$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143748.roa File: AS143748.roa (raw, json) Hash identifier: pOUcJGhJoMZtLuwOBrOirQD+9thLlY3A0jyIvPaeZm0= Subject key identifier: 3F:39:FA:58:06:5C:6A:EF:E8:8B:B4:2C:1A:6C:3E:32:A6:E4:F3:DC Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 66ADE7D6D2A31DD2474CC853679C748CF215379D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143748.roa Signing time: Wed 04 Mar 2026 06:14:01 +0000 ROA not before: Wed 04 Mar 2026 06:09:01 +0000 ROA not after: Wed 03 Mar 2027 06:14:01 +0000 asID: 143748 IP address blocks: 240a:a44a::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:ad:e7:d6:d2:a3:1d:d2:47:4c:c8:53:67:9c:74:8c:f2:15:37:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:01 2026 GMT Not After : Mar 3 06:14:01 2027 GMT Subject: CN=3F39FA58065C6AEFE88BB42C1A6C3E32A6E4F3DC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:63:4d:b9:9c:2e:56:8c:a7:fe:80:0f:1f:af: 62:f3:3c:ab:96:f8:a5:6c:1b:13:ca:64:3c:0a:33: d9:30:71:b8:77:8f:c9:5c:3a:b3:92:38:c3:5e:a2: fb:e9:40:60:08:f1:db:b0:89:01:57:40:6c:28:04: 28:06:f5:40:04:11:46:34:83:aa:f4:dc:0e:de:73: 42:03:0a:63:23:1a:96:b8:25:3f:fd:57:ce:c7:7f: 6e:45:c7:9c:a9:a4:9a:9e:f9:9f:5f:19:69:7d:e4: ed:d5:66:b0:31:9c:ca:11:71:09:c1:9c:1d:bb:52: 2f:20:37:42:76:ae:0e:0e:18:9f:1d:88:df:66:10: c1:e2:5e:41:74:01:f5:6a:87:97:fb:a7:e5:fb:a5: af:37:98:e9:b1:e4:9d:85:61:be:94:99:cc:ca:de: 84:44:d8:81:b6:2d:06:11:bc:52:f8:c4:07:e0:04: 8c:db:a9:77:ec:ff:60:71:b0:b4:af:9d:35:21:f4: 0b:26:0b:c2:81:54:e0:fb:d1:4a:6a:ba:e3:79:e7: ca:a1:98:13:20:1c:be:3a:4c:f5:fb:ad:a3:27:06: bf:ae:62:1c:9a:f9:3d:f5:da:0d:1a:6c:ca:1a:25: 48:81:57:39:b3:2a:52:3c:80:50:1e:d0:72:eb:38: b4:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:39:FA:58:06:5C:6A:EF:E8:8B:B4:2C:1A:6C:3E:32:A6:E4:F3:DC X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143748.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a44a::/32 Signature Algorithm: sha256WithRSAEncryption 38:3f:49:d2:ec:27:09:d7:00:fd:e4:e6:8e:18:d1:32:9f:db: 89:9e:81:c1:c2:40:f8:48:3c:80:02:2f:4f:38:73:a5:68:2a: 41:e2:86:22:3a:31:39:dc:b7:e5:ae:65:c0:91:36:40:9d:7e: 1b:76:86:55:d3:3e:94:d5:92:10:ed:02:35:dc:c6:97:67:4e: b1:5f:83:c0:42:ee:45:23:ec:b0:14:f4:b0:66:5e:00:c9:05: 4a:e9:90:2d:d6:b4:ed:eb:3b:5b:ab:9e:c7:05:3e:8e:4a:ee: 59:3f:26:bd:d7:25:33:9b:a5:8b:60:a5:5a:f3:a0:5f:21:ce: 77:b2:39:30:c8:12:68:1b:5d:54:a0:6b:0c:9a:fd:ac:a5:fe: e9:86:f8:ef:d7:76:4e:72:91:c1:2f:f6:95:2c:3d:f3:63:d0: 74:80:0a:3e:a7:fe:8b:2a:d9:0f:94:21:1f:f9:61:79:f4:1b: b4:e8:09:e9:30:ac:dc:cb:b5:b5:3a:c9:af:40:ed:87:99:a1: 1a:e5:20:20:77:a0:64:c4:60:4d:bd:0a:ab:fc:26:d2:95:0f: 1e:a8:e9:bc:b4:b7:54:3a:f9:36:41:0d:cc:7b:16:2a:7b:66: 66:3e:a1:04:8b:72:b2:31:75:ee:42:21:13:18:a4:50:3a:77: 9a:80:48:75 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZq3n1tKjHdJHTMhTZ5x0jPIVN50wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkwMVoX DTI3MDMwMzA2MTQwMVowMzExMC8GA1UEAxMoM0YzOUZBNTgwNjVDNkFFRkU4OEJC NDJDMUE2QzNFMzJBNkU0RjNEQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKpjTbmcLlaMp/6ADx+vYvM8q5b4pWwbE8pkPAoz2TBxuHePyVw6s5I4w16i ++lAYAjx27CJAVdAbCgEKAb1QAQRRjSDqvTcDt5zQgMKYyMalrglP/1Xzsd/bkXH nKmkmp75n18ZaX3k7dVmsDGcyhFxCcGcHbtSLyA3QnauDg4Ynx2I32YQweJeQXQB 9WqHl/un5fulrzeY6bHknYVhvpSZzMrehETYgbYtBhG8UvjEB+AEjNupd+z/YHGw tK+dNSH0CyYLwoFU4PvRSmq643nnyqGYEyAcvjpM9futoycGv65iHJr5PfXaDRps yholSIFXObMqUjyAUB7Qcus4tOsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ/OfpY Blxq7+iLtCwabD4ypuTz3DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzc0OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pEowDQYJKoZIhvcNAQELBQADggEBADg/SdLsJwnXAP3k5o4Y0TKf24megcHCQPhI PIACL084c6VoKkHihiI6MTnct+WuZcCRNkCdfht2hlXTPpTVkhDtAjXcxpdnTrFf g8BC7kUj7LAU9LBmXgDJBUrpkC3WtO3rO1urnscFPo5K7lk/Jr3XJTObpYtgpVrz oF8hzneyOTDIEmgbXVSgawya/ayl/umG+O/Xdk5ykcEv9pUsPfNj0HSACj6n/osq 2Q+UIR/5YXn0G7ToCekwrNzLtbU6ya9A7YeZoRrlICB3oGTEYE29Cqv8JtKVDx6o 6by0t1Q6+TZBDcx7Fip7ZmY+oQSLcrIxde5CIRMYpFA6d5qASHU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:25 2026 by rpki-client