$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143689.roa File: AS143689.roa (raw, json) Hash identifier: PsMjTdUDiznWzMXB1QREJ/VnQ1Xj9z5WsMAmLEXPpCE= Subject key identifier: 07:3B:EB:0A:DF:0F:57:3E:4B:AD:E1:91:2A:B6:44:6B:8E:D2:F5:7B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2649CF136B714EEFBFEFCFC72F18815A435B0DD9 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143689.roa Signing time: Wed 04 Mar 2026 06:15:18 +0000 ROA not before: Wed 04 Mar 2026 06:10:18 +0000 ROA not after: Wed 03 Mar 2027 06:15:18 +0000 asID: 143689 IP address blocks: 240a:a40f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:49:cf:13:6b:71:4e:ef:bf:ef:cf:c7:2f:18:81:5a:43:5b:0d:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:18 2026 GMT Not After : Mar 3 06:15:18 2027 GMT Subject: CN=073BEB0ADF0F573E4BADE1912AB6446B8ED2F57B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:78:1f:c9:25:fd:98:05:f6:8f:e5:ff:3d:91: bf:87:07:67:4f:d8:82:30:1f:d4:91:15:cf:4c:9d: 19:c7:55:55:95:80:67:6a:1c:e9:c0:90:e8:68:5e: 0b:6f:3d:d8:2e:e0:a9:c0:c8:ee:52:fb:44:80:af: 44:00:82:de:d2:2e:bf:0c:2f:0c:33:6f:e1:95:43: a0:b9:3d:1f:92:08:06:c1:14:b2:85:6a:af:93:f6: 46:8f:f2:61:9a:72:fd:10:ac:09:93:25:61:52:0d: 0d:0b:59:e5:34:e7:85:6e:6d:66:99:e9:0f:98:b1: 40:47:c3:97:81:6b:ff:d7:ea:70:89:53:b6:ed:f3: 65:3d:51:69:de:58:f0:b3:b3:de:3e:25:da:54:c9: e3:5f:79:5d:3b:54:06:80:9b:45:17:0a:c1:3f:98: de:f8:fc:6c:25:e6:14:66:3c:67:22:9d:6c:e6:02: 45:a6:b6:fe:a3:0f:13:79:f8:a4:9e:1d:43:dc:05: ac:f1:ec:4f:09:7d:70:ef:3a:07:c7:e9:49:29:c5: ba:36:88:4b:a8:17:79:d5:9d:54:73:0f:fe:52:30: 68:4c:78:74:9b:eb:e8:b1:98:3e:39:29:9c:d8:69: 53:d2:aa:88:23:c0:2f:cb:ad:44:4f:14:09:3b:5d: 8c:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:3B:EB:0A:DF:0F:57:3E:4B:AD:E1:91:2A:B6:44:6B:8E:D2:F5:7B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143689.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a40f::/32 Signature Algorithm: sha256WithRSAEncryption 0d:68:d5:a4:54:91:54:87:61:b1:27:84:68:ae:35:32:00:05: fc:dd:06:8b:25:2a:f2:a9:a8:44:68:15:99:2c:41:dd:1d:23: b9:db:35:ce:78:36:db:af:21:90:96:76:8e:19:33:fc:0a:4a: f7:71:62:29:3e:16:fe:ea:03:53:df:5d:40:28:ef:d1:63:78: 4a:c8:43:59:65:d0:aa:df:c0:ce:06:bf:7f:d6:2d:e8:db:ef: 85:eb:39:fe:dd:09:4c:8f:3e:81:a6:b7:80:5c:99:64:d4:80: 32:71:78:c6:d6:10:77:52:60:80:4b:38:90:c9:89:53:b7:cf: ff:dc:c9:bf:8e:08:17:e2:f6:f0:79:db:10:66:ec:4a:73:63: b5:15:86:19:b5:34:39:27:8d:5d:e2:1a:e6:38:a3:d2:ff:ee: f3:88:16:74:56:f2:07:d0:53:82:fb:f3:39:60:7f:85:b7:b5: c1:c7:f1:e8:fc:1c:48:8b:b9:f5:79:e2:81:b4:69:cb:38:9a: 94:de:bb:88:5c:9c:ae:45:ed:06:7b:37:cd:d1:f4:85:65:15: bc:d6:1e:0b:f0:14:50:e7:86:9f:9a:ae:2a:02:e6:a2:73:0b: ca:c2:4c:c7:81:80:ee:04:58:bb:ce:7e:81:ec:fd:f5:4d:82: ac:b8:48:e4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJknPE2txTu+/78/HLxiBWkNbDdkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAxOFoX DTI3MDMwMzA2MTUxOFowMzExMC8GA1UEAxMoMDczQkVCMEFERjBGNTczRTRCQURF MTkxMkFCNjQ0NkI4RUQyRjU3QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMl4H8kl/ZgF9o/l/z2Rv4cHZ0/YgjAf1JEVz0ydGcdVVZWAZ2oc6cCQ6Ghe C2892C7gqcDI7lL7RICvRACC3tIuvwwvDDNv4ZVDoLk9H5IIBsEUsoVqr5P2Ro/y YZpy/RCsCZMlYVINDQtZ5TTnhW5tZpnpD5ixQEfDl4Fr/9fqcIlTtu3zZT1Rad5Y 8LOz3j4l2lTJ4195XTtUBoCbRRcKwT+Y3vj8bCXmFGY8ZyKdbOYCRaa2/qMPE3n4 pJ4dQ9wFrPHsTwl9cO86B8fpSSnFujaIS6gXedWdVHMP/lIwaEx4dJvr6LGYPjkp nNhpU9KqiCPAL8utRE8UCTtdjKsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQHO+sK 3w9XPkut4ZEqtkRrjtL1ezAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzY4OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pA8wDQYJKoZIhvcNAQELBQADggEBAA1o1aRUkVSHYbEnhGiuNTIABfzdBoslKvKp qERoFZksQd0dI7nbNc54NtuvIZCWdo4ZM/wKSvdxYik+Fv7qA1PfXUAo79FjeErI Q1ll0KrfwM4Gv3/WLejb74XrOf7dCUyPPoGmt4BcmWTUgDJxeMbWEHdSYIBLOJDJ iVO3z//cyb+OCBfi9vB52xBm7EpzY7UVhhm1NDknjV3iGuY4o9L/7vOIFnRW8gfQ U4L78zlgf4W3tcHH8ej8HEiLufV54oG0acs4mpTeu4hcnK5F7QZ7N83R9IVlFbzW HgvwFFDnhp+arioC5qJzC8rCTMeBgO4EWLvOfoHs/fVNgqy4SOQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:53 2026 by rpki-client