$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143723.roa File: AS143723.roa (raw, json) Hash identifier: ebaD9mGWcN6KpltykO/+43CKYZAUnKhwz4C5ZxcC3/A= Subject key identifier: 41:C8:79:23:D7:D7:D0:2F:19:EE:60:85:E4:4B:DA:9E:47:7A:61:A9 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 35726AC1A1C8524B57026D316B1627A29E7C6D09 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143723.roa Signing time: Wed 04 Mar 2026 06:15:24 +0000 ROA not before: Wed 04 Mar 2026 06:10:24 +0000 ROA not after: Wed 03 Mar 2027 06:15:24 +0000 asID: 143723 IP address blocks: 240a:a431::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:72:6a:c1:a1:c8:52:4b:57:02:6d:31:6b:16:27:a2:9e:7c:6d:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:24 2026 GMT Not After : Mar 3 06:15:24 2027 GMT Subject: CN=41C87923D7D7D02F19EE6085E44BDA9E477A61A9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:03:70:3a:3a:3a:85:bc:0a:8f:a7:b5:b2:21: 9b:a3:26:86:ef:4a:b6:73:ae:74:01:f8:3e:5b:a0: 88:86:36:e8:a9:c4:c3:df:9e:63:a4:3f:5c:74:6e: a9:81:8d:62:36:0a:59:c9:d1:1e:06:72:d1:9b:1d: 45:e9:b0:13:49:a2:b6:9b:d5:2b:5f:7b:9d:98:d2: 90:56:b0:0a:a3:70:d4:6a:34:b5:0a:13:20:c9:e6: dd:07:81:c2:94:7e:29:2e:77:2a:9f:03:7b:38:fe: 29:39:54:bc:00:bb:43:56:df:f6:67:d5:1d:40:65: ee:df:fe:df:a8:67:37:98:6a:78:e9:d9:b8:af:1e: 1e:f9:fa:13:14:8d:77:fd:d1:a6:7b:d9:3d:d5:b4: 97:78:fa:07:cd:d0:9b:21:d0:7c:8d:e8:fd:38:64: 2e:a4:ce:f8:e5:29:d4:13:33:51:37:55:81:60:39: 04:d1:ff:08:39:6c:9c:e8:77:d2:d7:2c:47:a8:85: a2:c2:45:c1:d4:a5:10:06:59:c9:d0:e3:96:e9:e9: 5a:42:44:9b:9d:58:dc:7a:7a:b2:fe:cd:94:e8:d4: 56:56:36:75:2d:15:38:aa:45:0c:f4:03:86:8b:46: 8d:45:62:ae:9c:c5:1d:57:11:bf:8a:59:37:4d:27: ad:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:C8:79:23:D7:D7:D0:2F:19:EE:60:85:E4:4B:DA:9E:47:7A:61:A9 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143723.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a431::/32 Signature Algorithm: sha256WithRSAEncryption 01:f7:cb:13:c3:ee:4b:54:df:a5:9d:42:3b:84:a4:e0:e5:15: 02:e9:2e:15:c8:2b:1c:30:4a:4d:fc:23:fc:6c:49:3d:ed:d9: 84:db:30:85:b2:f6:63:22:62:29:4b:d5:3d:a2:ab:9e:33:cc: e3:b8:1d:d3:2e:b9:b2:b9:42:9f:e3:f0:ad:7d:71:15:14:d9: ab:f5:6e:f3:3c:82:0e:26:f7:7f:72:ea:65:70:d6:e3:34:15: b3:7a:7b:c9:7d:c9:5b:69:26:7b:0c:11:a8:18:a9:d3:a7:fb: 40:f8:d1:69:e6:55:7b:c1:11:15:22:98:c6:af:04:5c:18:30: 4d:d8:ac:1b:1f:18:64:2b:87:3f:b9:3c:ca:bf:b6:15:97:c2: dd:84:33:e7:06:59:3d:c4:66:8d:3b:83:e9:e7:c6:97:e8:16: dd:1f:93:d9:08:64:9e:b1:5c:dc:12:60:1e:fa:c0:0c:67:25: 16:21:b9:05:a9:53:a3:33:8f:a5:61:62:a4:08:82:e7:cc:41: cc:99:04:99:a8:1e:4b:4c:d2:10:80:4e:56:ef:cc:c7:c3:af: 70:c0:85:be:88:52:88:fd:37:10:9a:77:be:b9:47:88:09:1d: 48:0b:23:2a:ad:c1:10:97:0c:b0:16:ed:ac:9c:63:6f:40:e8: bc:14:db:8d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNXJqwaHIUktXAm0xaxYnop58bQkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAyNFoX DTI3MDMwMzA2MTUyNFowMzExMC8GA1UEAxMoNDFDODc5MjNEN0Q3RDAyRjE5RUU2 MDg1RTQ0QkRBOUU0NzdBNjFBOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKIDcDo6OoW8Co+ntbIhm6Mmhu9KtnOudAH4PlugiIY26KnEw9+eY6Q/XHRu qYGNYjYKWcnRHgZy0ZsdRemwE0mitpvVK197nZjSkFawCqNw1Go0tQoTIMnm3QeB wpR+KS53Kp8Dezj+KTlUvAC7Q1bf9mfVHUBl7t/+36hnN5hqeOnZuK8eHvn6ExSN d/3RpnvZPdW0l3j6B83QmyHQfI3o/ThkLqTO+OUp1BMzUTdVgWA5BNH/CDlsnOh3 0tcsR6iFosJFwdSlEAZZydDjlunpWkJEm51Y3Hp6sv7NlOjUVlY2dS0VOKpFDPQD hotGjUVirpzFHVcRv4pZN00nrdkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRByHkj 19fQLxnuYIXkS9qeR3phqTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzcyMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pDEwDQYJKoZIhvcNAQELBQADggEBAAH3yxPD7ktU36WdQjuEpODlFQLpLhXIKxww Sk38I/xsST3t2YTbMIWy9mMiYilL1T2iq54zzOO4HdMuubK5Qp/j8K19cRUU2av1 bvM8gg4m939y6mVw1uM0FbN6e8l9yVtpJnsMEagYqdOn+0D40WnmVXvBERUimMav BFwYME3YrBsfGGQrhz+5PMq/thWXwt2EM+cGWT3EZo07g+nnxpfoFt0fk9kIZJ6x XNwSYB76wAxnJRYhuQWpU6Mzj6VhYqQIgufMQcyZBJmoHktM0hCATlbvzMfDr3DA hb6IUoj9NxCad765R4gJHUgLIyqtwRCXDLAW7aycY29A6LwU240= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:04 2026 by rpki-client