$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143735.roa File: AS143735.roa (raw, json) Hash identifier: QSJeaXGHe2Gh9Y6yBv6xvp9vJ7Yf7k7bOLYhiJPR1mU= Subject key identifier: F7:00:13:7F:EE:2A:10:F7:B9:71:33:0B:54:D9:6C:93:C5:48:54:A4 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3C13758A21309CBE5055F0347C93FC7B5173CE96 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143735.roa Signing time: Wed 04 Mar 2026 06:14:39 +0000 ROA not before: Wed 04 Mar 2026 06:09:39 +0000 ROA not after: Wed 03 Mar 2027 06:14:39 +0000 asID: 143735 IP address blocks: 240a:a43d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:13:75:8a:21:30:9c:be:50:55:f0:34:7c:93:fc:7b:51:73:ce:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:39 2026 GMT Not After : Mar 3 06:14:39 2027 GMT Subject: CN=F700137FEE2A10F7B971330B54D96C93C54854A4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:c7:0b:83:09:2b:fd:04:ab:69:bd:9e:60:12: b4:1e:20:95:d0:35:db:83:30:38:6f:e2:14:b4:fa: 2e:21:2b:31:19:10:3f:73:cc:83:c6:f0:7a:cb:61: 9c:b6:f3:32:24:e7:d1:9c:46:46:1b:62:34:89:6e: c2:89:eb:e1:b4:87:2b:84:95:21:cb:29:9c:d9:db: 1d:81:eb:f2:69:50:b7:e4:f4:a1:64:b2:2a:b4:bc: b8:17:94:cd:a7:81:b5:29:36:a4:21:73:f0:27:1b: 02:6a:ef:ad:7b:88:30:4d:8f:6d:4f:ee:6e:41:6b: 4d:52:9f:28:3a:9f:59:3d:ef:25:96:0f:c9:b9:97: 4b:6c:e7:af:35:40:ca:e7:af:9e:d4:f6:9b:d3:8f: 79:b6:fb:cf:0d:67:2c:ba:7e:12:5a:89:57:a5:e1: 42:14:08:bc:9d:84:8b:4e:17:58:14:67:f7:e7:d6: e3:8e:fe:85:4f:f3:f7:85:f6:e2:de:e8:e6:99:59: 04:63:29:ec:a2:f3:98:64:5e:1b:a0:ec:44:9f:57: 31:bc:08:fc:4b:aa:bf:90:b8:05:a5:c5:31:95:6e: 93:3d:13:89:b1:15:c0:25:25:e9:b0:0e:96:c3:ed: 3c:e0:19:62:66:e7:a5:dc:8a:69:c9:fb:ba:dc:d7: cc:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:00:13:7F:EE:2A:10:F7:B9:71:33:0B:54:D9:6C:93:C5:48:54:A4 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143735.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a43d::/32 Signature Algorithm: sha256WithRSAEncryption 8c:48:5f:b5:c0:39:47:08:39:52:19:58:80:1c:5f:9b:0c:da: d2:7c:88:51:10:0b:6f:50:95:8a:54:bc:ad:e8:6b:5f:5a:a6: 9f:54:b4:45:0e:0d:73:23:e8:5a:8a:73:b5:ff:fc:3b:c7:f1: 73:7a:48:5e:e0:62:c4:3b:aa:f2:85:29:68:44:b1:99:97:81: cf:07:67:a6:b0:96:86:2d:6c:2f:14:fb:b2:1c:84:17:59:f3: f5:e3:aa:4d:f0:56:6d:8d:df:91:cc:64:61:f8:e5:44:92:30: 0a:77:4f:36:4b:2b:7b:c2:9b:2b:77:8f:38:26:79:5e:04:a5: bb:ea:80:2e:53:18:41:c8:24:b8:01:df:15:28:36:7b:6f:f3: 03:c0:d0:37:d0:46:9f:15:ba:03:7d:7f:53:cc:40:a2:4b:66: f6:19:3d:05:cb:67:80:b4:ac:6d:03:1c:a2:99:13:73:ff:89: 4d:c3:08:29:19:38:ce:3a:48:52:a9:5d:86:ac:1d:f8:6b:6b: de:e4:dc:f9:03:f2:5e:60:27:9b:92:30:94:97:b2:65:17:a9: 61:77:e1:a4:44:46:c1:a0:21:68:4f:00:b1:70:2a:1a:5e:98: ae:e0:a0:5d:e9:e2:21:89:7b:cf:6c:00:b2:d5:79:4d:52:c5: 4b:7f:9e:24 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPBN1iiEwnL5QVfA0fJP8e1FzzpYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkzOVoX DTI3MDMwMzA2MTQzOVowMzExMC8GA1UEAxMoRjcwMDEzN0ZFRTJBMTBGN0I5NzEz MzBCNTREOTZDOTNDNTQ4NTRBNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJLHC4MJK/0Eq2m9nmAStB4gldA124MwOG/iFLT6LiErMRkQP3PMg8bwesth nLbzMiTn0ZxGRhtiNIluwonr4bSHK4SVIcspnNnbHYHr8mlQt+T0oWSyKrS8uBeU zaeBtSk2pCFz8CcbAmrvrXuIME2PbU/ubkFrTVKfKDqfWT3vJZYPybmXS2znrzVA yuevntT2m9OPebb7zw1nLLp+ElqJV6XhQhQIvJ2Ei04XWBRn9+fW447+hU/z94X2 4t7o5plZBGMp7KLzmGReG6DsRJ9XMbwI/Euqv5C4BaXFMZVukz0TibEVwCUl6bAO lsPtPOAZYmbnpdyKacn7utzXzNECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT3ABN/ 7ioQ97lxMwtU2WyTxUhUpDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzczNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pD0wDQYJKoZIhvcNAQELBQADggEBAIxIX7XAOUcIOVIZWIAcX5sM2tJ8iFEQC29Q lYpUvK3oa19app9UtEUODXMj6FqKc7X//DvH8XN6SF7gYsQ7qvKFKWhEsZmXgc8H Z6awloYtbC8U+7IchBdZ8/Xjqk3wVm2N35HMZGH45USSMAp3TzZLK3vCmyt3jzgm eV4EpbvqgC5TGEHIJLgB3xUoNntv8wPA0DfQRp8VugN9f1PMQKJLZvYZPQXLZ4C0 rG0DHKKZE3P/iU3DCCkZOM46SFKpXYasHfhra97k3PkD8l5gJ5uSMJSXsmUXqWF3 4aRERsGgIWhPALFwKhpemK7goF3p4iGJe89sALLVeU1SxUt/niQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:51 2026 by rpki-client