$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143751.roa File: AS143751.roa (raw, json) Hash identifier: vmGcxmmQmbKb02R3x4WlwgcHnK6vTjH3BYJBkYdkPqU= Subject key identifier: B4:93:C4:7E:D9:11:E4:A1:19:95:25:CD:6A:6D:A2:E4:CC:16:4A:CC Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2F5FD7737530A99FD505E2304CC2BA896A6C9EEA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143751.roa Signing time: Wed 04 Mar 2026 06:14:36 +0000 ROA not before: Wed 04 Mar 2026 06:09:36 +0000 ROA not after: Wed 03 Mar 2027 06:14:36 +0000 asID: 143751 IP address blocks: 240a:a44d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:5f:d7:73:75:30:a9:9f:d5:05:e2:30:4c:c2:ba:89:6a:6c:9e:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:36 2026 GMT Not After : Mar 3 06:14:36 2027 GMT Subject: CN=B493C47ED911E4A1199525CD6A6DA2E4CC164ACC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:71:6f:03:3f:60:3b:39:d9:d4:a5:34:e3:d7: d4:c3:93:e1:1d:16:e9:c6:df:b2:36:52:26:bd:a1: d8:d5:5a:7e:18:97:8d:24:98:f5:cb:ed:2b:13:d8: 3d:f7:71:d7:0d:c3:b9:7f:2a:a4:b0:a5:53:30:7f: 75:3b:a5:d2:1f:a4:de:f6:0b:dd:84:4a:b7:5b:c6: 2c:17:70:6b:60:e5:c0:22:56:23:b3:bd:59:b5:a7: 3a:1a:80:17:e4:90:11:ba:40:a7:53:b4:be:82:ee: ed:87:1c:7e:53:7f:04:7a:32:05:d2:88:64:d0:58: f3:d4:81:b9:48:9d:ec:6e:63:68:73:1f:fb:b4:0e: bc:8e:f0:cc:7b:0d:67:5b:46:75:77:63:52:67:fb: 5c:c8:ca:cf:77:38:13:7f:ff:41:3e:64:ff:bf:77: f4:9e:e1:41:bf:ab:61:fd:0d:56:51:7c:67:ad:6b: 70:78:ea:1b:04:03:80:94:cf:cb:7d:f3:59:05:61: 52:de:85:d0:1e:8b:01:97:70:99:20:c6:87:4a:6b: 34:18:25:88:3d:d8:76:ca:b1:9e:42:4f:19:2d:12: bf:a7:ed:19:85:12:5c:a6:4d:ce:56:18:17:2e:d7: c6:c4:ab:54:44:6d:26:70:95:c3:eb:0c:46:cf:5e: 5e:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:93:C4:7E:D9:11:E4:A1:19:95:25:CD:6A:6D:A2:E4:CC:16:4A:CC X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143751.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a44d::/32 Signature Algorithm: sha256WithRSAEncryption 1d:46:40:b0:f8:0d:1b:93:d4:f3:30:38:30:58:64:37:51:d7: 11:69:6d:a5:7c:32:a7:ad:22:76:70:c4:bb:2c:67:c0:b3:10: 9e:cd:dc:9b:99:b9:7a:6d:44:21:cd:ad:1c:ca:bb:37:64:de: 2d:da:c9:1f:06:bf:1e:86:0d:38:03:07:57:c5:09:7d:cf:68: d5:c0:a6:62:7d:64:fb:86:54:86:19:59:79:d3:2c:ed:61:df: fb:53:d0:65:09:5b:d1:6b:13:e5:1f:bd:8c:00:3d:dc:68:74: f0:5e:ef:07:fb:07:ee:7e:86:26:30:2d:81:ba:5e:78:1e:12: 90:ff:7f:f4:39:77:c7:d0:76:3d:78:a4:9b:e1:5e:1f:3c:65: 00:8e:5d:da:15:6a:62:61:13:82:de:a6:6e:32:69:23:9e:3b: fe:8e:9c:ab:ad:16:c1:1c:e2:0e:46:05:a8:dc:db:e2:67:84: e9:b9:55:68:1c:2a:59:4c:d9:a1:ad:cd:20:43:f1:cd:e3:b3: da:02:e0:25:64:b9:2d:94:c9:e3:25:1c:19:f4:e4:0e:1e:cb: 9a:2f:ac:97:a9:a3:5f:f3:48:5e:e0:3d:e2:fc:38:e8:7c:4d: f3:28:03:d9:e2:d8:25:dd:b3:4c:3e:5f:45:70:07:86:fb:23: 37:d9:44:e1 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUL1/Xc3UwqZ/VBeIwTMK6iWpsnuowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkzNloX DTI3MDMwMzA2MTQzNlowMzExMC8GA1UEAxMoQjQ5M0M0N0VEOTExRTRBMTE5OTUy NUNENkE2REEyRTRDQzE2NEFDQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKZxbwM/YDs52dSlNOPX1MOT4R0W6cbfsjZSJr2h2NVafhiXjSSY9cvtKxPY Pfdx1w3DuX8qpLClUzB/dTul0h+k3vYL3YRKt1vGLBdwa2DlwCJWI7O9WbWnOhqA F+SQEbpAp1O0voLu7YccflN/BHoyBdKIZNBY89SBuUid7G5jaHMf+7QOvI7wzHsN Z1tGdXdjUmf7XMjKz3c4E3//QT5k/7939J7hQb+rYf0NVlF8Z61rcHjqGwQDgJTP y33zWQVhUt6F0B6LAZdwmSDGh0prNBgliD3YdsqxnkJPGS0Sv6ftGYUSXKZNzlYY Fy7XxsSrVERtJnCVw+sMRs9eXh8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS0k8R+ 2RHkoRmVJc1qbaLkzBZKzDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzc1MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pE0wDQYJKoZIhvcNAQELBQADggEBAB1GQLD4DRuT1PMwODBYZDdR1xFpbaV8Mqet InZwxLssZ8CzEJ7N3JuZuXptRCHNrRzKuzdk3i3ayR8Gvx6GDTgDB1fFCX3PaNXA pmJ9ZPuGVIYZWXnTLO1h3/tT0GUJW9FrE+UfvYwAPdxodPBe7wf7B+5+hiYwLYG6 XngeEpD/f/Q5d8fQdj14pJvhXh88ZQCOXdoVamJhE4Lepm4yaSOeO/6OnKutFsEc 4g5GBajc2+JnhOm5VWgcKllM2aGtzSBD8c3js9oC4CVkuS2UyeMlHBn05A4ey5ov rJepo1/zSF7gPeL8OOh8TfMoA9ni2CXds0w+X0VwB4b7IzfZROE= -----END CERTIFICATE-----Generated at Sat Mar 28 13:16:42 2026 by rpki-client