$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143672.roa File: AS143672.roa (raw, json) Hash identifier: soujw2C3/4TXs4/pg8ovIa82B05wRD6gAcbdGV+YKWc= Subject key identifier: 75:73:84:AE:D3:87:52:13:37:61:3D:51:31:FC:9D:92:D9:6E:91:D9 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2A05F798D4B068F15E83FCBAE107342270A33597 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143672.roa Signing time: Wed 04 Mar 2026 06:12:48 +0000 ROA not before: Wed 04 Mar 2026 06:07:48 +0000 ROA not after: Wed 03 Mar 2027 06:12:48 +0000 asID: 143672 IP address blocks: 240a:a3fe::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:05:f7:98:d4:b0:68:f1:5e:83:fc:ba:e1:07:34:22:70:a3:35:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:48 2026 GMT Not After : Mar 3 06:12:48 2027 GMT Subject: CN=757384AED387521337613D5131FC9D92D96E91D9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:0f:76:12:ef:b3:fa:2d:24:91:da:86:14:e1: d7:df:1a:af:c1:56:c3:08:2a:3e:fc:39:1b:8c:aa: 39:09:d4:fb:9d:b3:e1:a8:d3:bc:5e:dc:13:5b:c2: ce:aa:28:22:51:46:02:5b:48:e6:a6:6e:97:2f:ac: f7:dc:26:9b:78:9b:4a:a7:d7:b5:bc:c2:5b:32:02: 90:07:4b:0c:8c:e6:6e:be:bc:93:4d:0c:87:db:6c: e3:f5:6e:b0:9a:a5:48:17:c0:a7:8f:61:48:06:57: a4:e4:6d:8b:51:1d:af:8c:99:08:d2:d7:ee:3d:4d: 3c:7a:d4:c9:7f:3e:75:de:0a:0d:46:55:2c:b8:2d: 70:21:b2:5c:bb:ac:99:af:ad:3d:49:31:5e:80:74: b3:50:a4:df:28:26:33:5a:f0:db:45:ce:3f:9f:c6: f2:9f:db:41:02:77:6c:73:60:8c:d4:6d:5c:55:13: 88:40:6c:c2:93:c7:68:30:22:30:f1:8c:60:89:41: 23:53:91:3e:23:3c:40:8e:fc:97:6f:b6:eb:49:4b: d6:55:39:67:e2:9f:4a:2b:79:9a:1c:02:8b:f7:2c: 17:e8:00:6f:51:aa:46:e1:19:aa:8f:73:b1:b1:f1: 5a:16:06:9a:27:40:c7:79:9d:65:79:93:ce:72:84: 29:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:73:84:AE:D3:87:52:13:37:61:3D:51:31:FC:9D:92:D9:6E:91:D9 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143672.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a3fe::/32 Signature Algorithm: sha256WithRSAEncryption 04:9f:da:3a:f5:ab:7c:58:f1:9a:4c:3f:df:52:3c:f5:9a:39: 56:e0:fa:9a:ae:00:08:42:4a:8d:f7:de:e6:be:bb:99:d5:d2: 17:47:fc:ac:6f:02:81:db:6d:99:c8:e3:3f:69:d1:4a:9e:1e: c5:c2:34:e5:d5:f1:c8:39:89:a8:9e:9c:de:57:ba:78:97:6c: 9d:05:83:7b:b4:92:e3:04:82:86:66:d9:c7:e6:a6:dc:89:c1: 4b:7e:c0:00:ba:f6:4d:a0:54:af:f6:90:10:01:49:96:9f:2e: 8b:d8:92:59:b1:93:70:30:9f:c1:87:2d:3f:63:a9:4f:a4:7f: f3:62:43:7b:8b:73:db:c6:e9:7f:85:fc:19:37:59:2c:94:ba: 6c:c9:c1:51:d7:cd:f2:e2:bf:0e:b5:5d:87:49:90:96:07:e7: 4c:3f:7c:8f:1a:67:72:d8:d0:00:30:9c:de:1e:54:eb:56:7e: 1d:91:2c:0d:0d:da:6b:84:51:ad:60:27:62:d7:d3:71:ce:24: 50:9b:a3:3e:47:e3:f0:7c:47:4e:72:98:33:f3:54:ad:9a:52: 8c:6c:26:bc:12:2b:a0:0c:9b:8b:c8:fe:e4:47:3c:46:50:e4: 61:25:0a:65:dd:15:98:8e:02:96:84:66:64:e1:1b:b2:62:4d: 28:10:03:26 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKgX3mNSwaPFeg/y64Qc0InCjNZcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDc0OFoX DTI3MDMwMzA2MTI0OFowMzExMC8GA1UEAxMoNzU3Mzg0QUVEMzg3NTIxMzM3NjEz RDUxMzFGQzlEOTJEOTZFOTFEOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALcPdhLvs/otJJHahhTh198ar8FWwwgqPvw5G4yqOQnU+52z4ajTvF7cE1vC zqooIlFGAltI5qZuly+s99wmm3ibSqfXtbzCWzICkAdLDIzmbr68k00Mh9ts4/Vu sJqlSBfAp49hSAZXpORti1Edr4yZCNLX7j1NPHrUyX8+dd4KDUZVLLgtcCGyXLus ma+tPUkxXoB0s1Ck3ygmM1rw20XOP5/G8p/bQQJ3bHNgjNRtXFUTiEBswpPHaDAi MPGMYIlBI1ORPiM8QI78l2+260lL1lU5Z+KfSit5mhwCi/csF+gAb1GqRuEZqo9z sbHxWhYGmidAx3mdZXmTznKEKUsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR1c4Su 04dSEzdhPVEx/J2S2W6R2TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY3Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o/4wDQYJKoZIhvcNAQELBQADggEBAASf2jr1q3xY8ZpMP99SPPWaOVbg+pquAAhC So333ua+u5nV0hdH/KxvAoHbbZnI4z9p0UqeHsXCNOXV8cg5iaienN5XuniXbJ0F g3u0kuMEgoZm2cfmptyJwUt+wAC69k2gVK/2kBABSZafLovYklmxk3Awn8GHLT9j qU+kf/NiQ3uLc9vG6X+F/Bk3WSyUumzJwVHXzfLivw61XYdJkJYH50w/fI8aZ3LY 0AAwnN4eVOtWfh2RLA0N2muEUa1gJ2LX03HOJFCboz5H4/B8R05ymDPzVK2aUoxs JrwSK6AMm4vI/uRHPEZQ5GElCmXdFZiOApaEZmThG7JiTSgQAyY= -----END CERTIFICATE-----Generated at Sat Mar 28 14:30:36 2026 by rpki-client