$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143705.roa File: AS143705.roa (raw, json) Hash identifier: nIavTQiFAIkimkI0cVHAZzDUyGRomwyOM6fNsTjDwsY= Subject key identifier: 17:0F:61:D1:8C:CD:D1:A2:22:61:4B:7E:C6:F3:0D:34:FA:2E:A3:42 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 07149589BF4658BE2EAF100FD7205CCB62FAB19C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143705.roa Signing time: Wed 04 Mar 2026 06:12:57 +0000 ROA not before: Wed 04 Mar 2026 06:07:57 +0000 ROA not after: Wed 03 Mar 2027 06:12:57 +0000 asID: 143705 IP address blocks: 240a:a41f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:14:95:89:bf:46:58:be:2e:af:10:0f:d7:20:5c:cb:62:fa:b1:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:57 2026 GMT Not After : Mar 3 06:12:57 2027 GMT Subject: CN=170F61D18CCDD1A222614B7EC6F30D34FA2EA342 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:30:27:93:e9:11:84:39:c6:d4:a2:e7:7f:42: 61:73:ef:86:1e:28:ce:85:3c:b2:ce:17:65:56:b6: 23:97:82:8c:79:84:1d:71:95:00:99:d0:47:c0:3b: 92:6c:5a:ee:b0:ba:b2:5d:00:2f:11:74:4b:7f:31: ad:11:3d:4c:80:c5:36:55:ab:80:81:a3:e2:ab:0b: 31:ce:ce:99:26:ce:da:ac:19:63:ad:c6:6f:11:45: 47:96:b7:84:32:34:0e:5e:90:bd:8c:49:4e:20:12: ed:33:54:c3:c2:af:bf:8a:42:cd:a2:0b:94:69:0f: ce:84:92:2b:2a:d3:b1:da:e7:50:c3:14:2a:b6:68: 4a:03:b4:eb:df:af:a5:76:b4:58:be:d6:c4:99:97: ac:e1:d6:60:c7:08:7e:30:f3:2a:e1:d0:c2:05:e3: 8a:57:63:17:a3:fd:62:6a:2c:c9:75:a2:89:a3:a7: de:7d:67:50:3c:1e:d5:4c:b9:e4:ed:1e:a5:97:e9: 4a:b2:7c:f4:aa:d7:6c:ee:48:c4:47:16:f1:55:28: e3:45:41:01:22:26:54:9d:8b:a6:59:67:7a:c1:e1: 66:3e:b2:1f:a9:ce:a1:ec:46:e7:d9:52:49:49:1e: 97:5f:2d:31:ef:5a:e4:fb:69:ac:25:80:ac:b1:6f: 74:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:0F:61:D1:8C:CD:D1:A2:22:61:4B:7E:C6:F3:0D:34:FA:2E:A3:42 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143705.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a41f::/32 Signature Algorithm: sha256WithRSAEncryption d2:d0:cd:31:e8:31:f2:7a:a7:f6:ca:eb:31:8d:67:fa:fa:e9: 83:9c:09:71:89:3c:28:89:84:2d:39:15:b9:3f:8c:5d:61:d5: b5:b0:3a:72:97:78:93:13:f1:60:81:2b:1b:d0:22:1d:79:ee: 01:17:86:5f:36:e5:a7:9f:de:b4:98:ec:f0:19:de:64:ac:68: 54:90:76:65:3b:ba:4e:04:fa:87:c4:cb:04:77:27:54:b3:69: 48:24:e0:a3:98:04:dc:4e:74:ca:cf:5a:4f:ae:87:e9:56:63: ec:01:cf:db:3d:83:d1:ad:fa:f1:80:f9:1e:1c:7f:48:6f:3a: 01:0e:c2:4a:2d:b9:33:20:50:b6:15:b8:76:94:1e:38:1e:cd: eb:3f:d7:cb:08:61:94:6b:8e:16:51:a2:79:b7:11:6c:8b:3d: 4d:3a:6f:1d:6f:a7:cb:b8:8a:13:ab:3f:e3:d8:f9:d2:d4:9e: 11:e8:f8:22:2d:ea:59:d2:64:e6:c1:f0:28:e2:08:c3:e7:40: c1:cd:81:7d:b7:92:3d:67:64:dc:a2:12:f6:2b:8e:e4:e8:bf: 87:a8:f9:99:99:59:01:e6:6f:42:b7:e4:58:1f:37:27:30:bc: c0:90:bd:3b:4f:c3:0a:04:65:84:81:65:87:36:ae:77:65:11: 00:4c:06:ab -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBxSVib9GWL4urxAP1yBcy2L6sZwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDc1N1oX DTI3MDMwMzA2MTI1N1owMzExMC8GA1UEAxMoMTcwRjYxRDE4Q0NERDFBMjIyNjE0 QjdFQzZGMzBEMzRGQTJFQTM0MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKcwJ5PpEYQ5xtSi539CYXPvhh4ozoU8ss4XZVa2I5eCjHmEHXGVAJnQR8A7 kmxa7rC6sl0ALxF0S38xrRE9TIDFNlWrgIGj4qsLMc7OmSbO2qwZY63GbxFFR5a3 hDI0Dl6QvYxJTiAS7TNUw8Kvv4pCzaILlGkPzoSSKyrTsdrnUMMUKrZoSgO069+v pXa0WL7WxJmXrOHWYMcIfjDzKuHQwgXjildjF6P9YmosyXWiiaOn3n1nUDwe1Uy5 5O0epZfpSrJ89KrXbO5IxEcW8VUo40VBASImVJ2LpllnesHhZj6yH6nOoexG59lS SUkel18tMe9a5PtprCWArLFvdGECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQXD2HR jM3RoiJhS37G8w00+i6jQjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzcwNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pB8wDQYJKoZIhvcNAQELBQADggEBANLQzTHoMfJ6p/bK6zGNZ/r66YOcCXGJPCiJ hC05Fbk/jF1h1bWwOnKXeJMT8WCBKxvQIh157gEXhl825aef3rSY7PAZ3mSsaFSQ dmU7uk4E+ofEywR3J1SzaUgk4KOYBNxOdMrPWk+uh+lWY+wBz9s9g9Gt+vGA+R4c f0hvOgEOwkotuTMgULYVuHaUHjgezes/18sIYZRrjhZRonm3EWyLPU06bx1vp8u4 ihOrP+PY+dLUnhHo+CIt6lnSZObB8CjiCMPnQMHNgX23kj1nZNyiEvYrjuTov4eo +ZmZWQHmb0K35FgfNycwvMCQvTtPwwoEZYSBZYc2rndlEQBMBqs= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:10 2026 by rpki-client