$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143708.roa File: AS143708.roa (raw, json) Hash identifier: qkaZ0GC98V5wfKOesL5zkGu9k9y6u3VaT0tAtrWvT7Q= Subject key identifier: 18:9D:BB:39:D8:10:33:DC:8D:2A:D6:E7:CA:57:D6:F1:50:05:0D:29 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 355325F505AF3F4AB06DB28D24C51475FB9CE2A7 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143708.roa Signing time: Wed 04 Mar 2026 06:12:45 +0000 ROA not before: Wed 04 Mar 2026 06:07:45 +0000 ROA not after: Wed 03 Mar 2027 06:12:45 +0000 asID: 143708 IP address blocks: 240a:a422::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:53:25:f5:05:af:3f:4a:b0:6d:b2:8d:24:c5:14:75:fb:9c:e2:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:45 2026 GMT Not After : Mar 3 06:12:45 2027 GMT Subject: CN=189DBB39D81033DC8D2AD6E7CA57D6F150050D29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:fb:a3:b9:71:41:e0:24:8c:5c:b5:2a:e9:78: 0c:40:9a:15:db:91:4c:20:2d:95:4c:be:52:35:84: f9:27:95:80:51:f0:a2:08:6b:5d:8a:27:d4:65:6b: 14:1e:85:81:bf:aa:e7:fa:0d:1e:09:fa:f4:74:51: 68:a8:bb:27:5e:f5:24:03:5a:94:a8:53:fc:aa:9c: 4d:2a:f9:56:d6:ed:43:93:a2:02:59:77:2c:f4:ed: 8d:3f:75:a3:2e:8c:09:8c:1d:e9:4f:54:c9:08:73: 89:7c:0c:a0:33:01:b2:5c:dc:af:64:47:aa:2e:cb: 22:b4:a2:d6:f8:61:53:02:6b:c4:a3:93:eb:e8:8f: e1:c5:db:d7:93:a4:43:cb:5f:a3:b5:f1:51:92:a2: cd:22:c8:0d:11:95:3d:97:fc:a8:61:f9:4b:cb:ba: 45:df:7c:91:65:0f:cf:a2:d2:dc:85:3a:8f:f4:ea: 69:c2:3d:c6:cc:41:0e:41:6f:74:0b:da:89:2a:a9: 3e:27:f7:8d:d9:c8:0b:fc:d6:67:29:29:58:80:46: 3a:f2:a7:01:a4:67:c6:c1:7c:37:12:a7:3f:3f:79: ee:0c:26:03:32:58:31:70:34:9e:8c:0d:5f:3b:a8: c7:0a:d8:9d:14:81:a1:26:c8:da:64:46:97:7d:6f: 7e:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:9D:BB:39:D8:10:33:DC:8D:2A:D6:E7:CA:57:D6:F1:50:05:0D:29 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143708.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a422::/32 Signature Algorithm: sha256WithRSAEncryption 40:f0:5f:72:cd:b6:dc:03:e2:a7:ac:67:1c:46:5c:1f:1b:1a: 6b:39:25:f8:4c:08:74:81:3f:26:fc:3f:40:5a:11:a1:ed:6f: dc:0a:db:73:d6:a0:e2:5f:8d:82:56:fa:ce:8e:6d:7e:57:13: 3f:90:d1:1b:33:aa:a9:08:9d:fd:8a:d1:3a:cd:c9:17:4c:17: a1:df:be:61:75:2d:a8:0b:f8:9b:d6:35:59:31:61:9f:8d:6d: b1:7a:19:88:0f:86:8b:aa:25:6a:aa:3c:18:3d:f5:d3:7e:b8: 6e:b5:c2:a5:c1:a4:75:c7:08:9e:f3:9b:2e:2a:82:d1:1b:35: a8:86:9b:90:81:02:ea:c7:0f:a8:5b:cc:86:ee:ce:28:4f:18: c9:f4:f9:e7:de:17:ce:7a:5d:cb:20:86:b7:05:78:af:a0:88: 13:8c:ef:cb:5f:54:7f:0c:cf:a6:c4:d7:48:a9:5d:02:23:dc: e1:67:a3:04:d9:44:94:63:be:c5:e4:ac:af:e9:67:63:b9:24: df:37:c4:21:30:30:b2:23:c3:03:a4:0c:84:98:05:af:df:7f: 1d:b3:48:bb:74:6a:cf:fd:e2:ac:4e:ba:07:c3:ea:48:4a:7a: 89:96:77:83:73:fc:95:00:1a:9d:d9:59:c4:ae:ee:c9:eb:0d: fd:7b:fc:9b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNVMl9QWvP0qwbbKNJMUUdfuc4qcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDc0NVoX DTI3MDMwMzA2MTI0NVowMzExMC8GA1UEAxMoMTg5REJCMzlEODEwMzNEQzhEMkFE NkU3Q0E1N0Q2RjE1MDA1MEQyOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALv7o7lxQeAkjFy1Kul4DECaFduRTCAtlUy+UjWE+SeVgFHwoghrXYon1GVr FB6Fgb+q5/oNHgn69HRRaKi7J171JANalKhT/KqcTSr5VtbtQ5OiAll3LPTtjT91 oy6MCYwd6U9UyQhziXwMoDMBslzcr2RHqi7LIrSi1vhhUwJrxKOT6+iP4cXb15Ok Q8tfo7XxUZKizSLIDRGVPZf8qGH5S8u6Rd98kWUPz6LS3IU6j/TqacI9xsxBDkFv dAvaiSqpPif3jdnIC/zWZykpWIBGOvKnAaRnxsF8NxKnPz957gwmAzJYMXA0nowN XzuoxwrYnRSBoSbI2mRGl31vfq8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQYnbs5 2BAz3I0q1ufKV9bxUAUNKTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzcwOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pCIwDQYJKoZIhvcNAQELBQADggEBAEDwX3LNttwD4qesZxxGXB8bGms5JfhMCHSB Pyb8P0BaEaHtb9wK23PWoOJfjYJW+s6ObX5XEz+Q0RszqqkInf2K0TrNyRdMF6Hf vmF1LagL+JvWNVkxYZ+NbbF6GYgPhouqJWqqPBg99dN+uG61wqXBpHXHCJ7zmy4q gtEbNaiGm5CBAurHD6hbzIbuzihPGMn0+efeF856XcsghrcFeK+giBOM78tfVH8M z6bE10ipXQIj3OFnowTZRJRjvsXkrK/pZ2O5JN83xCEwMLIjwwOkDISYBa/ffx2z SLt0as/94qxOugfD6khKeomWd4Nz/JUAGp3ZWcSu7snrDf17/Js= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:24 2026 by rpki-client