$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143731.roa File: AS143731.roa (raw, json) Hash identifier: zeSHAfllOr+fvjrDUEAblwBAbW968HhEEb6pRZS655I= Subject key identifier: A9:74:B4:E1:89:CC:8A:D9:96:CC:F4:65:40:B2:94:31:CE:65:11:10 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1F43F49ED9C1C61512BD613FA2A2B797F0691D28 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143731.roa Signing time: Wed 04 Mar 2026 06:14:25 +0000 ROA not before: Wed 04 Mar 2026 06:09:25 +0000 ROA not after: Wed 03 Mar 2027 06:14:25 +0000 asID: 143731 IP address blocks: 240a:a439::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:43:f4:9e:d9:c1:c6:15:12:bd:61:3f:a2:a2:b7:97:f0:69:1d:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:25 2026 GMT Not After : Mar 3 06:14:25 2027 GMT Subject: CN=A974B4E189CC8AD996CCF46540B29431CE651110 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:5b:f2:25:e7:b5:bb:65:57:50:0d:6c:f8:0c: 24:b4:63:3e:04:33:bb:14:a9:8d:0f:a7:ef:64:6f: 83:4d:a9:1d:be:aa:36:0f:22:50:9b:9f:ec:02:71: c6:80:d8:f2:2d:5d:79:3e:1e:45:70:c0:7e:71:d6: e5:6b:af:0d:55:67:ed:18:43:73:1b:65:4e:f8:e5: 55:a8:f2:9a:d7:ed:e7:fc:e9:ea:92:01:a2:0a:8b: 33:9a:a8:eb:48:cf:fd:23:e6:da:38:f6:c2:7c:c9: 67:4d:03:3e:85:13:24:28:49:15:dd:d1:e7:f7:ba: b1:28:31:2a:ec:78:a8:f5:fa:30:b1:0d:05:b4:cf: f9:77:81:a0:9c:25:85:fa:b1:b1:37:24:fe:59:76: 0a:08:2b:80:a0:eb:7f:cb:ab:cf:63:6f:4b:24:ad: 6b:8e:dd:f6:03:47:3b:75:61:70:e9:97:36:5b:89: c8:ea:a8:9d:2c:0a:36:03:9f:05:1d:86:c6:13:32: be:1f:8d:c5:a1:f3:ac:8b:58:5b:d6:4e:3b:e8:86: 32:49:32:84:97:5b:10:34:32:e5:a3:0d:cb:4c:8e: 68:9f:60:73:01:39:a2:80:e6:e9:ab:99:f0:98:a7: 67:cf:c8:23:20:3f:36:0b:61:3b:4e:c5:dc:99:ce: f7:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:74:B4:E1:89:CC:8A:D9:96:CC:F4:65:40:B2:94:31:CE:65:11:10 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143731.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a439::/32 Signature Algorithm: sha256WithRSAEncryption ad:7e:89:14:da:36:18:43:db:3f:10:08:be:b0:72:71:7e:fc: 0b:e9:99:4c:ed:52:b7:8e:12:9f:23:87:c9:70:a1:7a:41:3d: 15:08:1c:16:8f:e5:5a:d8:19:56:53:1d:64:63:12:17:26:a7: 84:93:75:97:d7:3c:45:9b:16:f9:8a:37:4e:86:e9:bb:b3:98: f9:7a:46:2b:f6:98:72:d0:84:86:40:c8:cb:07:ee:78:d6:5a: 4c:7c:73:c3:b8:ab:ee:23:f8:3a:98:9f:aa:ec:e3:fe:ff:86: 8f:51:f8:33:4f:cc:be:d8:e9:99:56:ac:a0:64:82:87:4b:e6: 56:fc:ea:fc:90:65:43:14:98:c1:22:40:03:ce:3d:ce:91:be: 41:e1:42:58:31:bc:20:01:83:43:57:15:1c:32:1f:f8:30:e3: 38:f3:89:ae:c7:9e:2a:e8:6f:ce:2d:81:59:b2:39:3a:5d:b6: 51:85:07:78:14:32:af:f0:9e:1a:6a:79:b7:35:72:d9:fa:78: fb:92:9d:8c:27:53:a8:a8:7a:b0:d8:af:8e:43:70:c5:c9:ed: be:c6:49:9e:cf:32:dd:7d:b4:f8:69:1a:e0:8f:ac:3e:a3:13: 75:fd:aa:5b:59:46:b0:ed:47:ab:0e:e6:b8:b1:ba:7c:0c:c2: 6b:bb:66:43 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUH0P0ntnBxhUSvWE/oqK3l/BpHSgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkyNVoX DTI3MDMwMzA2MTQyNVowMzExMC8GA1UEAxMoQTk3NEI0RTE4OUNDOEFEOTk2Q0NG NDY1NDBCMjk0MzFDRTY1MTExMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOBb8iXntbtlV1ANbPgMJLRjPgQzuxSpjQ+n72Rvg02pHb6qNg8iUJuf7AJx xoDY8i1deT4eRXDAfnHW5WuvDVVn7RhDcxtlTvjlVajymtft5/zp6pIBogqLM5qo 60jP/SPm2jj2wnzJZ00DPoUTJChJFd3R5/e6sSgxKux4qPX6MLENBbTP+XeBoJwl hfqxsTck/ll2CggrgKDrf8urz2NvSySta47d9gNHO3VhcOmXNluJyOqonSwKNgOf BR2GxhMyvh+NxaHzrItYW9ZOO+iGMkkyhJdbEDQy5aMNy0yOaJ9gcwE5ooDm6auZ 8JinZ8/IIyA/NgthO07F3JnO9yECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSpdLTh icyK2ZbM9GVAspQxzmUREDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzczMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pDkwDQYJKoZIhvcNAQELBQADggEBAK1+iRTaNhhD2z8QCL6wcnF+/AvpmUztUreO Ep8jh8lwoXpBPRUIHBaP5VrYGVZTHWRjEhcmp4STdZfXPEWbFvmKN06G6buzmPl6 Riv2mHLQhIZAyMsH7njWWkx8c8O4q+4j+DqYn6rs4/7/ho9R+DNPzL7Y6ZlWrKBk godL5lb86vyQZUMUmMEiQAPOPc6RvkHhQlgxvCABg0NXFRwyH/gw4zjzia7Hniro b84tgVmyOTpdtlGFB3gUMq/wnhpqebc1ctn6ePuSnYwnU6ioerDYr45DcMXJ7b7G SZ7PMt19tPhpGuCPrD6jE3X9qltZRrDtR6sO5rixunwMwmu7ZkM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:03 2026 by rpki-client