$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143715.roa File: AS143715.roa (raw, json) Hash identifier: RGp359QJhvLYvP6Elhb66XoSMaWzfociJvpQU0AWFsw= Subject key identifier: E6:71:94:90:18:E7:66:5C:CF:07:54:67:F0:8B:62:4E:1B:AF:42:F8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3D179714699FD7A74AEF3830EF7CFDB685EFCF11 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143715.roa Signing time: Wed 04 Mar 2026 06:15:09 +0000 ROA not before: Wed 04 Mar 2026 06:10:09 +0000 ROA not after: Wed 03 Mar 2027 06:15:09 +0000 asID: 143715 IP address blocks: 240a:a429::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:17:97:14:69:9f:d7:a7:4a:ef:38:30:ef:7c:fd:b6:85:ef:cf:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:09 2026 GMT Not After : Mar 3 06:15:09 2027 GMT Subject: CN=E671949018E7665CCF075467F08B624E1BAF42F8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:86:2a:d9:2e:60:cb:df:25:77:78:ed:b8:1b:f1: 91:ff:82:20:32:b6:66:95:d6:5f:dd:0e:ff:6b:b1: 27:e8:80:51:e3:61:fa:2b:d9:84:71:a8:e0:2d:e0: e6:ea:37:c0:b0:83:d7:e3:29:ff:58:bf:6a:78:4e: 13:18:4e:45:18:64:43:44:c3:42:3d:9d:b8:21:70: 10:09:f0:55:b6:0c:3a:8b:82:2a:7e:45:ea:54:11: ea:e8:78:81:0b:77:2c:75:f8:b0:36:a7:e0:c3:90: ad:de:d5:67:d5:3f:01:cd:8c:b9:54:19:a9:16:f5: aa:5f:ec:0c:5a:ee:50:54:4d:07:b4:7c:63:29:4c: 8b:8f:e7:02:57:ec:1c:75:61:63:a5:6d:5c:ef:73: 04:4e:ce:3c:12:fd:dc:3d:a3:f5:c0:3d:8a:68:65: cf:36:71:d2:7d:17:f2:5d:53:95:68:09:66:8c:16: 3d:6b:51:32:47:11:b3:41:3b:c3:52:27:d0:b1:54: 42:b9:eb:1d:ef:44:6d:1f:94:28:3e:58:a3:f9:15: 04:fb:74:d3:00:58:08:b8:dd:98:b7:e2:ec:b6:e6: a9:b8:db:8d:1b:35:d5:a7:69:2d:8f:1a:01:6e:30: a7:cf:67:28:39:66:9d:da:c5:d7:95:27:d1:65:62: 6d:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:71:94:90:18:E7:66:5C:CF:07:54:67:F0:8B:62:4E:1B:AF:42:F8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143715.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a429::/32 Signature Algorithm: sha256WithRSAEncryption d6:de:58:aa:76:01:ac:61:15:13:13:ca:5d:d4:a2:08:69:c1: 53:cb:f1:49:39:79:93:c7:b3:1a:d5:ff:37:a2:1a:74:81:ce: f9:6d:b1:ce:d7:94:45:8d:19:ac:79:94:26:1d:1d:86:0e:2e: 3a:9f:62:51:3c:8a:09:e6:8b:26:9e:01:5a:0a:8d:35:b8:33: bc:4d:bc:96:92:7c:be:1a:56:aa:f0:03:bb:1d:9a:f1:8f:d7: 3a:3b:aa:36:55:71:7e:ab:c9:cd:83:aa:b4:8f:9b:99:c5:50: 59:3e:52:6c:c1:c4:39:d3:6e:03:c2:fd:98:42:09:01:fe:11: 3a:22:c6:2b:99:39:ba:43:9f:ca:3c:57:3a:d3:0c:62:f6:93: 16:0f:eb:29:48:88:2f:1c:bd:29:e3:83:8a:3c:75:29:08:a0: 4b:45:9c:58:75:21:ed:53:d0:52:54:f8:dd:92:53:28:89:88: 1b:65:11:31:ac:88:ba:48:bc:02:23:a0:9d:b6:1b:b2:43:7c: a6:f6:df:62:84:71:6b:07:09:9c:1e:ff:14:d7:19:a0:17:d7: 2b:ff:6e:89:eb:9c:61:5c:9d:01:bf:f4:76:d1:e1:ab:7b:3e: 6d:19:2e:68:75:33:a2:f2:79:16:9e:5e:df:be:98:f0:e6:2c: db:02:a2:04 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPReXFGmf16dK7zgw73z9toXvzxEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAwOVoX DTI3MDMwMzA2MTUwOVowMzExMC8GA1UEAxMoRTY3MTk0OTAxOEU3NjY1Q0NGMDc1 NDY3RjA4QjYyNEUxQkFGNDJGODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIYq2S5gy98ld3jtuBvxkf+CIDK2ZpXWX90O/2uxJ+iAUeNh+ivZhHGo4C3g 5uo3wLCD1+Mp/1i/anhOExhORRhkQ0TDQj2duCFwEAnwVbYMOouCKn5F6lQR6uh4 gQt3LHX4sDan4MOQrd7VZ9U/Ac2MuVQZqRb1ql/sDFruUFRNB7R8YylMi4/nAlfs HHVhY6VtXO9zBE7OPBL93D2j9cA9imhlzzZx0n0X8l1TlWgJZowWPWtRMkcRs0E7 w1In0LFUQrnrHe9EbR+UKD5Yo/kVBPt00wBYCLjdmLfi7LbmqbjbjRs11adpLY8a AW4wp89nKDlmndrF15Un0WVibYMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTmcZSQ GOdmXM8HVGfwi2JOG69C+DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzcxNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pCkwDQYJKoZIhvcNAQELBQADggEBANbeWKp2AaxhFRMTyl3UoghpwVPL8Uk5eZPH sxrV/zeiGnSBzvltsc7XlEWNGax5lCYdHYYOLjqfYlE8ignmiyaeAVoKjTW4M7xN vJaSfL4aVqrwA7sdmvGP1zo7qjZVcX6ryc2DqrSPm5nFUFk+UmzBxDnTbgPC/ZhC CQH+EToixiuZObpDn8o8VzrTDGL2kxYP6ylIiC8cvSnjg4o8dSkIoEtFnFh1Ie1T 0FJU+N2SUyiJiBtlETGsiLpIvAIjoJ22G7JDfKb232KEcWsHCZwe/xTXGaAX1yv/ bonrnGFcnQG/9HbR4at7Pm0ZLmh1M6LyeRaeXt++mPDmLNsCogQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:43 2026 by rpki-client