$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143718.roa File: AS143718.roa (raw, json) Hash identifier: abbyI9F3INc4iLGuQYOrfgNs6iTNB4K9aodG3J/0lw8= Subject key identifier: 71:9D:3D:84:C8:A9:9A:9A:94:3D:99:4D:D0:8D:F6:33:48:C7:B4:2B Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2F397AFE072A300B821A939E50C6640EDB286DFE Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143718.roa Signing time: Wed 04 Mar 2026 06:15:01 +0000 ROA not before: Wed 04 Mar 2026 06:10:01 +0000 ROA not after: Wed 03 Mar 2027 06:15:01 +0000 asID: 143718 IP address blocks: 240a:a42c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:39:7a:fe:07:2a:30:0b:82:1a:93:9e:50:c6:64:0e:db:28:6d:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:01 2026 GMT Not After : Mar 3 06:15:01 2027 GMT Subject: CN=719D3D84C8A99A9A943D994DD08DF63348C7B42B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:38:05:8b:2b:b8:b8:ff:50:48:4e:a4:84:a8: 34:3a:d9:96:c8:e3:23:41:a6:6b:15:36:0d:86:2d: 6d:bf:62:01:93:1e:a1:54:ee:1a:60:0f:dc:01:22: 43:2b:d4:5d:dc:a8:12:fe:3b:1e:93:8a:ab:25:a7: e2:2e:3f:ef:8a:05:8f:55:d9:40:f6:17:06:9d:90: 62:02:5b:54:6e:9d:0a:a3:2f:d3:5a:46:3a:37:14: 1c:87:5a:09:56:fe:56:f5:92:f3:b0:c2:bd:13:67: a5:c3:ea:24:9a:cf:ee:a4:b2:bb:ce:c4:87:7c:e7: c6:dc:1e:6e:20:db:c7:4c:b9:87:00:2a:22:37:34: ef:6a:ea:b1:09:ed:40:85:3e:0e:04:b6:72:86:fc: 44:b9:bb:23:50:b1:bf:8c:1c:d3:32:39:0c:85:01: 30:03:94:f8:20:85:c0:84:2f:ea:05:42:93:dd:95: 58:e0:f2:02:d9:ed:2a:7c:2e:49:b1:ed:c5:ee:5f: 7a:59:f8:45:97:70:91:05:31:c1:dd:f0:af:a3:e5: c9:fb:fc:81:35:2a:1a:84:12:2b:5c:18:da:43:7c: 91:db:8c:65:af:65:e0:18:34:64:e0:9e:3d:7f:d9: 10:5a:dc:e3:91:ad:54:73:f6:ac:04:2d:8e:a3:f3: 92:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:9D:3D:84:C8:A9:9A:9A:94:3D:99:4D:D0:8D:F6:33:48:C7:B4:2B X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143718.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a42c::/32 Signature Algorithm: sha256WithRSAEncryption 8e:24:87:ba:ce:c3:d5:85:05:81:7d:12:ae:29:77:9d:93:b3: 20:b0:98:25:56:24:5e:dc:7e:7b:b0:5a:ed:89:18:6c:6d:de: 7d:89:97:2f:23:4c:02:a3:6a:d6:2d:f8:93:45:44:b2:54:ad: 84:23:d6:b7:c3:11:0e:28:cf:9b:ed:f0:14:f1:ce:9c:11:7c: d8:5b:b6:fe:8a:a4:37:3f:52:e2:ae:d9:39:d7:49:e6:b7:d3: 51:d9:dc:ad:4f:b1:f0:8e:68:ac:8b:0c:2a:f2:77:83:95:d1: 26:0c:5f:58:26:a1:d9:99:46:69:a2:d6:66:d9:fe:eb:01:e1: b3:c8:bd:7d:64:6e:5e:ee:9f:b8:78:2f:3d:88:34:df:e3:c5: 45:f4:70:ad:88:d9:b4:4e:41:62:45:76:b0:9d:80:aa:38:53: 49:d1:25:ea:c5:82:e0:a9:64:ba:1d:41:1b:ab:98:3a:0c:ae: c3:12:e6:05:8a:63:dd:79:bd:0f:65:fd:72:68:a1:e7:7a:59: b4:f7:02:25:42:ff:3e:93:0b:0c:f2:12:c8:6c:89:a7:70:2d: 70:b2:cf:29:3b:7f:01:c6:5b:28:65:b8:fb:2f:68:e7:43:1a: ad:11:81:ae:7c:f2:b3:2f:0a:ad:46:e9:31:22:e7:bb:3c:b6: ba:ec:1f:bb -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULzl6/gcqMAuCGpOeUMZkDtsobf4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAwMVoX DTI3MDMwMzA2MTUwMVowMzExMC8GA1UEAxMoNzE5RDNEODRDOEE5OUE5QTk0M0Q5 OTRERDA4REY2MzM0OEM3QjQyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL84BYsruLj/UEhOpISoNDrZlsjjI0GmaxU2DYYtbb9iAZMeoVTuGmAP3AEi QyvUXdyoEv47HpOKqyWn4i4/74oFj1XZQPYXBp2QYgJbVG6dCqMv01pGOjcUHIda CVb+VvWS87DCvRNnpcPqJJrP7qSyu87Eh3znxtwebiDbx0y5hwAqIjc072rqsQnt QIU+DgS2cob8RLm7I1Cxv4wc0zI5DIUBMAOU+CCFwIQv6gVCk92VWODyAtntKnwu SbHtxe5feln4RZdwkQUxwd3wr6Plyfv8gTUqGoQSK1wY2kN8kduMZa9l4Bg0ZOCe PX/ZEFrc45GtVHP2rAQtjqPzkjECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRxnT2E yKmampQ9mU3QjfYzSMe0KzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzcxOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pCwwDQYJKoZIhvcNAQELBQADggEBAI4kh7rOw9WFBYF9Eq4pd52TsyCwmCVWJF7c fnuwWu2JGGxt3n2Jly8jTAKjatYt+JNFRLJUrYQj1rfDEQ4oz5vt8BTxzpwRfNhb tv6KpDc/UuKu2TnXSea301HZ3K1PsfCOaKyLDCryd4OV0SYMX1gmodmZRmmi1mbZ /usB4bPIvX1kbl7un7h4Lz2INN/jxUX0cK2I2bROQWJFdrCdgKo4U0nRJerFguCp ZLodQRurmDoMrsMS5gWKY915vQ9l/XJooed6WbT3AiVC/z6TCwzyEshsiadwLXCy zyk7fwHGWyhluPsvaOdDGq0Rga588rMvCq1G6TEi57s8trrsH7s= -----END CERTIFICATE-----Generated at Sat Mar 28 14:26:35 2026 by rpki-client