$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143763.roa File: AS143763.roa (raw, json) Hash identifier: HfHo2I/TsMYRwhcvsOjfN2W1UEYI964V58Yy0dlC4GM= Subject key identifier: 0A:0F:59:BF:70:17:56:C6:48:0A:5F:97:48:FB:72:5A:7D:E0:74:24 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1243906DC330B5C3CD6751D3E1997BA20447A7B3 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143763.roa Signing time: Wed 04 Mar 2026 06:14:57 +0000 ROA not before: Wed 04 Mar 2026 06:09:57 +0000 ROA not after: Wed 03 Mar 2027 06:14:57 +0000 asID: 143763 IP address blocks: 240a:a459::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:43:90:6d:c3:30:b5:c3:cd:67:51:d3:e1:99:7b:a2:04:47:a7:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:57 2026 GMT Not After : Mar 3 06:14:57 2027 GMT Subject: CN=0A0F59BF701756C6480A5F9748FB725A7DE07424 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:19:b8:18:43:7d:81:ab:b2:12:5c:2e:5c:ea: ce:1e:cb:58:0a:5e:2b:4b:a8:9b:40:fb:1c:0f:96: 6c:ab:6e:71:fa:e3:ae:f5:a5:ed:ca:bb:a1:d9:82: 8f:de:ab:fe:f9:26:41:89:41:ed:ad:45:48:7e:46: 00:54:4e:e7:35:53:00:34:77:25:d7:6e:43:8c:b8: 60:94:ba:67:24:00:e4:e6:c9:5d:c4:2a:1f:6f:4e: d1:f8:72:88:2c:11:d4:fe:97:2c:ac:68:b7:3c:dc: 15:55:05:9d:69:c4:3e:47:ec:29:2b:f3:74:9e:a1: 68:8f:aa:23:f0:5c:7c:f1:25:fc:fb:c0:55:4e:77: 41:b9:07:a8:ec:c2:bb:e2:00:60:d5:00:66:d7:cc: 63:63:a8:ba:bc:c6:1e:1b:67:c3:a4:72:a0:6f:8a: da:62:c4:eb:53:57:f6:83:1a:7d:9c:0b:69:77:49: 4e:24:0e:f5:aa:1b:26:a9:2d:3b:a9:71:04:9d:50: b4:e5:7e:24:05:78:57:4d:f4:53:19:24:4c:57:5f: ea:c2:2a:e9:de:0c:8a:54:98:7c:7a:b2:25:3a:d7: 5e:f5:e8:c7:e1:e4:f4:0f:56:39:59:b7:88:ac:3f: 45:1c:ce:9e:43:87:03:9a:65:63:3c:34:b7:a8:54: de:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:0F:59:BF:70:17:56:C6:48:0A:5F:97:48:FB:72:5A:7D:E0:74:24 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143763.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a459::/32 Signature Algorithm: sha256WithRSAEncryption 0b:fa:cd:ce:ce:2e:2a:67:8a:c5:cf:62:02:d8:26:26:b4:53: aa:23:79:ec:41:5c:f7:e7:d8:b8:19:3b:6c:20:c8:35:6a:5b: 90:41:5b:04:93:77:e1:0a:5c:fc:4b:6d:94:79:a5:cc:c6:71: 18:69:56:b1:f9:ac:df:d6:7a:22:49:93:44:91:2f:0d:b3:90: 98:59:55:91:c5:dd:d0:a2:04:95:58:9c:e6:21:4b:30:78:df: c0:7a:b5:63:09:2c:02:08:d4:4e:6a:84:1d:4b:92:c6:6b:e1: 05:04:69:5e:b2:7a:27:a6:c5:5a:01:be:ab:73:6b:43:5f:b2: 4c:3b:72:6e:85:fc:cd:25:f5:64:2e:33:73:6a:ae:31:d6:87: 2f:1e:e9:1a:46:3c:86:ae:11:f8:40:82:41:d5:3b:43:f3:53: 9f:37:3f:2c:ea:d3:4b:33:0c:f3:39:74:c5:08:c4:7d:17:58: 55:e3:f4:6e:d7:e2:83:cf:3e:9f:ae:e4:87:b0:8b:48:f0:af: 58:d1:53:5d:04:e8:70:b3:85:f1:53:eb:50:a1:ff:66:7b:8e: 09:6f:ab:e1:29:5a:ff:91:1e:25:e4:04:c4:9f:2a:4f:6c:f5: 6e:e3:43:b2:39:30:a8:b3:dd:7a:7e:5f:a6:66:de:75:fd:fd: 91:13:7e:2f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUEkOQbcMwtcPNZ1HT4Zl7ogRHp7MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDk1N1oX DTI3MDMwMzA2MTQ1N1owMzExMC8GA1UEAxMoMEEwRjU5QkY3MDE3NTZDNjQ4MEE1 Rjk3NDhGQjcyNUE3REUwNzQyNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMgZuBhDfYGrshJcLlzqzh7LWApeK0uom0D7HA+WbKtucfrjrvWl7cq7odmC j96r/vkmQYlB7a1FSH5GAFRO5zVTADR3JdduQ4y4YJS6ZyQA5ObJXcQqH29O0fhy iCwR1P6XLKxotzzcFVUFnWnEPkfsKSvzdJ6haI+qI/BcfPEl/PvAVU53QbkHqOzC u+IAYNUAZtfMY2OourzGHhtnw6RyoG+K2mLE61NX9oMafZwLaXdJTiQO9aobJqkt O6lxBJ1QtOV+JAV4V030UxkkTFdf6sIq6d4MilSYfHqyJTrXXvXox+Hk9A9WOVm3 iKw/RRzOnkOHA5plYzw0t6hU3tkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQKD1m/ cBdWxkgKX5dI+3JafeB0JDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzc2My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pFkwDQYJKoZIhvcNAQELBQADggEBAAv6zc7OLipnisXPYgLYJia0U6ojeexBXPfn 2LgZO2wgyDVqW5BBWwSTd+EKXPxLbZR5pczGcRhpVrH5rN/WeiJJk0SRLw2zkJhZ VZHF3dCiBJVYnOYhSzB438B6tWMJLAII1E5qhB1LksZr4QUEaV6yeiemxVoBvqtz a0Nfskw7cm6F/M0l9WQuM3NqrjHWhy8e6RpGPIauEfhAgkHVO0PzU583Pyzq00sz DPM5dMUIxH0XWFXj9G7X4oPPPp+u5Iewi0jwr1jRU10E6HCzhfFT61Ch/2Z7jglv q+EpWv+RHiXkBMSfKk9s9W7jQ7I5MKiz3Xp+X6Zm3nX9/ZETfi8= -----END CERTIFICATE-----Generated at Sat Mar 28 14:26:47 2026 by rpki-client