$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143727.roa File: AS143727.roa (raw, json) Hash identifier: oRBt4yoeaDf48xY9Eoh7HwAc6gpuwqEmfa7US0JhUCI= Subject key identifier: 5C:54:48:D0:B7:5B:DA:8D:F8:A4:F8:CE:B8:A8:18:7C:81:59:F0:07 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 50FA50414F211C4A0FB7066A5CE515C80B42FD8C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143727.roa Signing time: Wed 04 Mar 2026 06:13:17 +0000 ROA not before: Wed 04 Mar 2026 06:08:17 +0000 ROA not after: Wed 03 Mar 2027 06:13:17 +0000 asID: 143727 IP address blocks: 240a:a435::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:fa:50:41:4f:21:1c:4a:0f:b7:06:6a:5c:e5:15:c8:0b:42:fd:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:17 2026 GMT Not After : Mar 3 06:13:17 2027 GMT Subject: CN=5C5448D0B75BDA8DF8A4F8CEB8A8187C8159F007 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:65:e3:61:40:d6:ff:e3:d4:46:28:19:55:76: b9:f9:eb:4b:ef:89:87:ba:f0:b3:fd:bd:e9:a7:58: 23:67:1a:ee:7a:55:5d:c1:e0:f6:75:d1:2e:fd:fb: 50:eb:12:70:4a:d1:24:5b:b6:3a:a0:78:84:aa:54: 80:d2:4a:80:df:10:78:70:d6:16:1e:e7:59:02:16: e5:60:79:9a:24:d3:00:7c:7c:86:91:51:e1:4e:96: b1:fb:33:81:94:3f:3b:a9:37:6e:d1:03:e5:b1:86: ef:19:d1:5b:e9:d5:eb:63:91:59:e6:0d:d0:bc:68: 05:24:a9:9b:4d:3a:0d:18:92:12:8d:c1:73:dd:24: b8:16:55:df:ea:1c:16:97:fc:9f:97:3c:ac:3c:24: c5:0a:26:47:eb:24:3b:fb:8f:36:1b:02:4d:24:42: df:4f:7b:35:1f:4f:b6:e1:02:1f:76:2c:97:1d:8c: f4:6e:9a:93:6c:a0:2c:96:95:b8:b1:f5:b6:a3:eb: da:5d:bb:cf:33:71:6e:05:3c:51:ba:20:ab:10:84: 08:aa:f9:f5:49:47:43:b3:e9:2b:2f:1a:eb:6c:57: 3a:8c:d9:b2:53:5c:e0:79:bf:c6:f3:30:e3:22:c5: 50:07:4f:bc:8b:27:8b:55:9a:4b:97:0a:70:a9:48: 00:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:54:48:D0:B7:5B:DA:8D:F8:A4:F8:CE:B8:A8:18:7C:81:59:F0:07 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143727.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a435::/32 Signature Algorithm: sha256WithRSAEncryption bc:b4:db:9f:74:7a:95:7f:c5:aa:48:ad:bb:ae:18:a6:38:49: 04:73:4d:4f:cc:2f:3d:e6:2b:da:57:f6:03:6c:b4:56:f0:39: 82:c0:e6:4b:e5:f9:8d:43:d5:e5:e3:38:2e:86:3b:49:fa:88: 5c:10:ba:b9:f7:56:24:c5:bd:02:2f:25:73:22:4a:fa:92:4b: 45:01:20:cd:96:cb:94:d9:88:3b:50:40:7b:cb:94:32:2a:be: 7f:8a:f1:85:0c:27:d3:00:e7:43:a4:79:3a:ad:fb:52:d9:c1: b5:e1:3b:35:40:6d:f8:6f:b2:a3:4d:39:f6:ad:48:1b:3f:0b: d5:60:81:7b:a0:a2:88:c4:c3:e9:f8:35:39:71:4c:aa:5c:c8: f0:cc:6e:65:fe:5d:ca:a1:9e:4e:ea:17:7b:f0:f4:7a:d3:62: c7:a3:a8:3f:41:aa:c0:36:9f:42:f7:18:f1:f5:4b:d2:89:8e: d7:ec:2c:1b:d8:8f:3f:e8:12:ad:e2:c6:d9:73:7e:0b:0f:59: 66:3e:ee:ef:14:cf:8a:db:42:c1:4e:c8:69:c3:ff:b7:d8:e2: 81:5b:ce:ef:e9:b3:28:fc:e6:48:af:0d:e4:16:47:20:76:61: 3c:a5:6e:5e:b5:4a:32:16:8c:af:42:31:88:a9:7e:c9:02:d6: a2:89:24:56 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUUPpQQU8hHEoPtwZqXOUVyAtC/YwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgxN1oX DTI3MDMwMzA2MTMxN1owMzExMC8GA1UEAxMoNUM1NDQ4RDBCNzVCREE4REY4QTRG OENFQjhBODE4N0M4MTU5RjAwNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALxl42FA1v/j1EYoGVV2ufnrS++Jh7rws/296adYI2ca7npVXcHg9nXRLv37 UOsScErRJFu2OqB4hKpUgNJKgN8QeHDWFh7nWQIW5WB5miTTAHx8hpFR4U6Wsfsz gZQ/O6k3btED5bGG7xnRW+nV62ORWeYN0LxoBSSpm006DRiSEo3Bc90kuBZV3+oc Fpf8n5c8rDwkxQomR+skO/uPNhsCTSRC3097NR9PtuECH3Yslx2M9G6ak2ygLJaV uLH1tqPr2l27zzNxbgU8UbogqxCECKr59UlHQ7PpKy8a62xXOozZslNc4Hm/xvMw 4yLFUAdPvIsni1WaS5cKcKlIAJ0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRcVEjQ t1vajfik+M64qBh8gVnwBzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzcyNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pDUwDQYJKoZIhvcNAQELBQADggEBALy02590epV/xapIrbuuGKY4SQRzTU/MLz3m K9pX9gNstFbwOYLA5kvl+Y1D1eXjOC6GO0n6iFwQurn3ViTFvQIvJXMiSvqSS0UB IM2Wy5TZiDtQQHvLlDIqvn+K8YUMJ9MA50OkeTqt+1LZwbXhOzVAbfhvsqNNOfat SBs/C9VggXugoojEw+n4NTlxTKpcyPDMbmX+Xcqhnk7qF3vw9HrTYsejqD9BqsA2 n0L3GPH1S9KJjtfsLBvYjz/oEq3ixtlzfgsPWWY+7u8Uz4rbQsFOyGnD/7fY4oFb zu/psyj85kivDeQWRyB2YTylbl61SjIWjK9CMYipfskC1qKJJFY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:12 2026 by rpki-client