$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143767.roa File: AS143767.roa (raw, json) Hash identifier: Q7eUUli+ITP89renXH/WW4wj+vKJTIpkgnJ1UThhSPo= Subject key identifier: 43:C6:84:80:1F:E5:AC:05:CE:1C:7D:37:6E:1E:4A:9C:FF:F7:08:5C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 7CF2C12B861A379DCE38E0A89E0A84FC4E4FC969 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143767.roa Signing time: Wed 04 Mar 2026 06:13:13 +0000 ROA not before: Wed 04 Mar 2026 06:08:13 +0000 ROA not after: Wed 03 Mar 2027 06:13:13 +0000 asID: 143767 IP address blocks: 240a:a45d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:f2:c1:2b:86:1a:37:9d:ce:38:e0:a8:9e:0a:84:fc:4e:4f:c9:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:13 2026 GMT Not After : Mar 3 06:13:13 2027 GMT Subject: CN=43C684801FE5AC05CE1C7D376E1E4A9CFFF7085C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:ce:ae:79:55:75:a0:09:49:63:82:0a:0a:dc: db:7a:a1:e9:d4:76:d1:2d:fd:e5:7d:6b:d6:42:c6: e9:7b:1d:a3:f2:1e:46:0d:95:b8:e7:7d:1a:bd:3d: 7d:8b:17:23:1c:32:02:f8:26:0c:5d:44:00:fe:46: 6f:0d:1e:8f:16:17:aa:3b:a5:21:46:06:8b:fc:42: b4:46:aa:16:52:c3:95:e2:a8:22:80:31:6c:38:ac: f6:06:04:43:e0:33:46:15:18:3f:79:7e:3f:51:22: bc:6d:11:ab:42:bd:b1:c3:98:b6:b3:22:01:e6:5c: e1:2f:3d:d9:73:fa:40:af:bc:35:b2:85:10:5d:1b: 17:74:bf:9a:16:a4:f7:ac:85:c7:0e:a3:7e:86:57: 55:f4:32:f8:60:72:1f:ca:28:18:80:3f:f8:95:5c: f6:90:45:f3:17:88:76:d9:77:24:9d:11:82:e1:b7: 87:a3:8d:d6:ca:55:63:66:4a:3f:c8:18:d4:e3:68: ce:e2:61:af:4d:ce:fc:bb:37:ad:09:dc:b4:52:1f: 39:24:32:d2:15:0c:96:e6:ae:a8:6b:dd:9c:c2:a0: 6b:5c:51:d4:bd:5e:ff:5a:f7:f7:ab:0d:f3:21:9e: 7e:26:55:3a:98:6c:01:33:71:8b:77:45:67:2d:c8: f9:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:C6:84:80:1F:E5:AC:05:CE:1C:7D:37:6E:1E:4A:9C:FF:F7:08:5C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143767.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a45d::/32 Signature Algorithm: sha256WithRSAEncryption da:97:f0:6a:5f:be:b2:a8:f7:ce:df:88:3d:32:ee:9d:95:56: 56:52:2b:20:d3:5e:a3:06:c1:03:53:37:e3:99:8a:c0:0c:07: a0:af:f5:11:54:95:fb:f1:55:de:5a:4e:56:70:04:47:93:99: 53:ef:a1:a3:86:2c:03:db:49:d2:88:ff:31:22:49:9d:a1:01: 19:31:a0:80:fe:2d:11:32:df:9f:f3:86:1d:b5:f0:51:8f:4d: 14:d4:7e:83:5a:ff:7d:23:08:d9:9e:ee:a7:71:fa:ea:ef:1f: 1e:30:25:d7:02:57:97:c5:06:d5:1b:15:f7:0b:04:66:18:ea: 3a:50:2e:bd:15:f0:22:74:d4:28:3a:ec:6d:87:c2:a7:40:8b: b1:23:75:aa:bb:9e:61:ed:e5:d6:8d:e2:ae:0a:48:db:ca:70: d8:99:db:60:40:ec:8c:ea:0d:02:3a:d8:f0:d8:38:a6:eb:a3: c6:e3:e5:7c:c6:23:13:df:e0:0a:a6:5e:7f:53:20:fc:cf:96: 0f:33:46:46:a7:9a:74:95:fc:7f:84:78:c1:f1:86:39:8d:f8: d4:22:ed:42:80:b1:68:dc:b3:ed:24:e8:f7:41:0d:de:68:8a: 1a:59:e9:00:e6:8f:90:6d:be:47:8e:2a:2e:fc:e5:34:37:0d: 59:a2:bd:91 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUfPLBK4YaN53OOOCongqE/E5PyWkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgxM1oX DTI3MDMwMzA2MTMxM1owMzExMC8GA1UEAxMoNDNDNjg0ODAxRkU1QUMwNUNFMUM3 RDM3NkUxRTRBOUNGRkY3MDg1QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANrOrnlVdaAJSWOCCgrc23qh6dR20S395X1r1kLG6Xsdo/IeRg2VuOd9Gr09 fYsXIxwyAvgmDF1EAP5Gbw0ejxYXqjulIUYGi/xCtEaqFlLDleKoIoAxbDis9gYE Q+AzRhUYP3l+P1EivG0Rq0K9scOYtrMiAeZc4S892XP6QK+8NbKFEF0bF3S/mhak 96yFxw6jfoZXVfQy+GByH8ooGIA/+JVc9pBF8xeIdtl3JJ0RguG3h6ON1spVY2ZK P8gY1ONozuJhr03O/Ls3rQnctFIfOSQy0hUMluauqGvdnMKga1xR1L1e/1r396sN 8yGefiZVOphsATNxi3dFZy3I+YkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRDxoSA H+WsBc4cfTduHkqc//cIXDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzc2Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pF0wDQYJKoZIhvcNAQELBQADggEBANqX8GpfvrKo987fiD0y7p2VVlZSKyDTXqMG wQNTN+OZisAMB6Cv9RFUlfvxVd5aTlZwBEeTmVPvoaOGLAPbSdKI/zEiSZ2hARkx oID+LREy35/zhh218FGPTRTUfoNa/30jCNme7qdx+urvHx4wJdcCV5fFBtUbFfcL BGYY6jpQLr0V8CJ01Cg67G2HwqdAi7Ejdaq7nmHt5daN4q4KSNvKcNiZ22BA7Izq DQI62PDYOKbro8bj5XzGIxPf4AqmXn9TIPzPlg8zRkanmnSV/H+EeMHxhjmN+NQi 7UKAsWjcs+0k6PdBDd5oihpZ6QDmj5BtvkeOKi785TQ3DVmivZE= -----END CERTIFICATE-----Generated at Sat Mar 28 13:14:20 2026 by rpki-client