$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143740.roa File: AS143740.roa (raw, json) Hash identifier: Gbdlx//cWTJFnIxb7tLiMUUDjhnpzpGuk7rrkC0VJMg= Subject key identifier: 17:8A:A8:B9:BB:24:B4:0E:59:BF:3F:6F:98:3C:41:48:2B:CB:B8:E2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3132DC658F81AA3C06E118939462A4C7D6662456 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143740.roa Signing time: Wed 04 Mar 2026 06:15:00 +0000 ROA not before: Wed 04 Mar 2026 06:10:00 +0000 ROA not after: Wed 03 Mar 2027 06:15:00 +0000 asID: 143740 IP address blocks: 240a:a442::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:32:dc:65:8f:81:aa:3c:06:e1:18:93:94:62:a4:c7:d6:66:24:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:00 2026 GMT Not After : Mar 3 06:15:00 2027 GMT Subject: CN=178AA8B9BB24B40E59BF3F6F983C41482BCBB8E2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:e7:fb:d1:9e:33:f7:e3:f0:a3:07:d6:b5:e6: 9d:be:8d:b7:76:ef:9d:29:82:cc:e7:bf:79:d2:9a: eb:8c:d4:3b:08:68:3c:21:97:2d:35:9c:b3:f4:5b: 7c:6d:71:ec:dd:ac:ad:3d:ad:65:c7:a5:df:37:27: 08:81:7c:fc:23:07:65:14:d6:24:b1:ef:f6:33:87: 32:2c:29:e1:3a:72:5d:a1:e5:f2:58:7a:9f:e0:a1: d4:48:78:75:35:65:88:e4:4d:80:28:21:8f:23:b2: 27:d9:91:39:e6:86:62:a3:2a:e9:a5:21:81:1f:22: dc:df:10:64:8c:53:dc:e3:e3:60:69:06:09:16:31: 8b:f9:cc:f2:e0:a0:f4:53:5a:09:cb:21:7b:30:8d: c0:34:ea:29:f8:73:9d:be:ea:8d:af:f0:ef:c5:64: 76:dc:f8:24:ba:16:48:16:44:2a:60:d1:e3:4c:7c: 94:5c:7d:9b:1b:91:bb:7b:62:83:b3:3f:54:8b:c7: b9:47:fa:bb:53:5e:65:a1:cd:f4:1c:18:d3:c5:c2: 92:a2:11:e0:90:52:d5:23:34:b0:18:e7:e3:1a:27: b6:ef:90:92:c9:bf:75:2e:be:4a:e3:6d:d4:8c:ce: 35:ad:c1:0f:fd:48:5d:2d:95:47:df:b1:4b:a0:c9: 35:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:8A:A8:B9:BB:24:B4:0E:59:BF:3F:6F:98:3C:41:48:2B:CB:B8:E2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143740.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a442::/32 Signature Algorithm: sha256WithRSAEncryption c8:ab:1d:e6:94:0a:a2:89:4e:ea:ca:15:04:a4:db:5d:5f:cf: 67:b7:2d:47:af:b3:f2:dc:ab:5e:91:a7:ec:9e:d2:58:63:0e: 5f:ad:46:21:19:f7:02:ec:d5:dd:e2:97:0c:02:1e:07:12:b6: 04:ab:47:65:63:01:a7:31:aa:5c:c8:d7:ae:f0:54:47:37:ca: c3:c6:1c:24:e8:73:ac:2a:e5:6c:63:bd:f4:32:60:d3:47:5b: c7:68:ec:b1:5d:fd:6c:6e:8a:33:3f:bd:08:2b:fb:7c:23:19: df:eb:ab:1a:b9:9e:fd:7b:e9:a7:bf:42:bf:97:39:cd:fd:5c: 0a:d3:f8:53:0e:60:94:de:62:4b:a5:bd:ad:6e:84:2c:7c:cc: 15:51:95:e4:8a:d6:45:ad:7d:60:79:3b:12:c1:02:b4:dc:52: 09:82:d7:2a:60:d1:fd:6c:25:4c:a0:35:d4:f9:02:96:b0:ba: 53:26:d2:c4:ba:ce:ed:ab:70:d4:c4:4a:09:1c:e5:3b:92:d6: d1:42:5a:24:15:43:33:81:2e:0f:20:0f:30:6b:5a:2a:27:0c: 6e:83:f4:7e:bd:c0:7d:fb:34:eb:87:06:cc:59:f8:f6:83:ad: 17:d5:94:fc:3b:38:64:8a:a3:14:0d:88:43:9e:09:81:d0:23: 82:0f:9e:07 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMTLcZY+BqjwG4RiTlGKkx9ZmJFYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAwMFoX DTI3MDMwMzA2MTUwMFowMzExMC8GA1UEAxMoMTc4QUE4QjlCQjI0QjQwRTU5QkYz RjZGOTgzQzQxNDgyQkNCQjhFMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKHn+9GeM/fj8KMH1rXmnb6Nt3bvnSmCzOe/edKa64zUOwhoPCGXLTWcs/Rb fG1x7N2srT2tZcel3zcnCIF8/CMHZRTWJLHv9jOHMiwp4TpyXaHl8lh6n+Ch1Eh4 dTVliORNgCghjyOyJ9mROeaGYqMq6aUhgR8i3N8QZIxT3OPjYGkGCRYxi/nM8uCg 9FNaCcshezCNwDTqKfhznb7qja/w78Vkdtz4JLoWSBZEKmDR40x8lFx9mxuRu3ti g7M/VIvHuUf6u1NeZaHN9BwY08XCkqIR4JBS1SM0sBjn4xontu+Qksm/dS6+SuNt 1IzONa3BD/1IXS2VR9+xS6DJNWUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQXiqi5 uyS0Dlm/P2+YPEFIK8u44jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzc0MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pEIwDQYJKoZIhvcNAQELBQADggEBAMirHeaUCqKJTurKFQSk211fz2e3LUevs/Lc q16Rp+ye0lhjDl+tRiEZ9wLs1d3ilwwCHgcStgSrR2VjAacxqlzI167wVEc3ysPG HCToc6wq5WxjvfQyYNNHW8do7LFd/WxuijM/vQgr+3wjGd/rqxq5nv176ae/Qr+X Oc39XArT+FMOYJTeYkulva1uhCx8zBVRleSK1kWtfWB5OxLBArTcUgmC1ypg0f1s JUygNdT5ApawulMm0sS6zu2rcNTESgkc5TuS1tFCWiQVQzOBLg8gDzBrWionDG6D 9H69wH37NOuHBsxZ+PaDrRfVlPw7OGSKoxQNiEOeCYHQI4IPngc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:35 2026 by rpki-client