$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143729.roa File: AS143729.roa (raw, json) Hash identifier: BsSMzj5CrBSwpFOCxLt4hSmIZQT+g3PJa/yNR/I/A54= Subject key identifier: 18:06:36:98:36:4E:37:C3:E9:60:F9:1F:0D:C2:81:CC:F8:99:DD:67 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 22517CC345C20189C47F32221AE9F6A53E5189F0 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143729.roa Signing time: Wed 04 Mar 2026 06:14:11 +0000 ROA not before: Wed 04 Mar 2026 06:09:11 +0000 ROA not after: Wed 03 Mar 2027 06:14:11 +0000 asID: 143729 IP address blocks: 240a:a437::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:51:7c:c3:45:c2:01:89:c4:7f:32:22:1a:e9:f6:a5:3e:51:89:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:11 2026 GMT Not After : Mar 3 06:14:11 2027 GMT Subject: CN=18063698364E37C3E960F91F0DC281CCF899DD67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:69:4b:15:39:3b:be:35:91:c7:9a:c9:67:5c: 35:56:98:7f:8d:7e:4f:f5:26:ee:1b:82:6d:74:2b: 6c:10:40:51:9a:74:cc:6f:de:8c:b0:03:ba:d5:c2: ab:34:fe:7a:55:42:f5:ae:59:e2:ec:fc:f0:0f:e0: 54:9b:59:48:04:37:f6:96:2a:fe:0e:35:82:23:6f: 27:a1:9a:08:db:26:73:2a:94:b2:91:68:e3:76:5e: 2e:fc:4a:26:f8:b2:77:a3:27:fa:aa:78:6b:98:c3: 16:0a:a8:71:ec:6e:77:56:71:44:68:8f:af:b6:10: 3b:1e:9e:c9:4c:2b:7a:11:e9:56:a7:7a:a1:2c:05: 62:e9:d8:60:3b:d2:0d:b0:13:ba:aa:6f:f6:f8:f6: b7:c1:2f:82:4d:42:22:64:6d:68:ce:e1:de:1e:03: eb:21:75:6f:63:b6:ad:dc:9f:b0:c9:22:29:a2:83: 3f:39:20:e7:69:79:17:c1:b9:c9:3b:9f:40:55:4f: 26:9f:6e:cd:12:6b:82:46:95:7e:30:5a:e1:96:58: eb:6a:b7:15:88:26:ae:c9:26:33:47:3d:48:43:6f: a6:d0:fd:e8:34:d8:40:d7:69:5a:96:43:15:d9:10: e3:08:08:97:ab:16:b4:24:18:ad:5b:79:03:a2:b6: dd:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:06:36:98:36:4E:37:C3:E9:60:F9:1F:0D:C2:81:CC:F8:99:DD:67 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143729.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a437::/32 Signature Algorithm: sha256WithRSAEncryption 92:71:da:65:6e:9c:2f:50:d4:0c:ef:97:c6:10:cc:b9:c0:da: 32:c2:5b:07:df:60:e9:36:4d:44:ec:f5:97:30:6e:ea:e8:c9: 36:ef:7a:bb:f9:62:33:0e:fa:ff:88:60:d3:03:2d:3e:d8:21: 68:7c:88:b8:5b:68:50:2e:a5:3d:59:01:2c:8e:e4:6f:8d:9c: b1:79:e0:70:29:5e:bc:87:8f:9b:60:a8:64:58:a4:24:61:87: f8:3e:bd:5f:40:a3:46:57:be:42:ed:a3:67:9c:19:61:63:e2: c6:d9:7d:78:45:4b:6f:1e:63:70:5b:0f:6d:57:47:fc:af:a4: b1:ce:16:a8:f3:ce:ee:8a:71:09:7d:bc:07:47:6b:f8:1b:61: 58:98:2a:1e:00:39:f7:46:f9:7d:d1:01:d2:1b:18:99:f5:1d: fe:c8:be:42:8b:03:fe:fe:f7:f4:ff:de:c1:70:a5:ea:84:e5: af:40:3d:02:8e:94:0b:46:1f:30:2e:66:96:ec:af:48:7d:b9: d2:4d:72:e9:a8:bf:e3:a8:8c:cf:4a:55:0c:83:f5:39:39:df: e0:46:59:3b:ff:8f:74:65:bb:f1:33:d6:fe:32:6d:a6:57:d3: 22:d6:37:7f:6b:41:4c:b0:fc:3c:b8:ab:71:e3:ba:51:d9:a1: 7d:7c:10:1f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUIlF8w0XCAYnEfzIiGun2pT5RifAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkxMVoX DTI3MDMwMzA2MTQxMVowMzExMC8GA1UEAxMoMTgwNjM2OTgzNjRFMzdDM0U5NjBG OTFGMERDMjgxQ0NGODk5REQ2NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALdpSxU5O741kceayWdcNVaYf41+T/Um7huCbXQrbBBAUZp0zG/ejLADutXC qzT+elVC9a5Z4uz88A/gVJtZSAQ39pYq/g41giNvJ6GaCNsmcyqUspFo43ZeLvxK Jviyd6Mn+qp4a5jDFgqocexud1ZxRGiPr7YQOx6eyUwrehHpVqd6oSwFYunYYDvS DbATuqpv9vj2t8Evgk1CImRtaM7h3h4D6yF1b2O2rdyfsMkiKaKDPzkg52l5F8G5 yTufQFVPJp9uzRJrgkaVfjBa4ZZY62q3FYgmrskmM0c9SENvptD96DTYQNdpWpZD FdkQ4wgIl6sWtCQYrVt5A6K23fkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQYBjaY Nk43w+lg+R8NwoHM+JndZzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzcyOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pDcwDQYJKoZIhvcNAQELBQADggEBAJJx2mVunC9Q1Azvl8YQzLnA2jLCWwffYOk2 TUTs9ZcwburoyTbverv5YjMO+v+IYNMDLT7YIWh8iLhbaFAupT1ZASyO5G+NnLF5 4HApXryHj5tgqGRYpCRhh/g+vV9Ao0ZXvkLto2ecGWFj4sbZfXhFS28eY3BbD21X R/yvpLHOFqjzzu6KcQl9vAdHa/gbYViYKh4AOfdG+X3RAdIbGJn1Hf7IvkKLA/7+ 9/T/3sFwpeqE5a9APQKOlAtGHzAuZpbsr0h9udJNcumov+OojM9KVQyD9Tk53+BG WTv/j3Rlu/Ez1v4ybaZX0yLWN39rQUyw/Dy4q3HjulHZoX18EB8= -----END CERTIFICATE-----Generated at Sat Mar 28 13:14:18 2026 by rpki-client