$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143675.roa File: AS143675.roa (raw, json) Hash identifier: rfjG/BbGJWgAWl3WV3j9iaxelpPRgrI0cm1C3yZl+jk= Subject key identifier: E0:C1:05:A6:01:99:16:20:C5:EC:64:1E:25:9E:C9:EF:DB:0C:9B:E7 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4F5252B917EBF37FCA6BA62F7E1FB161C57D8DEB Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143675.roa Signing time: Wed 04 Mar 2026 06:15:43 +0000 ROA not before: Wed 04 Mar 2026 06:10:43 +0000 ROA not after: Wed 03 Mar 2027 06:15:43 +0000 asID: 143675 IP address blocks: 240a:a401::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:52:52:b9:17:eb:f3:7f:ca:6b:a6:2f:7e:1f:b1:61:c5:7d:8d:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:43 2026 GMT Not After : Mar 3 06:15:43 2027 GMT Subject: CN=E0C105A601991620C5EC641E259EC9EFDB0C9BE7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:35:14:08:7d:bc:46:aa:51:83:bc:81:dd:f3: 35:2d:19:a7:a6:96:b7:d7:cc:67:1f:3e:fd:ba:d8: e5:49:0b:dc:e2:58:18:56:73:14:50:68:3f:80:f1: 3e:16:33:c3:ce:a9:aa:ad:18:ae:98:4e:6c:31:84: 5b:64:f3:0f:74:85:83:ad:95:21:3e:72:e7:c0:a3: d7:51:a2:09:08:1e:3e:0c:c4:39:11:7a:10:40:fe: bc:86:a9:8f:60:4d:2a:6c:de:37:91:58:10:20:a6: 44:2d:2a:4c:66:0a:a4:1e:f9:94:11:be:14:86:a6: 56:14:bb:ad:21:cf:24:e9:84:fa:4d:47:23:ce:27: a5:6e:b1:c8:c4:c5:6c:cd:6d:13:b5:5f:01:bc:3c: 4b:53:af:db:60:12:06:b0:89:b8:d1:75:3b:c4:b4: 30:da:1f:f3:0d:ca:7c:22:1c:3d:dd:d1:6b:02:88: c7:34:62:91:92:46:7f:be:3b:8d:2d:b7:11:b6:42: a4:78:50:4e:ee:cf:ee:f6:08:a7:a5:b5:87:67:34: 1b:7a:9d:3d:1b:fa:c2:9b:a8:39:ae:ba:05:d0:f7: 88:39:be:6d:45:8c:65:f3:54:f6:ca:ec:c6:a0:b5: 2c:f6:a4:1a:64:ed:44:bf:fd:38:f0:fc:be:8e:7a: 5a:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:C1:05:A6:01:99:16:20:C5:EC:64:1E:25:9E:C9:EF:DB:0C:9B:E7 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143675.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a401::/32 Signature Algorithm: sha256WithRSAEncryption b2:70:1e:b9:94:a0:52:3c:13:29:9f:6f:58:f5:1b:84:97:df: d2:fb:2b:eb:d5:d1:f5:a6:5c:6b:95:4c:61:16:27:1f:92:cb: 92:bd:96:67:1c:7d:37:e1:c0:86:fc:de:64:78:79:91:e3:72: 34:f4:bc:cd:33:1f:3a:5e:f3:7a:9d:a5:ab:50:f4:21:07:ba: 1c:b4:8d:d5:be:00:69:81:2f:f8:0a:1e:28:20:41:9b:dc:99: ba:2f:b5:22:01:e8:68:72:dd:10:33:19:18:ed:86:fa:01:5f: 37:e5:d9:b3:c4:8b:25:b1:cb:41:cb:b0:31:2e:96:8a:d5:35: 77:9c:60:55:ab:c9:a8:23:b1:17:bd:8c:9c:c4:bb:2c:02:68: 7f:e9:70:28:c8:20:a6:17:6a:0c:63:34:ac:c7:fa:2c:bd:c5: d9:d3:5f:cc:a0:e5:af:c6:bd:1b:e2:7a:a3:1c:d8:97:14:25: 11:44:c1:b4:13:1c:d3:2e:e3:55:ce:e0:14:34:50:c8:22:4a: 42:a3:8c:bd:e8:6b:c6:75:0f:f9:9b:d7:d8:6b:3a:3f:aa:a8: 93:e4:d9:46:bb:7c:f8:e7:52:c5:ca:97:8c:cd:16:31:08:e9: 38:72:3a:0f:20:88:62:35:01:49:dc:d1:f2:5d:26:ed:db:2c: bc:5d:db:a3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUT1JSuRfr83/Ka6Yvfh+xYcV9jeswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTA0M1oX DTI3MDMwMzA2MTU0M1owMzExMC8GA1UEAxMoRTBDMTA1QTYwMTk5MTYyMEM1RUM2 NDFFMjU5RUM5RUZEQjBDOUJFNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALY1FAh9vEaqUYO8gd3zNS0Zp6aWt9fMZx8+/brY5UkL3OJYGFZzFFBoP4Dx PhYzw86pqq0YrphObDGEW2TzD3SFg62VIT5y58Cj11GiCQgePgzEORF6EED+vIap j2BNKmzeN5FYECCmRC0qTGYKpB75lBG+FIamVhS7rSHPJOmE+k1HI84npW6xyMTF bM1tE7VfAbw8S1Ov22ASBrCJuNF1O8S0MNof8w3KfCIcPd3RawKIxzRikZJGf747 jS23EbZCpHhQTu7P7vYIp6W1h2c0G3qdPRv6wpuoOa66BdD3iDm+bUWMZfNU9srs xqC1LPakGmTtRL/9OPD8vo56WkcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTgwQWm AZkWIMXsZB4lnsnv2wyb5zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY3NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pAEwDQYJKoZIhvcNAQELBQADggEBALJwHrmUoFI8Eymfb1j1G4SX39L7K+vV0fWm XGuVTGEWJx+Sy5K9lmccfTfhwIb83mR4eZHjcjT0vM0zHzpe83qdpatQ9CEHuhy0 jdW+AGmBL/gKHiggQZvcmbovtSIB6Ghy3RAzGRjthvoBXzfl2bPEiyWxy0HLsDEu lorVNXecYFWryagjsRe9jJzEuywCaH/pcCjIIKYXagxjNKzH+iy9xdnTX8yg5a/G vRvieqMc2JcUJRFEwbQTHNMu41XO4BQ0UMgiSkKjjL3oa8Z1D/mb19hrOj+qqJPk 2Ua7fPjnUsXKl4zNFjEI6ThyOg8giGI1AUnc0fJdJu3bLLxd26M= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:10 2026 by rpki-client