$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143725.roa File: AS143725.roa (raw, json) Hash identifier: UJa1c8xI65j28mmd/NLCyGAVVhNOx/Pwz47ASGLvoxc= Subject key identifier: 1D:A6:80:78:84:23:3C:BA:A7:84:C5:65:20:AB:7F:7B:51:87:04:A8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 36AA0CBD953FEC96A8A65570E1058D311A7682C8 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143725.roa Signing time: Wed 04 Mar 2026 06:15:48 +0000 ROA not before: Wed 04 Mar 2026 06:10:48 +0000 ROA not after: Wed 03 Mar 2027 06:15:48 +0000 asID: 143725 IP address blocks: 240a:a433::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:aa:0c:bd:95:3f:ec:96:a8:a6:55:70:e1:05:8d:31:1a:76:82:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:48 2026 GMT Not After : Mar 3 06:15:48 2027 GMT Subject: CN=1DA6807884233CBAA784C56520AB7F7B518704A8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:19:62:ef:38:d3:25:c7:18:33:94:b3:28:99: 9c:f5:75:79:a5:47:1a:17:87:f1:66:61:e6:82:f2: fb:2c:a5:e5:1a:15:7a:34:1c:c6:c0:d9:11:42:02: 9a:a7:c7:de:79:30:54:e2:e6:32:03:72:00:e7:89: 62:0a:e4:57:eb:73:67:2c:f5:ac:9b:92:1a:ea:ab: 0b:27:6b:05:cf:d5:56:d5:f7:dd:a7:b6:15:5c:eb: 37:b0:49:da:df:3f:84:d3:97:4a:15:50:66:fb:2a: e1:24:94:7f:1a:9b:d1:c8:c2:47:60:a6:bb:8d:5f: 5c:fd:8b:41:39:d8:6f:84:a5:c3:0a:bf:cb:89:8c: 3e:f4:82:37:21:ef:49:c6:17:4f:40:a7:00:2d:45: 44:8d:24:17:bf:23:5c:6b:a6:41:01:6a:58:bb:b1: 8c:62:f8:b1:3d:64:22:d5:05:30:da:73:62:56:79: 6b:c1:db:ad:c8:c4:00:3d:5e:01:60:e0:e0:fa:7e: 9c:72:8d:a0:c4:3a:c7:df:c4:1e:a5:df:d5:79:b7: 21:5f:fd:e4:40:7e:6c:b5:27:1f:0f:ab:8a:f5:2e: 50:f0:3d:a5:32:c7:e8:bb:aa:7c:2f:d1:3e:21:6f: 8f:a7:85:15:73:37:bf:61:77:94:e0:34:a3:22:d7: a6:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:A6:80:78:84:23:3C:BA:A7:84:C5:65:20:AB:7F:7B:51:87:04:A8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143725.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a433::/32 Signature Algorithm: sha256WithRSAEncryption 2b:e1:b5:52:be:d0:57:ef:ca:c1:7d:80:a9:b5:2b:6f:2c:68: c5:ca:2d:04:d2:4c:15:1c:ba:16:38:7a:3f:2f:3f:a1:84:f9: 01:15:2d:eb:09:00:bf:f5:ef:16:95:36:18:27:5f:7c:b9:3a: 69:68:ee:8f:4a:80:59:fd:e7:ee:50:d3:ab:ef:8f:4f:20:3c: 7e:b3:42:4a:6a:fc:48:ab:4c:0d:28:31:33:08:d8:62:47:b7: 15:67:82:c8:ae:f7:66:01:fb:33:14:9b:80:d5:81:ae:f3:0d: af:33:c7:50:69:03:30:86:8a:28:34:59:26:ac:60:4f:dd:f8: b1:65:4a:30:1d:55:e7:fb:73:7d:4a:49:fb:f3:9a:9a:bc:3e: ff:50:a5:87:4a:7d:09:6d:2f:c1:d0:9e:ac:ee:26:23:32:ef: 49:28:71:a5:3f:52:59:09:96:58:98:f3:65:8f:7d:46:44:77: 48:5e:d5:f1:be:49:42:d6:93:9f:c3:48:4a:02:03:10:f9:88: 51:03:b1:28:ba:e8:6c:d2:89:74:8e:cb:ba:19:6b:f7:1b:7f: 33:c6:1e:7e:66:0c:c3:73:fe:88:60:df:f6:f1:02:bb:f2:5e: e2:e6:ea:9b:3d:43:e2:18:42:24:c0:8c:4d:5e:79:cd:60:0d: 46:b3:80:3f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUNqoMvZU/7JaoplVw4QWNMRp2gsgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTA0OFoX DTI3MDMwMzA2MTU0OFowMzExMC8GA1UEAxMoMURBNjgwNzg4NDIzM0NCQUE3ODRD NTY1MjBBQjdGN0I1MTg3MDRBODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK0ZYu840yXHGDOUsyiZnPV1eaVHGheH8WZh5oLy+yyl5RoVejQcxsDZEUIC mqfH3nkwVOLmMgNyAOeJYgrkV+tzZyz1rJuSGuqrCydrBc/VVtX33ae2FVzrN7BJ 2t8/hNOXShVQZvsq4SSUfxqb0cjCR2Cmu41fXP2LQTnYb4Slwwq/y4mMPvSCNyHv ScYXT0CnAC1FRI0kF78jXGumQQFqWLuxjGL4sT1kItUFMNpzYlZ5a8HbrcjEAD1e AWDg4Pp+nHKNoMQ6x9/EHqXf1Xm3IV/95EB+bLUnHw+rivUuUPA9pTLH6LuqfC/R PiFvj6eFFXM3v2F3lOA0oyLXpr8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQdpoB4 hCM8uqeExWUgq397UYcEqDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzcyNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pDMwDQYJKoZIhvcNAQELBQADggEBACvhtVK+0FfvysF9gKm1K28saMXKLQTSTBUc uhY4ej8vP6GE+QEVLesJAL/17xaVNhgnX3y5Omlo7o9KgFn95+5Q06vvj08gPH6z Qkpq/EirTA0oMTMI2GJHtxVngsiu92YB+zMUm4DVga7zDa8zx1BpAzCGiig0WSas YE/d+LFlSjAdVef7c31KSfvzmpq8Pv9QpYdKfQltL8HQnqzuJiMy70kocaU/UlkJ lliY82WPfUZEd0he1fG+SULWk5/DSEoCAxD5iFEDsSi66GzSiXSOy7oZa/cbfzPG Hn5mDMNz/ohg3/bxArvyXuLm6ps9Q+IYQiTAjE1eec1gDUazgD8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:11 2026 by rpki-client