$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143744.roa File: AS143744.roa (raw, json) Hash identifier: pLGH6RtOS4nNi+WFcY5Kj/cr7f1nlwkMFMk9L0l447I= Subject key identifier: 89:F6:68:7B:47:D6:B4:80:96:B3:44:7E:A8:23:3B:57:A7:7D:D2:18 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 40C87059B2D10400D35AB302F39A02903F5DB73E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143744.roa Signing time: Wed 04 Mar 2026 06:13:15 +0000 ROA not before: Wed 04 Mar 2026 06:08:15 +0000 ROA not after: Wed 03 Mar 2027 06:13:15 +0000 asID: 143744 IP address blocks: 240a:a446::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:c8:70:59:b2:d1:04:00:d3:5a:b3:02:f3:9a:02:90:3f:5d:b7:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:15 2026 GMT Not After : Mar 3 06:13:15 2027 GMT Subject: CN=89F6687B47D6B48096B3447EA8233B57A77DD218 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:a6:d2:2f:74:46:24:c7:4d:c4:16:52:4e:c4: 19:36:e5:af:bf:eb:67:63:9f:25:92:42:16:5c:eb: 76:0c:33:01:06:d1:9c:f9:04:a2:01:27:2c:87:0c: 46:34:f5:90:4d:3e:b9:ea:b4:fb:73:5e:42:53:6e: 37:03:ca:93:16:6f:96:93:ff:e1:ab:12:e3:7c:f5: 16:d4:d4:22:d4:5d:33:98:99:21:f7:81:05:d5:56: ab:e1:74:58:d1:8f:f0:0e:29:10:10:48:70:6c:40: 6b:75:03:35:11:a0:4c:e1:06:60:1a:c5:29:cc:97: 0e:03:79:0e:74:6a:5d:ff:29:f1:12:ee:72:69:dc: ca:f9:e8:3e:50:95:af:c8:2b:a5:9d:e4:81:96:dc: 83:48:c5:b8:5f:49:f1:49:91:12:dd:27:9d:78:0f: 33:f6:a8:42:22:0a:a8:57:e3:49:46:79:7d:7e:51: 82:1f:78:2e:17:3f:fd:e8:ff:85:ed:b5:a7:24:be: fb:89:3d:e5:fb:23:67:0d:6d:7a:7b:94:00:b3:6c: 83:e6:16:84:aa:08:f8:8e:23:14:44:72:e2:ca:33: 81:36:f3:67:8d:78:34:dc:84:d5:79:e6:cc:b6:fd: f4:3a:15:5e:fb:a9:7a:a9:66:83:ac:da:8f:23:c0: 68:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:F6:68:7B:47:D6:B4:80:96:B3:44:7E:A8:23:3B:57:A7:7D:D2:18 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143744.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a446::/32 Signature Algorithm: sha256WithRSAEncryption 61:c1:7f:03:5b:ae:67:7e:1f:3f:a5:33:27:14:1a:0d:a2:f7: 42:aa:5b:c3:27:f5:a7:58:8a:b6:b0:0a:87:c2:3f:69:47:e2: 20:f6:c8:9a:6b:51:0b:27:4e:e1:79:2c:fc:3c:30:77:92:ff: 51:01:4d:a1:3c:2e:4d:56:4f:78:76:06:34:a4:72:5e:62:e2: bf:98:f8:95:ff:ce:33:42:a1:6f:73:65:66:a9:22:29:be:cb: e5:6f:88:22:e8:e3:ef:7a:57:eb:8b:7f:77:4a:80:b4:af:2e: 76:62:22:74:bf:d3:ae:a2:29:a1:f6:5b:3e:c9:61:1d:f5:8d: b9:b3:c8:86:57:62:88:b8:65:4a:cb:07:d4:d3:42:b7:7d:7f: ce:16:cb:6e:cf:66:5c:10:31:4d:16:1d:69:0e:a3:d2:0b:86: c1:a1:11:2d:85:cb:fd:e6:d7:90:e3:fd:73:6c:01:d7:98:90: 21:a1:94:1a:a1:22:7d:b8:74:c8:f6:47:78:42:5b:24:65:6f: de:26:fe:82:da:72:49:e2:7d:5a:8e:e8:5a:ab:7a:29:2d:7e: 54:68:bd:c7:a5:f6:c8:01:f7:4b:a1:ed:2a:aa:c3:99:4b:7e: ed:99:87:b4:f7:1a:ef:85:d5:56:68:a4:86:a9:0e:29:b2:fd: 65:24:e5:50 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUQMhwWbLRBADTWrMC85oCkD9dtz4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgxNVoX DTI3MDMwMzA2MTMxNVowMzExMC8GA1UEAxMoODlGNjY4N0I0N0Q2QjQ4MDk2QjM0 NDdFQTgyMzNCNTdBNzdERDIxODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKum0i90RiTHTcQWUk7EGTblr7/rZ2OfJZJCFlzrdgwzAQbRnPkEogEnLIcM RjT1kE0+ueq0+3NeQlNuNwPKkxZvlpP/4asS43z1FtTUItRdM5iZIfeBBdVWq+F0 WNGP8A4pEBBIcGxAa3UDNRGgTOEGYBrFKcyXDgN5DnRqXf8p8RLucmncyvnoPlCV r8grpZ3kgZbcg0jFuF9J8UmREt0nnXgPM/aoQiIKqFfjSUZ5fX5Rgh94Lhc//ej/ he21pyS++4k95fsjZw1tenuUALNsg+YWhKoI+I4jFERy4sozgTbzZ414NNyE1Xnm zLb99DoVXvupeqlmg6zajyPAaBsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSJ9mh7 R9a0gJazRH6oIztXp33SGDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzc0NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pEYwDQYJKoZIhvcNAQELBQADggEBAGHBfwNbrmd+Hz+lMycUGg2i90KqW8Mn9adY irawCofCP2lH4iD2yJprUQsnTuF5LPw8MHeS/1EBTaE8Lk1WT3h2BjSkcl5i4r+Y +JX/zjNCoW9zZWapIim+y+VviCLo4+96V+uLf3dKgLSvLnZiInS/066iKaH2Wz7J YR31jbmzyIZXYoi4ZUrLB9TTQrd9f84Wy27PZlwQMU0WHWkOo9ILhsGhES2Fy/3m 15Dj/XNsAdeYkCGhlBqhIn24dMj2R3hCWyRlb94m/oLacknifVqO6FqreiktflRo vcel9sgB90uh7Sqqw5lLfu2Zh7T3Gu+F1VZopIapDimy/WUk5VA= -----END CERTIFICATE-----Generated at Sat Mar 28 14:30:35 2026 by rpki-client