$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143747.roa File: AS143747.roa (raw, json) Hash identifier: 3cNNRbawB5A5Xl/rFo9DCAYGQMI/a8wKHzXOX4QzMwo= Subject key identifier: 49:B0:14:BC:EF:51:EB:6A:D4:0E:03:AA:D0:79:6F:0D:7C:D3:2B:86 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 73B05941D39D8EAAC3A8F0DC93986EDB83219856 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143747.roa Signing time: Wed 04 Mar 2026 06:12:42 +0000 ROA not before: Wed 04 Mar 2026 06:07:42 +0000 ROA not after: Wed 03 Mar 2027 06:12:42 +0000 asID: 143747 IP address blocks: 240a:a449::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:b0:59:41:d3:9d:8e:aa:c3:a8:f0:dc:93:98:6e:db:83:21:98:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:42 2026 GMT Not After : Mar 3 06:12:42 2027 GMT Subject: CN=49B014BCEF51EB6AD40E03AAD0796F0D7CD32B86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:f6:dd:16:8c:89:68:08:03:88:1f:84:1a:28: 4c:17:0f:1f:6f:ce:6d:ef:c3:17:02:5d:31:fe:7c: aa:af:d7:68:68:38:38:09:55:5e:e9:08:83:e1:dc: 13:67:b5:0d:50:1e:1b:60:fc:57:47:9b:af:61:c9: 79:9e:e3:1e:c1:8c:8d:ca:a6:b7:b8:eb:e0:1f:4e: c7:52:2a:1f:55:bf:a9:af:46:4c:e8:e4:90:dd:50: 2c:1a:cc:61:42:ca:1f:9f:7f:fd:12:63:43:28:97: 2c:8d:e0:5c:2f:a6:64:be:f5:09:08:ab:80:a2:33: 12:be:e1:de:24:86:e1:27:fc:9c:d7:a0:d0:be:ca: e8:f7:94:8a:68:30:41:11:c3:ec:ce:e7:c0:32:70: 78:03:33:b2:f2:7f:b2:5c:4b:85:6c:5d:c1:9b:ff: e1:fe:55:b4:3b:f2:26:a0:fb:0a:76:f1:eb:29:cb: 56:a5:af:b0:38:f6:57:c2:9f:35:f0:85:de:27:29: ad:65:1a:e2:38:54:ea:88:f1:7e:e9:df:1d:bb:4e: 4a:62:3f:22:92:5a:55:f1:4a:5a:23:02:68:f8:66: be:5b:2c:38:76:6b:ad:97:5a:15:ef:7e:93:d8:9b: a6:e9:b3:eb:0c:28:d5:b2:69:62:d0:41:8b:2a:e5: e0:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:B0:14:BC:EF:51:EB:6A:D4:0E:03:AA:D0:79:6F:0D:7C:D3:2B:86 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143747.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a449::/32 Signature Algorithm: sha256WithRSAEncryption 48:9c:f8:3b:3b:86:d8:87:f3:e1:f4:64:79:8d:bb:91:cc:b7: 8d:06:e7:45:60:3c:eb:2e:f6:f2:2c:3f:73:fb:ed:75:e5:bf: e9:21:1f:f9:a4:53:01:f4:fe:96:ef:a6:9a:96:4c:e9:34:6e: b7:79:ac:e0:71:6e:69:d8:1e:c9:ef:55:96:32:37:aa:cb:36: 8a:9a:0f:c2:5d:ba:42:af:04:80:3c:03:06:ff:a8:ce:fc:80: 55:99:c5:08:69:8e:36:af:47:27:f1:7a:d3:9c:a4:db:7e:9e: 89:1c:cf:26:29:fa:14:23:11:f4:2b:24:f6:9d:49:4c:3a:de: f6:f7:f9:12:0d:e8:1b:3f:2a:44:5b:de:ca:4f:27:41:7f:58: 3d:d8:34:87:1f:3b:c9:f3:53:ce:c8:e3:29:87:e1:4b:f5:27: 1d:da:cf:4e:c0:12:d6:d2:f1:16:47:d0:e9:ad:5f:f5:e6:0f: 8d:50:44:22:e4:a7:4d:af:3d:76:4f:58:87:a1:97:0e:1d:31: 14:44:26:78:9a:1b:6d:9a:1c:c1:32:15:b5:21:ad:21:d3:dd: f3:9e:d7:ab:cf:b8:3d:61:74:a1:fb:6c:54:08:a8:11:9a:3e: ca:f5:7f:fd:09:3e:22:b3:64:66:5c:b9:74:59:47:19:83:99: 41:c9:f7:6d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUc7BZQdOdjqrDqPDck5hu24MhmFYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDc0MloX DTI3MDMwMzA2MTI0MlowMzExMC8GA1UEAxMoNDlCMDE0QkNFRjUxRUI2QUQ0MEUw M0FBRDA3OTZGMEQ3Q0QzMkI4NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ/23RaMiWgIA4gfhBooTBcPH2/Obe/DFwJdMf58qq/XaGg4OAlVXukIg+Hc E2e1DVAeG2D8V0ebr2HJeZ7jHsGMjcqmt7jr4B9Ox1IqH1W/qa9GTOjkkN1QLBrM YULKH59//RJjQyiXLI3gXC+mZL71CQirgKIzEr7h3iSG4Sf8nNeg0L7K6PeUimgw QRHD7M7nwDJweAMzsvJ/slxLhWxdwZv/4f5VtDvyJqD7Cnbx6ynLVqWvsDj2V8Kf NfCF3icprWUa4jhU6ojxfunfHbtOSmI/IpJaVfFKWiMCaPhmvlssOHZrrZdaFe9+ k9ibpumz6wwo1bJpYtBBiyrl4FcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRJsBS8 71HratQOA6rQeW8NfNMrhjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzc0Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pEkwDQYJKoZIhvcNAQELBQADggEBAEic+Ds7htiH8+H0ZHmNu5HMt40G50VgPOsu 9vIsP3P77XXlv+khH/mkUwH0/pbvppqWTOk0brd5rOBxbmnYHsnvVZYyN6rLNoqa D8JdukKvBIA8Awb/qM78gFWZxQhpjjavRyfxetOcpNt+nokczyYp+hQjEfQrJPad SUw63vb3+RIN6Bs/KkRb3spPJ0F/WD3YNIcfO8nzU87I4ymH4Uv1Jx3az07AEtbS 8RZH0OmtX/XmD41QRCLkp02vPXZPWIehlw4dMRREJniaG22aHMEyFbUhrSHT3fOe 16vPuD1hdKH7bFQIqBGaPsr1f/0JPiKzZGZcuXRZRxmDmUHJ920= -----END CERTIFICATE-----Generated at Sat Mar 28 13:06:12 2026 by rpki-client