$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143760.roa File: AS143760.roa (raw, json) Hash identifier: wkLRc1EzAL392EwAAqqRCvvwVdS6GVVDm41TbYZWi94= Subject key identifier: 27:7E:4E:86:DC:76:FD:02:83:5F:03:AC:51:CA:FA:85:CE:CB:B1:FE Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 712933CE24A4CEAEAF3DD5916133B37A54123D0D Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143760.roa Signing time: Wed 04 Mar 2026 06:13:10 +0000 ROA not before: Wed 04 Mar 2026 06:08:10 +0000 ROA not after: Wed 03 Mar 2027 06:13:10 +0000 asID: 143760 IP address blocks: 240a:a456::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:29:33:ce:24:a4:ce:ae:af:3d:d5:91:61:33:b3:7a:54:12:3d:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:10 2026 GMT Not After : Mar 3 06:13:10 2027 GMT Subject: CN=277E4E86DC76FD02835F03AC51CAFA85CECBB1FE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:2f:5a:ad:0b:a2:f2:ba:60:c3:40:e5:4d:b2: 31:ba:e9:5f:c0:0b:22:c8:15:a7:af:2a:6e:21:a4: 2d:ea:04:95:6c:8c:a4:61:34:67:84:7d:c3:a9:3b: df:0c:e3:d3:0a:4c:36:be:94:cd:7b:f7:cd:fa:f1: 51:7a:4a:ea:79:2a:3e:cc:0c:f1:3b:75:e5:ff:fe: c1:89:d8:72:88:a8:e3:b8:09:be:0f:30:0a:0a:94: f2:2e:d3:9d:a6:db:8a:c4:fa:71:73:69:59:f0:87: bc:9a:d7:b4:5f:39:40:32:5d:97:9b:f4:ef:6d:e8: 80:5f:6b:6c:87:5d:dc:62:01:12:2b:53:29:ba:d7: 47:23:07:70:27:df:d7:1f:7f:8e:c4:58:cc:55:37: 32:1f:14:6b:23:74:54:97:c2:07:11:a7:26:8b:6e: bb:4c:88:ed:db:83:a9:43:4d:80:7f:95:4c:fd:01: f1:a0:37:7f:39:75:24:3c:72:f5:e9:05:e0:e0:8b: 5f:d5:bd:a1:d2:75:b5:db:9b:a0:96:1d:55:d0:49: b2:88:6e:de:a8:4e:97:db:d9:cf:70:0a:a2:28:de: 43:c5:06:41:75:31:c9:90:57:76:a9:17:4e:d0:f4: 11:8c:67:42:82:f6:54:eb:bb:58:4a:51:c0:1b:35: d0:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:7E:4E:86:DC:76:FD:02:83:5F:03:AC:51:CA:FA:85:CE:CB:B1:FE X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143760.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a456::/32 Signature Algorithm: sha256WithRSAEncryption 21:14:1d:d5:9b:42:bb:3e:bd:10:11:32:39:89:50:43:d4:7f: 2e:36:64:b7:c8:a3:97:cc:f8:4a:7b:d2:03:0c:20:da:9b:4e: 0a:68:df:d4:70:03:99:3d:61:ec:9a:90:71:fe:73:a7:38:5c: 12:f2:98:24:e2:c6:e8:f4:71:50:56:3f:e2:82:0a:d1:38:0d: 79:30:10:38:ce:08:56:30:c6:3c:6e:8c:56:c8:ef:09:d1:b3: 57:e2:58:21:ef:48:b9:87:93:a1:c6:07:59:24:f9:71:e8:f2: 99:0b:9b:fc:eb:a9:a1:01:49:50:31:97:e3:53:bc:01:81:38: 66:71:a4:81:96:9d:bd:06:f8:c3:46:d9:c5:2b:23:59:13:76: 6b:11:8d:09:04:46:84:0e:4e:34:ee:e9:da:5f:9b:2b:70:a4: ed:49:42:62:09:b8:92:fd:0e:76:11:46:1a:d7:b6:79:dc:66: 53:27:cb:a0:6f:5b:05:e5:25:0a:0a:79:01:ed:02:5a:23:95: b7:b5:77:42:d8:e4:1b:bf:f8:43:cd:08:34:c2:fd:d6:3d:47: bf:9a:55:be:9a:c9:59:8f:26:3c:d3:95:a1:11:ab:0d:c9:75: 72:48:2a:9c:ed:ac:ee:06:1e:20:ea:8f:79:14:aa:f5:fa:6e: ea:4b:d7:81 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUcSkzziSkzq6vPdWRYTOzelQSPQ0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgxMFoX DTI3MDMwMzA2MTMxMFowMzExMC8GA1UEAxMoMjc3RTRFODZEQzc2RkQwMjgzNUYw M0FDNTFDQUZBODVDRUNCQjFGRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJEvWq0LovK6YMNA5U2yMbrpX8ALIsgVp68qbiGkLeoElWyMpGE0Z4R9w6k7 3wzj0wpMNr6UzXv3zfrxUXpK6nkqPswM8Tt15f/+wYnYcoio47gJvg8wCgqU8i7T nabbisT6cXNpWfCHvJrXtF85QDJdl5v0723ogF9rbIdd3GIBEitTKbrXRyMHcCff 1x9/jsRYzFU3Mh8UayN0VJfCBxGnJotuu0yI7duDqUNNgH+VTP0B8aA3fzl1JDxy 9ekF4OCLX9W9odJ1tduboJYdVdBJsohu3qhOl9vZz3AKoijeQ8UGQXUxyZBXdqkX TtD0EYxnQoL2VOu7WEpRwBs10L8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQnfk6G 3Hb9AoNfA6xRyvqFzsux/jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzc2MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pFYwDQYJKoZIhvcNAQELBQADggEBACEUHdWbQrs+vRARMjmJUEPUfy42ZLfIo5fM +Ep70gMMINqbTgpo39RwA5k9YeyakHH+c6c4XBLymCTixuj0cVBWP+KCCtE4DXkw EDjOCFYwxjxujFbI7wnRs1fiWCHvSLmHk6HGB1kk+XHo8pkLm/zrqaEBSVAxl+NT vAGBOGZxpIGWnb0G+MNG2cUrI1kTdmsRjQkERoQOTjTu6dpfmytwpO1JQmIJuJL9 DnYRRhrXtnncZlMny6BvWwXlJQoKeQHtAlojlbe1d0LY5Bu/+EPNCDTC/dY9R7+a Vb6ayVmPJjzTlaERqw3JdXJIKpztrO4GHiDqj3kUqvX6bupL14E= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:34 2026 by rpki-client