$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143769.roa File: AS143769.roa (raw, json) Hash identifier: SMPulkPn0KclLJ0ZVrOPWbJq/cBQUrHXA2lseSBKbVE= Subject key identifier: DE:44:39:B0:53:12:A3:E9:11:D5:6A:8A:A1:A7:8D:45:D2:33:4C:98 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6278248EA808DAE9929C7D9D589B2D92942377CD Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143769.roa Signing time: Wed 04 Mar 2026 06:14:12 +0000 ROA not before: Wed 04 Mar 2026 06:09:12 +0000 ROA not after: Wed 03 Mar 2027 06:14:12 +0000 asID: 143769 IP address blocks: 240a:a45f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:78:24:8e:a8:08:da:e9:92:9c:7d:9d:58:9b:2d:92:94:23:77:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:12 2026 GMT Not After : Mar 3 06:14:12 2027 GMT Subject: CN=DE4439B05312A3E911D56A8AA1A78D45D2334C98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:5c:d8:71:66:ad:91:9b:9b:2a:d1:6c:a4:a5: 5b:65:17:0a:1f:2d:7b:46:f1:bf:11:9c:b5:68:56: 4c:9f:9d:89:c4:42:ce:1b:b7:71:f2:3f:03:75:8d: 5b:ea:4f:08:5b:fc:18:3a:88:c2:0e:69:a5:ae:dd: 93:ce:29:d3:ca:f6:c4:a4:da:95:9e:11:3f:63:e9: d5:ac:c2:72:18:1e:b1:d9:c7:f2:a2:db:64:de:12: e1:f0:17:2b:74:2b:1d:93:02:5a:43:3b:5d:c6:6a: 96:a5:ed:e5:90:e2:90:eb:6d:62:86:76:b8:52:3f: d1:24:03:a3:ce:c0:23:7a:57:ab:4c:37:70:33:80: f8:0a:1f:a4:9c:57:44:13:00:5a:b5:8f:8d:a4:7b: 84:0b:fc:f9:7b:d8:c2:a2:18:ce:d0:22:1f:55:14: a1:f1:51:39:00:6c:dd:35:f2:bb:03:99:d3:2c:d4: fc:d8:85:77:c0:b0:da:5c:a5:6a:8c:c6:86:13:36: ba:c8:7d:08:8b:ef:9a:7f:8d:a2:cb:75:4b:83:70: 66:14:26:9b:7c:67:ef:6f:37:b2:a9:9f:cc:4f:c5: 4c:a1:b9:83:13:dc:32:60:73:78:34:38:b1:0d:53: 0f:c6:f6:ee:80:8a:71:f0:f8:5d:c7:1e:bd:d3:5b: 5e:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:44:39:B0:53:12:A3:E9:11:D5:6A:8A:A1:A7:8D:45:D2:33:4C:98 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143769.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a45f::/32 Signature Algorithm: sha256WithRSAEncryption 64:4b:88:bc:11:63:25:0a:26:e3:99:10:67:ba:06:6a:95:5e: 12:09:91:23:aa:e9:47:2e:46:d5:21:03:7c:a4:fa:2a:91:49: eb:7d:9b:83:f3:0d:b7:96:56:07:fd:79:7d:32:69:08:73:69: f1:4f:7e:5a:30:c5:55:df:30:ba:cd:dd:53:2c:57:e7:b6:4e: 0d:9d:6a:d3:68:a0:d1:f7:40:3f:0b:56:07:ca:d4:93:7e:b5: 67:37:85:9e:f5:2d:c8:81:fd:2b:95:a1:bb:d5:e4:36:25:3a: d9:19:25:af:a6:23:e1:5d:57:28:d6:a7:3b:da:23:5f:af:df: a8:59:de:d5:43:a0:f5:d9:09:3a:97:ff:0f:db:82:94:44:0a: f8:d6:ef:8c:dc:cf:7a:e6:3f:db:c8:68:21:e7:4e:17:bd:b6: be:51:a4:96:0a:a6:0c:8b:65:a6:99:7c:8c:49:61:c8:12:e5: ef:d6:c6:78:3a:df:ac:8d:b3:bc:c7:46:1a:a9:c5:c6:43:48: 9a:f8:19:b8:3d:33:ca:38:bd:b4:b8:c4:cb:f5:6e:14:27:2a: 68:2b:06:c0:d5:6e:b2:9e:83:43:84:89:e2:69:1f:3b:1f:06: 67:12:ff:00:07:a6:90:20:ee:0b:d3:d6:9c:ed:73:52:ab:79: d8:c7:13:a6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUYngkjqgI2umSnH2dWJstkpQjd80wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkxMloX DTI3MDMwMzA2MTQxMlowMzExMC8GA1UEAxMoREU0NDM5QjA1MzEyQTNFOTExRDU2 QThBQTFBNzhENDVEMjMzNEM5ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOtc2HFmrZGbmyrRbKSlW2UXCh8te0bxvxGctWhWTJ+dicRCzhu3cfI/A3WN W+pPCFv8GDqIwg5ppa7dk84p08r2xKTalZ4RP2Pp1azCchgesdnH8qLbZN4S4fAX K3QrHZMCWkM7XcZqlqXt5ZDikOttYoZ2uFI/0SQDo87AI3pXq0w3cDOA+AofpJxX RBMAWrWPjaR7hAv8+XvYwqIYztAiH1UUofFROQBs3TXyuwOZ0yzU/NiFd8Cw2lyl aozGhhM2ush9CIvvmn+Nost1S4NwZhQmm3xn7283sqmfzE/FTKG5gxPcMmBzeDQ4 sQ1TD8b27oCKcfD4XccevdNbXg8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTeRDmw UxKj6RHVaoqhp41F0jNMmDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzc2OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pF8wDQYJKoZIhvcNAQELBQADggEBAGRLiLwRYyUKJuOZEGe6BmqVXhIJkSOq6Ucu RtUhA3yk+iqRSet9m4PzDbeWVgf9eX0yaQhzafFPflowxVXfMLrN3VMsV+e2Tg2d atNooNH3QD8LVgfK1JN+tWc3hZ71LciB/SuVobvV5DYlOtkZJa+mI+FdVyjWpzva I1+v36hZ3tVDoPXZCTqX/w/bgpRECvjW74zcz3rmP9vIaCHnThe9tr5RpJYKpgyL ZaaZfIxJYcgS5e/Wxng636yNs7zHRhqpxcZDSJr4Gbg9M8o4vbS4xMv1bhQnKmgr BsDVbrKeg0OEieJpHzsfBmcS/wAHppAg7gvT1pztc1KredjHE6Y= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:38 2026 by rpki-client