$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143496.roa File: AS143496.roa (raw, json) Hash identifier: VhQZYTA5G/HMgjqMh3dWOBe5kAvK/xRyliYhFkWtb/E= Subject key identifier: 47:DB:26:52:77:0B:AF:73:8C:28:99:85:4B:24:55:B0:1D:29:D9:E5 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 030B8C5722E5916D410154375C1B3A7CD77E56D7 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143496.roa Signing time: Wed 04 Mar 2026 06:07:42 +0000 ROA not before: Wed 04 Mar 2026 06:02:42 +0000 ROA not after: Wed 03 Mar 2027 06:07:42 +0000 asID: 143496 IP address blocks: 240a:a34e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:0b:8c:57:22:e5:91:6d:41:01:54:37:5c:1b:3a:7c:d7:7e:56:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:42 2026 GMT Not After : Mar 3 06:07:42 2027 GMT Subject: CN=47DB2652770BAF738C2899854B2455B01D29D9E5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:ad:68:ba:d6:e5:a2:0a:d8:b2:4c:fa:a7:25: 02:00:f6:2a:9a:e9:05:70:1d:9a:02:c3:f0:23:86: ee:69:58:58:e6:20:db:0f:ad:49:01:86:98:0b:9f: e4:ab:67:7a:35:fa:b1:d3:82:a1:e1:90:b6:b0:e2: cc:a3:fc:ae:99:aa:9e:ea:b4:84:e3:1a:b9:e7:1f: 30:9f:2c:5d:69:40:63:e7:ef:29:3f:9d:c1:9f:fb: c2:ef:4b:0f:e2:db:9a:5c:3e:11:a7:b4:49:b7:e1: b8:9d:e4:68:7a:cf:96:e1:28:f6:e4:48:6b:c6:b9: f6:95:d6:dc:48:03:53:8e:85:77:a5:f4:dc:d7:76: 5f:f4:80:7a:9b:a3:17:fa:ee:1c:6c:97:92:b3:a9: 63:9c:80:43:19:4d:61:d0:53:87:d8:fe:d5:cf:a3: bf:ed:62:89:ef:1c:41:53:6e:c4:7b:9c:06:58:e7: db:21:a1:3d:9c:9f:f2:6d:c5:5b:ac:24:2e:8a:b2: ca:78:53:a2:a4:85:73:c4:78:48:b4:c0:b7:19:eb: 7e:65:1b:c0:05:f2:7d:2c:d0:14:4e:c2:8c:b3:99: ec:35:f3:0a:e0:eb:3c:45:1d:f0:5f:e6:8c:6a:f6: bb:22:73:ec:44:f1:e6:61:d6:b4:d0:d7:cb:70:d1: c3:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:DB:26:52:77:0B:AF:73:8C:28:99:85:4B:24:55:B0:1D:29:D9:E5 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143496.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a34e::/32 Signature Algorithm: sha256WithRSAEncryption 4b:03:b8:22:05:84:0c:b4:89:3e:95:39:3f:52:3c:91:88:25: 93:16:66:7d:e1:88:27:31:c2:b3:00:a3:3b:ed:97:36:41:c7: 33:c7:8e:b9:53:b5:c6:73:b8:12:12:bc:95:12:43:b1:8f:e6: e0:91:c6:f3:4e:15:2d:8d:4b:3b:50:83:09:cb:49:15:a1:dd: 82:5f:53:9e:7a:a4:31:dd:0e:10:31:cd:dd:ad:3b:68:ea:d5: e9:79:14:7a:3f:d4:c8:2b:4b:f0:41:b7:94:9a:51:fa:0f:27: cb:89:8c:db:f1:74:22:44:bd:9a:f8:aa:a4:58:aa:b1:98:42: 12:1d:04:08:86:c3:b8:b8:62:f2:b7:a3:ac:87:a2:13:8c:70: 46:5b:4a:8c:6a:14:7b:16:43:2c:42:63:47:cc:77:7d:01:d3: f5:2a:61:93:5e:94:bb:9e:49:97:12:6b:11:3c:85:b8:71:22: ed:42:0b:ec:ee:0b:00:02:39:02:2e:42:1e:bf:e9:17:99:a2: 8a:1b:4f:0e:36:c6:c7:a9:8e:74:15:8d:17:ab:a4:e8:af:70: 32:3a:45:9d:42:2e:0d:5d:44:8f:31:51:7a:59:30:9b:0b:6d: ea:ee:67:ab:84:cf:a8:8a:41:95:00:02:a9:ed:b4:b4:9f:3c: 78:04:83:98 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUAwuMVyLlkW1BAVQ3XBs6fNd+VtcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI0MloX DTI3MDMwMzA2MDc0MlowMzExMC8GA1UEAxMoNDdEQjI2NTI3NzBCQUY3MzhDMjg5 OTg1NEIyNDU1QjAxRDI5RDlFNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK2taLrW5aIK2LJM+qclAgD2KprpBXAdmgLD8COG7mlYWOYg2w+tSQGGmAuf 5KtnejX6sdOCoeGQtrDizKP8rpmqnuq0hOMauecfMJ8sXWlAY+fvKT+dwZ/7wu9L D+Lbmlw+Eae0SbfhuJ3kaHrPluEo9uRIa8a59pXW3EgDU46Fd6X03Nd2X/SAepuj F/ruHGyXkrOpY5yAQxlNYdBTh9j+1c+jv+1iie8cQVNuxHucBljn2yGhPZyf8m3F W6wkLoqyynhToqSFc8R4SLTAtxnrfmUbwAXyfSzQFE7CjLOZ7DXzCuDrPEUd8F/m jGr2uyJz7ETx5mHWtNDXy3DRw7ECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRH2yZS dwuvc4womYVLJFWwHSnZ5TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQ5Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o04wDQYJKoZIhvcNAQELBQADggEBAEsDuCIFhAy0iT6VOT9SPJGIJZMWZn3hiCcx wrMAozvtlzZBxzPHjrlTtcZzuBISvJUSQ7GP5uCRxvNOFS2NSztQgwnLSRWh3YJf U556pDHdDhAxzd2tO2jq1el5FHo/1MgrS/BBt5SaUfoPJ8uJjNvxdCJEvZr4qqRY qrGYQhIdBAiGw7i4YvK3o6yHohOMcEZbSoxqFHsWQyxCY0fMd30B0/UqYZNelLue SZcSaxE8hbhxIu1CC+zuCwACOQIuQh6/6ReZooobTw42xsepjnQVjRerpOivcDI6 RZ1CLg1dRI8xUXpZMJsLberuZ6uEz6iKQZUAAqnttLSfPHgEg5g= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:16 2026 by rpki-client