1D:18:83:0F:AC:55:F6:47:D6:66:EA:73 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0CE6EF0A87CB9523F069A0E23A70FA3A90EF0AE2 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143489.roa Signing time: Wed 04 Mar 2026 06:07:51 +0000 ROA not before: Wed 04 Mar 2026 06:02:51 +0000 ROA not after: Wed 03 Mar 2027 06:07:51 +0000 asID: 143489 IP address blocks: 240a:a347::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:e6:ef:0a:87:cb:95:23:f0:69:a0:e2:3a:70:fa:3a:90:ef:0a:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:51 2026 GMT Not After : Mar 3 06:07:51 2027 GMT Subject: CN=609843BDE838CE131D18830FAC55F647D666EA73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:48:32:93:73:c6:df:ed:ce:df:cc:46:d3:c6: 70:c6:8b:2b:ef:bf:30:df:81:31:d8:f0:e0:3a:71: f9:1d:df:92:e3:58:c8:2b:ea:93:fd:c0:57:3c:7a: a7:b8:45:13:0b:2b:1e:ca:44:f5:2b:76:4d:2d:d7: 71:0f:12:a5:29:1b:df:1c:a3:de:65:4e:e7:c7:0c: 6c:9c:8a:e3:bb:3b:48:b9:a1:38:14:fd:e0:4f:b0: 2b:8b:b1:bc:fd:2c:bd:0f:de:d2:26:f8:c1:60:4a: 83:b1:8f:4d:cd:83:2a:59:25:d1:e5:a1:0e:11:e5: 1d:a1:43:99:18:a7:cb:75:a7:d1:45:d4:53:0c:cf: 29:f2:3a:89:a4:6d:64:26:a6:4f:60:53:1e:a9:c7: b9:28:ef:4a:ee:74:f5:02:0e:64:6a:3c:b5:6d:d7: 15:89:f0:95:3a:e2:ee:48:49:0c:4e:e9:df:90:86: 26:5d:c5:7d:98:6c:86:04:d3:28:93:a9:56:f2:e8: 77:ca:2a:9a:ef:ae:b1:ec:dd:1f:18:a4:c9:f5:90: 73:bc:63:f5:1b:b7:f4:13:a4:54:44:ad:9a:da:52: 91:79:a2:40:ab:74:5a:92:4a:fe:9c:7a:1b:0a:49: 0d:f3:cc:88:3a:7b:92:82:69:18:0b:5e:b0:3c:4f: ee:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:98:43:BD:E8:38:CE:13:1D:18:83:0F:AC:55:F6:47:D6:66:EA:73 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143489.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a347::/32 Signature Algorithm: sha256WithRSAEncryption 42:b7:c0:f8:d4:44:20:b2:ac:95:55:68:4f:0e:70:38:c1:9d: cc:ec:92:55:9a:96:29:d3:dc:a9:9e:9a:bd:19:d4:bf:98:dc: 9e:7e:12:4b:e4:57:59:f5:5c:12:5e:57:ec:5d:14:77:d0:b2: 0b:c2:88:07:19:14:18:70:fd:44:10:42:f7:2a:5c:3f:74:b5: 5d:00:f3:f4:88:6b:8f:9f:6c:e3:ea:ab:5d:57:fa:a8:bc:b8: fe:c1:3b:75:3c:af:dc:45:eb:8a:95:1a:d2:73:31:6d:65:bf: 27:28:98:11:5f:37:3f:b3:01:c4:2a:d3:44:cf:1d:8c:e2:f6: 9e:38:a5:ce:db:80:19:41:d0:22:5c:13:12:71:d5:b9:ab:b4: 91:4f:37:2f:6f:f2:85:c5:4c:f5:94:d2:e6:71:e0:42:b7:7b: ff:5d:23:c3:b3:ee:3f:69:54:ae:be:8b:fb:23:48:60:71:77: 69:ba:9b:5a:e8:19:b6:67:a0:a6:6f:60:c9:d2:39:61:e5:48: e8:68:42:df:5c:39:49:39:7a:bf:9c:66:71:54:9c:1e:48:b6: 1d:aa:bf:53:4a:b8:69:a3:b5:3a:d8:b0:77:a2:8f:6a:0c:8e: 4d:16:67:40:30:20:1c:79:01:60:fc:01:c7:f3:70:09:e9:4b: ec:41:e6:4e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUDObvCofLlSPwaaDiOnD6OpDvCuIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI1MVoX DTI3MDMwMzA2MDc1MVowMzExMC8GA1UEAxMoNjA5ODQzQkRFODM4Q0UxMzFEMTg4 MzBGQUM1NUY2NDdENjY2RUE3MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN1IMpNzxt/tzt/MRtPGcMaLK++/MN+BMdjw4Dpx+R3fkuNYyCvqk/3AVzx6 p7hFEwsrHspE9St2TS3XcQ8SpSkb3xyj3mVO58cMbJyK47s7SLmhOBT94E+wK4ux vP0svQ/e0ib4wWBKg7GPTc2DKlkl0eWhDhHlHaFDmRiny3Wn0UXUUwzPKfI6iaRt ZCamT2BTHqnHuSjvSu509QIOZGo8tW3XFYnwlTri7khJDE7p35CGJl3FfZhshgTT KJOpVvLod8oqmu+usezdHxikyfWQc7xj9Ru39BOkVEStmtpSkXmiQKt0WpJK/px6 GwpJDfPMiDp7koJpGAtesDxP7tECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRgmEO9 6DjOEx0Ygw+sVfZH1mbqczAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQ4OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o0cwDQYJKoZIhvcNAQELBQADggEBAEK3wPjURCCyrJVVaE8OcDjBnczsklWalinT 3Kmemr0Z1L+Y3J5+EkvkV1n1XBJeV+xdFHfQsgvCiAcZFBhw/UQQQvcqXD90tV0A 8/SIa4+fbOPqq11X+qi8uP7BO3U8r9xF64qVGtJzMW1lvycomBFfNz+zAcQq00TP HYzi9p44pc7bgBlB0CJcExJx1bmrtJFPNy9v8oXFTPWU0uZx4EK3e/9dI8Oz7j9p VK6+i/sjSGBxd2m6m1roGbZnoKZvYMnSOWHlSOhoQt9cOUk5er+cZnFUnB5Ith2q v1NKuGmjtTrYsHeij2oMjk0WZ0AwIBx5AWD8AcfzcAnpS+xB5k4= -----END CERTIFICATE-----Generated at Sat Mar 28 14:30:38 2026 by rpki-client