$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143642.roa File: AS143642.roa (raw, json) Hash identifier: 7pH5BpvRy2wU2LWEDB0nyqurdGsWuKg5oJw0/KDTl3E= Subject key identifier: A9:D0:88:93:C9:2D:8C:DB:CC:9E:A8:FB:99:91:26:A3:FA:D3:1B:5E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3A438024122B8025AF87341574630FC04CD5BBEA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143642.roa Signing time: Wed 04 Mar 2026 06:15:35 +0000 ROA not before: Wed 04 Mar 2026 06:10:35 +0000 ROA not after: Wed 03 Mar 2027 06:15:35 +0000 asID: 143642 IP address blocks: 240a:a3e0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:43:80:24:12:2b:80:25:af:87:34:15:74:63:0f:c0:4c:d5:bb:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:35 2026 GMT Not After : Mar 3 06:15:35 2027 GMT Subject: CN=A9D08893C92D8CDBCC9EA8FB999126A3FAD31B5E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:8b:92:4b:29:03:ba:c8:85:ad:cd:f7:f7:e5: 05:b9:fa:33:65:e9:20:f4:2d:1f:ff:f3:a5:85:ce: c8:d8:15:a5:49:d3:1b:0c:37:5e:b3:19:f6:a6:7b: 98:a7:9b:c8:76:dd:b2:f7:5f:32:1f:18:63:41:d8: 84:02:77:51:4a:9b:5b:9d:c1:0d:4d:67:c0:1f:f1: 4b:71:b2:da:9f:94:f5:7f:0c:98:10:45:fa:0c:73: 3c:14:24:9f:21:18:5f:b7:71:70:1d:4f:a4:a8:b2: f3:a8:1d:c2:69:c6:d0:62:c8:ac:6a:07:fb:cb:76: a3:18:01:d0:09:66:14:bb:1c:ed:fb:80:fe:51:f2: c3:ba:0e:30:60:1a:da:21:ca:53:48:09:64:46:81: 1a:bd:95:f8:6d:f2:09:fd:ad:d5:1e:4e:a5:bc:6a: fb:8e:f6:6d:1f:52:4e:8d:84:f7:ef:6b:fa:80:0b: 4c:65:9e:2d:6d:32:b9:81:9a:12:5e:b4:bb:8d:61: 09:29:80:c5:fd:fc:0c:6c:83:e1:a0:40:38:f4:07: f1:66:f2:da:5b:50:39:ba:a0:bc:e3:b9:de:b7:a2: 5d:20:8d:16:e5:6a:69:12:b4:06:e3:88:22:d8:4d: f4:d7:6f:f5:e0:0e:ba:93:6c:40:83:3b:40:a7:01: 2a:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:D0:88:93:C9:2D:8C:DB:CC:9E:A8:FB:99:91:26:A3:FA:D3:1B:5E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143642.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3e0::/32 Signature Algorithm: sha256WithRSAEncryption c3:a0:04:c4:c4:f1:ac:99:32:16:79:3a:a4:50:e7:19:d4:aa: 99:9c:6c:65:08:a1:50:ff:ee:66:85:89:a6:3e:41:2a:f0:92: 69:c8:22:d3:59:d7:e2:4e:76:6a:94:54:ef:94:3f:03:4b:69: d3:a8:7d:ca:0d:99:79:b1:09:b9:90:c4:e4:a7:d5:2f:03:91: 84:61:bd:14:90:92:2f:08:1c:7a:f9:70:aa:a6:b6:c1:fe:ca: 0b:a3:08:c1:33:62:3f:b7:d0:a9:38:2e:49:a9:7d:2f:a1:65: 31:3a:1c:b7:86:04:6c:48:c9:22:f6:21:56:2c:c5:9e:f8:4a: 96:9e:cf:f8:23:71:66:6e:2f:0a:6a:78:3d:ec:4d:54:6f:d6: 91:39:b2:56:af:da:b6:ae:e0:63:00:c9:6f:92:46:c7:34:48: 21:98:8b:5e:e2:16:05:20:13:7a:b2:8b:b0:6e:6c:00:60:05: 80:48:bd:05:33:0e:96:69:46:36:5c:aa:60:6d:e7:b9:0f:49: 21:9a:69:79:04:d3:fd:54:dd:01:ec:ff:5d:d2:e3:b2:71:98: a3:43:cc:aa:87:b7:cb:d3:33:3f:3d:b9:a1:37:bf:ff:8a:5c: 19:10:63:05:11:a4:86:b0:fc:a6:2c:93:13:b6:e1:fc:e6:84: ac:88:6b:48 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUOkOAJBIrgCWvhzQVdGMPwEzVu+owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAzNVoX DTI3MDMwMzA2MTUzNVowMzExMC8GA1UEAxMoQTlEMDg4OTNDOTJEOENEQkNDOUVB OEZCOTk5MTI2QTNGQUQzMUI1RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANWLkkspA7rIha3N9/flBbn6M2XpIPQtH//zpYXOyNgVpUnTGww3XrMZ9qZ7 mKebyHbdsvdfMh8YY0HYhAJ3UUqbW53BDU1nwB/xS3Gy2p+U9X8MmBBF+gxzPBQk nyEYX7dxcB1PpKiy86gdwmnG0GLIrGoH+8t2oxgB0AlmFLsc7fuA/lHyw7oOMGAa 2iHKU0gJZEaBGr2V+G3yCf2t1R5Opbxq+472bR9STo2E9+9r+oALTGWeLW0yuYGa El60u41hCSmAxf38DGyD4aBAOPQH8Wby2ltQObqgvOO53reiXSCNFuVqaRK0BuOI IthN9Ndv9eAOupNsQIM7QKcBKokCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSp0IiT yS2M28yeqPuZkSaj+tMbXjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY0Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o+AwDQYJKoZIhvcNAQELBQADggEBAMOgBMTE8ayZMhZ5OqRQ5xnUqpmcbGUIoVD/ 7maFiaY+QSrwkmnIItNZ1+JOdmqUVO+UPwNLadOofcoNmXmxCbmQxOSn1S8DkYRh vRSQki8IHHr5cKqmtsH+ygujCMEzYj+30Kk4LkmpfS+hZTE6HLeGBGxIySL2IVYs xZ74Spaez/gjcWZuLwpqeD3sTVRv1pE5slav2rau4GMAyW+SRsc0SCGYi17iFgUg E3qyi7BubABgBYBIvQUzDpZpRjZcqmBt57kPSSGaaXkE0/1U3QHs/13S47JxmKND zKqHt8vTMz89uaE3v/+KXBkQYwURpIaw/KYskxO24fzmhKyIa0g= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:55 2026 by rpki-client