$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143702.roa File: AS143702.roa (raw, json) Hash identifier: sp+WPRmiJdqOaZ4VAFB0twj3YyvUyZ/DvgPaQ8qNx50= Subject key identifier: 4B:05:1D:15:2A:4D:C9:0C:DD:A7:BE:36:32:FE:B5:F4:93:AA:C7:E3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5E9436E070DEFA1FE3F48E3D47318D80D6F683DA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143702.roa Signing time: Wed 04 Mar 2026 06:12:52 +0000 ROA not before: Wed 04 Mar 2026 06:07:52 +0000 ROA not after: Wed 03 Mar 2027 06:12:52 +0000 asID: 143702 IP address blocks: 240a:a41c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:94:36:e0:70:de:fa:1f:e3:f4:8e:3d:47:31:8d:80:d6:f6:83:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:52 2026 GMT Not After : Mar 3 06:12:52 2027 GMT Subject: CN=4B051D152A4DC90CDDA7BE3632FEB5F493AAC7E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:91:28:9d:20:14:4e:36:f2:4c:9c:b3:31:27: 4e:b9:dc:72:0c:b5:6a:88:3b:3d:e4:06:7e:6d:9f: a7:97:7e:46:56:fd:55:e8:c6:89:8b:f0:eb:df:54: 01:b8:e3:8c:52:26:99:38:57:7a:bd:92:c6:a4:8a: ea:85:f8:d1:7d:c2:27:5d:69:0d:51:62:e2:c9:91: 7a:8c:c1:96:a8:65:65:9e:99:e3:8f:8a:2a:6c:50: d3:02:dc:bb:9c:6b:a8:11:c7:aa:64:10:f4:c3:df: 0e:6f:25:48:5d:d4:1f:a5:ad:63:43:90:c2:82:d3: 66:c2:72:bf:72:96:ca:ce:44:8a:26:64:1a:96:74: 83:93:a1:ca:15:a9:6b:43:cd:23:df:ca:4d:34:97: 76:93:9a:1f:10:ea:1e:b7:ce:48:0c:15:cf:0c:b9: 52:32:f2:33:fa:ff:b7:79:54:f5:7c:36:e5:df:c0: f8:ed:46:6c:9a:8b:ce:f5:13:5a:cc:bd:9a:ea:37: 12:59:57:d2:c3:bc:ce:92:a0:ef:ac:6e:96:d7:6a: f9:03:78:0d:5a:7c:51:b3:f2:05:69:0f:a0:b9:19: fd:80:1b:ae:0f:c1:5a:93:18:88:f9:5c:e0:98:3e: 84:84:06:7b:29:ee:09:8f:56:b9:6c:10:40:f3:98: d1:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:05:1D:15:2A:4D:C9:0C:DD:A7:BE:36:32:FE:B5:F4:93:AA:C7:E3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143702.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a41c::/32 Signature Algorithm: sha256WithRSAEncryption d4:2a:15:19:30:b9:3d:75:cb:c6:8c:4e:1c:98:7b:b3:f8:23: 4c:d1:34:ef:1a:0a:5f:78:8e:c0:06:66:82:29:75:8f:1a:fd: 93:12:c7:03:d2:0e:a1:af:7e:3b:79:a2:ad:fd:b8:41:04:9d: 09:b8:65:69:16:33:63:57:4c:e6:ed:f5:57:52:77:a4:e2:2d: f6:16:cc:c8:cd:60:69:4a:13:ec:97:0a:a0:17:c8:37:d2:ae: 08:de:6e:94:de:3f:65:c5:0f:db:a9:86:a8:50:df:87:1e:cd: d1:8c:08:db:24:6b:26:34:cd:d1:b6:73:eb:0b:d8:c7:a7:d9: 7b:ab:9f:c6:0f:29:11:e4:82:19:c3:da:cc:32:88:dc:51:a8: b5:ae:a3:12:38:d6:82:17:79:5a:64:e4:b6:e4:6f:02:66:45: bf:4b:5f:b3:f0:a3:4e:c4:b8:75:30:dd:f2:57:47:0c:0e:0d: 93:c4:aa:73:5a:0c:32:87:36:f1:ad:91:1d:3b:20:a8:2c:7c: e5:d0:58:60:ea:fc:cd:91:6d:f7:7f:47:05:e1:5d:1c:26:33: 2d:da:0c:0b:c8:0d:76:d7:8b:da:fb:11:38:f8:99:c7:8a:71: 1a:2f:68:7a:e9:71:26:08:5a:62:40:4b:3a:30:38:57:33:81: 49:68:2a:ee -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUXpQ24HDe+h/j9I49RzGNgNb2g9owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDc1MloX DTI3MDMwMzA2MTI1MlowMzExMC8GA1UEAxMoNEIwNTFEMTUyQTREQzkwQ0REQTdC RTM2MzJGRUI1RjQ5M0FBQzdFMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALWRKJ0gFE428kycszEnTrnccgy1aog7PeQGfm2fp5d+Rlb9VejGiYvw699U AbjjjFImmThXer2SxqSK6oX40X3CJ11pDVFi4smReozBlqhlZZ6Z44+KKmxQ0wLc u5xrqBHHqmQQ9MPfDm8lSF3UH6WtY0OQwoLTZsJyv3KWys5EiiZkGpZ0g5OhyhWp a0PNI9/KTTSXdpOaHxDqHrfOSAwVzwy5UjLyM/r/t3lU9Xw25d/A+O1GbJqLzvUT Wsy9muo3EllX0sO8zpKg76xultdq+QN4DVp8UbPyBWkPoLkZ/YAbrg/BWpMYiPlc 4Jg+hIQGeynuCY9WuWwQQPOY0UsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRLBR0V Kk3JDN2nvjYy/rX0k6rH4zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzcwMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pBwwDQYJKoZIhvcNAQELBQADggEBANQqFRkwuT11y8aMThyYe7P4I0zRNO8aCl94 jsAGZoIpdY8a/ZMSxwPSDqGvfjt5oq39uEEEnQm4ZWkWM2NXTObt9VdSd6TiLfYW zMjNYGlKE+yXCqAXyDfSrgjebpTeP2XFD9uphqhQ34cezdGMCNskayY0zdG2c+sL 2Men2Xurn8YPKRHkghnD2swyiNxRqLWuoxI41oIXeVpk5LbkbwJmRb9LX7Pwo07E uHUw3fJXRwwODZPEqnNaDDKHNvGtkR07IKgsfOXQWGDq/M2Rbfd/RwXhXRwmMy3a DAvIDXbXi9r7ETj4mceKcRovaHrpcSYIWmJASzowOFczgUloKu4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:26 2026 by rpki-client