$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143687.roa File: AS143687.roa (raw, json) Hash identifier: ox+tmOgl0xVJFmibmPAULu69yw1UXARJUcYOuYLM/IU= Subject key identifier: 8D:AE:C0:72:8D:5E:D2:C4:6A:88:7D:44:C0:04:0C:6F:E5:15:BE:74 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 02F1ECCF197677F2467F0332A799FE3EDD0724B3 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143687.roa Signing time: Wed 04 Mar 2026 06:13:46 +0000 ROA not before: Wed 04 Mar 2026 06:08:46 +0000 ROA not after: Wed 03 Mar 2027 06:13:46 +0000 asID: 143687 IP address blocks: 240a:a40d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:f1:ec:cf:19:76:77:f2:46:7f:03:32:a7:99:fe:3e:dd:07:24:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:46 2026 GMT Not After : Mar 3 06:13:46 2027 GMT Subject: CN=8DAEC0728D5ED2C46A887D44C0040C6FE515BE74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:e6:d0:7b:de:38:29:50:07:48:f7:ba:63:aa: e9:54:74:8e:97:5f:56:f2:ee:b7:75:fd:9d:18:05: d1:1c:30:93:79:12:ed:f0:03:51:15:75:0e:46:7c: 4a:1b:8b:6b:3f:3f:57:cc:71:a2:ce:42:ef:75:02: cb:91:dd:c5:78:4e:80:39:40:34:2c:77:bc:1f:82: d4:e7:de:68:9e:3e:cd:8f:d4:8e:5c:5a:06:48:08: e0:40:c6:df:10:1c:15:ae:fc:da:71:73:73:ce:7f: 52:9c:1c:6c:96:b6:3b:56:47:f2:24:46:ab:7d:2f: 85:d8:02:0f:34:27:27:f4:64:8c:43:12:67:fd:16: 1e:ba:1e:aa:55:12:ae:16:ae:af:28:78:5d:c5:81: 38:f4:59:77:93:9b:91:24:2e:1e:95:d8:69:55:dd: 86:e7:46:b5:3f:ab:21:34:88:1c:c4:f4:55:4f:92: ce:3f:67:31:d5:47:38:89:08:4c:5e:a0:ec:a0:b1: a5:7d:d8:01:b0:fc:23:1c:eb:66:23:64:43:d5:31: 94:b7:7c:d9:85:ed:eb:6e:96:de:a8:a0:a1:66:a3: d5:08:91:9f:cf:44:a8:78:a8:11:b6:e7:00:37:72: 49:43:b5:ef:ee:2d:ee:0a:5d:89:4c:71:fa:56:16: 07:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:AE:C0:72:8D:5E:D2:C4:6A:88:7D:44:C0:04:0C:6F:E5:15:BE:74 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143687.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a40d::/32 Signature Algorithm: sha256WithRSAEncryption b7:0d:42:13:45:00:f4:72:1e:13:fa:9b:b5:d6:63:2a:53:c1: 90:5e:ca:2a:a4:5a:32:95:a0:79:06:0f:e3:a4:e8:8c:e9:63: 7d:73:64:52:19:50:12:b9:2e:6d:dc:78:77:a8:1b:c6:2f:58: 53:79:a0:e3:06:7a:98:6f:98:73:65:ff:7f:94:8f:02:b1:de: 8b:5c:75:4d:84:da:fd:75:c7:1b:88:db:76:fe:59:50:35:33: e4:95:ce:a6:18:f2:a1:bd:22:cf:c8:4f:c0:5b:c6:b7:85:15: 48:08:95:58:a5:9f:ea:c9:2f:ee:09:82:d1:59:d5:c4:22:22: 06:a1:29:1b:99:8b:29:94:7b:b2:b4:e0:03:2b:5f:f5:0f:cd: fb:e8:e1:4a:2d:c0:26:61:2b:09:f6:6b:57:fc:71:3e:61:97: 86:e2:22:6a:df:0e:f4:9b:f5:56:1e:71:1d:95:b3:91:7a:78: e1:62:60:52:ff:d5:bd:c0:3a:2a:f8:05:36:15:99:a3:ca:c3: 54:5d:b9:f5:0f:3d:18:2a:97:fb:d6:eb:fe:d2:71:d7:74:3f: c4:99:18:d3:4c:93:0d:8e:c1:27:82:b2:9d:1f:95:06:7b:45: 63:2f:95:12:14:8d:db:29:f3:aa:e5:fd:6c:bb:25:da:96:57: bd:1a:0c:08 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUAvHszxl2d/JGfwMyp5n+Pt0HJLMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDg0NloX DTI3MDMwMzA2MTM0NlowMzExMC8GA1UEAxMoOERBRUMwNzI4RDVFRDJDNDZBODg3 RDQ0QzAwNDBDNkZFNTE1QkU3NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL7m0HveOClQB0j3umOq6VR0jpdfVvLut3X9nRgF0Rwwk3kS7fADURV1DkZ8 ShuLaz8/V8xxos5C73UCy5HdxXhOgDlANCx3vB+C1OfeaJ4+zY/UjlxaBkgI4EDG 3xAcFa782nFzc85/UpwcbJa2O1ZH8iRGq30vhdgCDzQnJ/RkjEMSZ/0WHroeqlUS rhauryh4XcWBOPRZd5ObkSQuHpXYaVXdhudGtT+rITSIHMT0VU+Szj9nMdVHOIkI TF6g7KCxpX3YAbD8IxzrZiNkQ9UxlLd82YXt626W3qigoWaj1QiRn89EqHioEbbn ADdySUO17+4t7gpdiUxx+lYWBwMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSNrsBy jV7SxGqIfUTABAxv5RW+dDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY4Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pA0wDQYJKoZIhvcNAQELBQADggEBALcNQhNFAPRyHhP6m7XWYypTwZBeyiqkWjKV oHkGD+Ok6IzpY31zZFIZUBK5Lm3ceHeoG8YvWFN5oOMGephvmHNl/3+UjwKx3otc dU2E2v11xxuI23b+WVA1M+SVzqYY8qG9Is/IT8BbxreFFUgIlViln+rJL+4JgtFZ 1cQiIgahKRuZiymUe7K04AMrX/UPzfvo4UotwCZhKwn2a1f8cT5hl4biImrfDvSb 9VYecR2Vs5F6eOFiYFL/1b3AOir4BTYVmaPKw1RdufUPPRgql/vW6/7Scdd0P8SZ GNNMkw2OwSeCsp0flQZ7RWMvlRIUjdsp86rl/Wy7JdqWV70aDAg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:34 2026 by rpki-client