$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143676.roa File: AS143676.roa (raw, json) Hash identifier: IXSASe71aENxb3vq/9Sh2jQLbpUz8MhSBeCvhZIjxZI= Subject key identifier: BA:AA:6D:62:AF:63:DE:D1:21:23:2A:AA:90:D3:3E:0E:A8:7D:1F:E6 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5D20A252B7B488568941EEC6E596F641A8472414 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143676.roa Signing time: Wed 04 Mar 2026 06:14:24 +0000 ROA not before: Wed 04 Mar 2026 06:09:24 +0000 ROA not after: Wed 03 Mar 2027 06:14:24 +0000 asID: 143676 IP address blocks: 240a:a402::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:20:a2:52:b7:b4:88:56:89:41:ee:c6:e5:96:f6:41:a8:47:24:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:24 2026 GMT Not After : Mar 3 06:14:24 2027 GMT Subject: CN=BAAA6D62AF63DED121232AAA90D33E0EA87D1FE6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:ff:62:8a:7d:47:d5:54:fb:5f:01:22:39:9b: fe:7e:d6:b7:c9:2e:3a:91:d3:a4:19:3b:83:4b:a4: 80:7e:6d:a7:19:69:4b:1c:32:b6:b5:3f:31:15:62: d7:36:8b:09:01:55:ad:6e:0a:c7:36:dd:63:1d:36: 77:26:dd:71:f8:ab:8c:fa:ca:b3:3b:79:97:ad:71: bd:b4:52:89:00:76:b3:ef:9d:aa:31:91:a4:3b:79: 97:92:7b:7d:e6:a8:7f:ea:68:4a:4c:aa:f3:25:15: 00:cb:64:75:13:63:48:08:b9:e8:0b:7f:a1:92:19: 97:81:c9:d6:f3:23:59:12:e6:d2:1b:ec:6c:1a:13: 29:d5:64:78:fa:42:6d:4b:dc:13:59:2d:34:5a:3a: af:22:9e:63:18:e4:33:35:a7:89:71:39:a1:6a:33: 9c:3c:b4:25:35:8d:21:21:eb:c8:d9:b0:83:63:8a: 84:ea:15:a6:fd:09:42:1f:65:83:6d:52:8e:6a:c7: 65:9e:ee:98:a0:f8:62:25:ad:69:4d:ba:80:24:99: 5a:f0:11:46:4f:55:ec:5a:2f:82:d3:6d:52:82:80: bf:12:d3:2c:7d:33:fc:8a:ec:54:3b:80:08:5e:28: 94:b8:d8:a1:1d:e9:9a:2e:a1:78:23:9f:60:0b:77: 2f:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:AA:6D:62:AF:63:DE:D1:21:23:2A:AA:90:D3:3E:0E:A8:7D:1F:E6 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143676.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a402::/32 Signature Algorithm: sha256WithRSAEncryption 5a:77:25:01:ac:32:4e:d5:9a:7a:6b:57:55:51:91:e1:55:23: 0e:4f:b6:27:34:18:d0:38:18:47:f5:3b:5e:4f:33:8d:8a:60: 47:45:46:6c:4b:80:61:56:28:17:3b:dd:f8:ea:2a:f1:43:75: 64:ea:67:15:eb:be:62:0c:0d:42:b8:1b:15:4a:d5:d4:a3:9e: 6a:ef:0f:70:ca:96:f4:7d:be:5f:45:5b:2c:2e:24:aa:ee:02: 15:a9:e5:9c:fc:37:51:5e:6e:e3:d5:9e:48:96:90:e5:4e:9a: 03:28:ac:94:62:8e:a7:f1:62:c4:a0:20:d6:d4:97:c3:82:88: 79:0f:f2:66:27:e4:d6:18:45:f4:d6:f7:f5:da:9d:bb:d3:0c: 62:81:5b:d3:db:7e:90:c2:5e:44:3e:fc:16:47:06:6a:14:50: a3:6d:cf:22:fd:9a:47:35:ee:28:ab:e3:71:01:66:c5:27:77: 2e:a5:ca:9d:69:27:f2:9f:49:37:5d:d3:97:c7:1f:f2:2f:f0: f5:d5:87:e0:88:33:18:bc:b9:e1:81:c2:89:64:71:c5:cd:e1: aa:58:7e:0b:50:cd:bd:26:86:33:03:3c:da:d7:74:68:2a:e8: 86:ff:72:e2:8e:6d:8d:35:f7:87:08:7f:0e:ec:45:dc:fb:8a: 39:fe:fa:29 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUXSCiUre0iFaJQe7G5Zb2QahHJBQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkyNFoX DTI3MDMwMzA2MTQyNFowMzExMC8GA1UEAxMoQkFBQTZENjJBRjYzREVEMTIxMjMy QUFBOTBEMzNFMEVBODdEMUZFNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANb/Yop9R9VU+18BIjmb/n7Wt8kuOpHTpBk7g0ukgH5tpxlpSxwytrU/MRVi 1zaLCQFVrW4KxzbdYx02dybdcfirjPrKszt5l61xvbRSiQB2s++dqjGRpDt5l5J7 feaof+poSkyq8yUVAMtkdRNjSAi56At/oZIZl4HJ1vMjWRLm0hvsbBoTKdVkePpC bUvcE1ktNFo6ryKeYxjkMzWniXE5oWoznDy0JTWNISHryNmwg2OKhOoVpv0JQh9l g21SjmrHZZ7umKD4YiWtaU26gCSZWvARRk9V7FovgtNtUoKAvxLTLH0z/IrsVDuA CF4olLjYoR3pmi6heCOfYAt3LwECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS6qm1i r2Pe0SEjKqqQ0z4OqH0f5jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY3Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pAIwDQYJKoZIhvcNAQELBQADggEBAFp3JQGsMk7VmnprV1VRkeFVIw5Ptic0GNA4 GEf1O15PM42KYEdFRmxLgGFWKBc73fjqKvFDdWTqZxXrvmIMDUK4GxVK1dSjnmrv D3DKlvR9vl9FWywuJKruAhWp5Zz8N1FebuPVnkiWkOVOmgMorJRijqfxYsSgINbU l8OCiHkP8mYn5NYYRfTW9/XanbvTDGKBW9PbfpDCXkQ+/BZHBmoUUKNtzyL9mkc1 7iir43EBZsUndy6lyp1pJ/KfSTdd05fHH/Iv8PXVh+CIMxi8ueGBwolkccXN4apY fgtQzb0mhjMDPNrXdGgq6Ib/cuKObY0194cIfw7sRdz7ijn++ik= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:58 2026 by rpki-client