$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143741.roa File: AS143741.roa (raw, json) Hash identifier: hB3cvGovvViAwOCzHzeaLqS90yHyaRqD1U9mJaUk5sI= Subject key identifier: 34:72:E3:6F:81:7C:EE:8D:B7:36:FE:EB:22:BB:3B:B2:B3:CC:CB:E3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 32BD2E230346A7822368AFBE8484B5D72B97CE3A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143741.roa Signing time: Wed 04 Mar 2026 06:15:03 +0000 ROA not before: Wed 04 Mar 2026 06:10:03 +0000 ROA not after: Wed 03 Mar 2027 06:15:03 +0000 asID: 143741 IP address blocks: 240a:a443::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:bd:2e:23:03:46:a7:82:23:68:af:be:84:84:b5:d7:2b:97:ce:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:03 2026 GMT Not After : Mar 3 06:15:03 2027 GMT Subject: CN=3472E36F817CEE8DB736FEEB22BB3BB2B3CCCBE3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:ba:1f:40:8f:5b:53:1b:b0:6d:64:57:62:5b: 5f:de:53:29:45:8a:8c:2c:a2:30:3a:d8:08:96:6c: 07:e6:83:6d:92:ce:18:1f:fd:2b:77:c4:4b:b1:87: f4:70:9f:72:75:1b:af:d3:e0:bd:3b:d2:f6:6a:f1: 7b:82:6e:fb:38:70:5c:d2:04:6f:14:50:11:34:10: b7:f7:8d:ed:90:c6:3e:5a:27:e9:e6:de:97:c1:9c: 32:bb:34:fe:a0:49:21:1f:8f:2b:7b:1e:f4:bc:df: 2e:11:0a:33:05:ff:74:71:19:c9:97:ed:f5:bb:87: 56:08:62:e7:e0:33:0a:a0:b5:1f:81:0e:2f:46:0b: 75:18:f7:ea:3e:e0:e9:64:35:46:54:6b:a3:3a:14: 38:20:62:f7:ba:6e:e9:d5:d8:fa:16:6a:56:4f:f1: d5:1b:79:f1:7f:32:b6:d2:54:c7:28:e3:09:98:4a: e1:36:90:02:c0:f4:7d:dd:6e:9c:d9:8b:7f:08:cb: 70:f9:f5:3e:d9:7a:8f:84:5a:67:34:6d:57:b6:6a: 0c:0a:8c:9d:f3:9b:3e:fd:42:c8:45:b3:e4:82:ad: 8c:1c:ee:8c:3b:a4:00:01:c1:43:39:bd:bf:5a:fa: 66:0d:5d:48:cc:98:98:5a:c8:58:aa:0f:79:d6:b0: 3d:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:72:E3:6F:81:7C:EE:8D:B7:36:FE:EB:22:BB:3B:B2:B3:CC:CB:E3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143741.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a443::/32 Signature Algorithm: sha256WithRSAEncryption 28:dc:1a:09:b9:89:ee:f6:2e:f7:b5:41:88:66:72:81:8e:b6: 34:d4:f6:ee:bd:a6:fc:9f:f9:ac:38:53:a7:2c:ad:88:32:28: 92:01:60:71:f1:32:08:d1:09:72:dc:19:fc:b0:be:0d:11:75: 9f:2d:7b:45:16:86:d1:23:79:93:16:8d:54:3f:b7:ea:e7:6f: 6f:11:ff:a1:ff:5c:f8:d5:99:5d:5d:ca:06:27:1f:18:b4:31: 57:7b:da:2a:44:80:d9:40:a4:32:c0:f0:9b:b5:1c:f3:09:3e: 51:bb:0b:3a:da:5d:92:d3:13:cc:04:4e:26:8b:da:71:91:a7: 91:98:82:1c:ec:83:ab:ca:7d:71:0b:31:69:4f:0e:37:d4:21: 16:47:09:b7:35:82:dd:f4:c6:18:6c:a3:6c:f7:eb:eb:cd:82: 7f:c2:d3:38:8e:63:68:40:b8:ae:78:6b:91:24:89:8d:7e:52: 7c:fd:37:b7:83:63:09:50:59:c0:8c:1a:cf:3f:8f:57:3b:8b: da:be:b0:47:8e:2e:68:74:40:01:b3:c4:2e:e3:8b:cb:7b:e3: 70:d9:64:79:88:b5:f3:51:da:22:b8:fe:18:d1:82:31:05:7a: 8c:6c:87:18:11:a6:7d:ef:e3:6a:e7:aa:c3:71:1d:3f:ee:a0: 1f:4d:b9:73 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUMr0uIwNGp4IjaK++hIS11yuXzjowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAwM1oX DTI3MDMwMzA2MTUwM1owMzExMC8GA1UEAxMoMzQ3MkUzNkY4MTdDRUU4REI3MzZG RUVCMjJCQjNCQjJCM0NDQ0JFMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKG6H0CPW1MbsG1kV2JbX95TKUWKjCyiMDrYCJZsB+aDbZLOGB/9K3fES7GH 9HCfcnUbr9PgvTvS9mrxe4Ju+zhwXNIEbxRQETQQt/eN7ZDGPlon6ebel8GcMrs0 /qBJIR+PK3se9LzfLhEKMwX/dHEZyZft9buHVghi5+AzCqC1H4EOL0YLdRj36j7g 6WQ1RlRrozoUOCBi97pu6dXY+hZqVk/x1Rt58X8yttJUxyjjCZhK4TaQAsD0fd1u nNmLfwjLcPn1Ptl6j4RaZzRtV7ZqDAqMnfObPv1CyEWz5IKtjBzujDukAAHBQzm9 v1r6Zg1dSMyYmFrIWKoPedawPaMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ0cuNv gXzujbc2/usiuzuys8zL4zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzc0MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pEMwDQYJKoZIhvcNAQELBQADggEBACjcGgm5ie72Lve1QYhmcoGOtjTU9u69pvyf +aw4U6csrYgyKJIBYHHxMgjRCXLcGfywvg0RdZ8te0UWhtEjeZMWjVQ/t+rnb28R /6H/XPjVmV1dygYnHxi0MVd72ipEgNlApDLA8Ju1HPMJPlG7CzraXZLTE8wETiaL 2nGRp5GYghzsg6vKfXELMWlPDjfUIRZHCbc1gt30xhhso2z36+vNgn/C0ziOY2hA uK54a5EkiY1+Unz9N7eDYwlQWcCMGs8/j1c7i9q+sEeOLmh0QAGzxC7ji8t743DZ ZHmItfNR2iK4/hjRgjEFeoxshxgRpn3v42rnqsNxHT/uoB9NuXM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:55 2026 by rpki-client