$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143773.roa File: AS143773.roa (raw, json) Hash identifier: H+KPXJ8dbymdtdVlq/PuMVzK+gf1uvRU2CSs4K6gVsM= Subject key identifier: 00:35:BC:0D:29:9F:63:7B:11:1A:80:9D:21:BF:35:6D:21:AC:BB:37 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 05FE07CDE89C689D80DF41118EE7D090994E4196 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143773.roa Signing time: Wed 04 Mar 2026 06:15:42 +0000 ROA not before: Wed 04 Mar 2026 06:10:42 +0000 ROA not after: Wed 03 Mar 2027 06:15:42 +0000 asID: 143773 IP address blocks: 240a:a463::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:fe:07:cd:e8:9c:68:9d:80:df:41:11:8e:e7:d0:90:99:4e:41:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:42 2026 GMT Not After : Mar 3 06:15:42 2027 GMT Subject: CN=0035BC0D299F637B111A809D21BF356D21ACBB37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:3c:17:61:95:38:fc:c0:e6:79:fd:4d:98:d1: 8f:c8:42:2e:07:bd:2d:36:9d:6a:24:87:b6:84:a9: a5:bb:dd:14:bb:de:cf:bb:ab:35:04:ec:51:37:39: 2f:ea:07:13:1e:fe:4a:3d:42:f5:f2:20:95:4a:51: a8:15:ec:33:b5:ba:79:55:0d:4c:99:a2:6a:94:c6: 2a:07:f0:bb:3f:d2:b1:ec:c9:47:5b:14:e7:3b:28: 09:87:eb:97:ed:32:8d:be:0d:ba:96:79:d8:23:1c: c5:9d:c4:f0:c5:d8:7a:a0:59:3f:7c:6e:7e:2b:fb: cb:9f:f0:91:36:35:5d:a9:38:81:4c:b4:c0:4f:5f: cc:ee:01:dd:ab:dd:a2:8f:7a:54:3a:ae:91:d9:7c: 18:7f:f7:4b:d4:67:8b:5c:10:34:b1:f0:e0:8f:68: 35:f9:00:53:5c:0d:8e:6b:a3:b1:8e:53:8f:8b:e4: 40:96:0a:5c:5d:37:f7:30:d8:41:b2:4e:a2:cd:51: 6b:d6:9f:58:81:c9:33:18:c2:40:67:be:b6:81:12: 77:40:d4:64:b9:77:c8:4c:51:da:90:0e:d4:8f:17: 4d:74:22:38:35:f2:5f:8b:0e:46:94:d5:72:e8:fd: b9:d5:f4:e0:e0:0f:45:af:75:60:45:51:63:3d:be: d2:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:35:BC:0D:29:9F:63:7B:11:1A:80:9D:21:BF:35:6D:21:AC:BB:37 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143773.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a463::/32 Signature Algorithm: sha256WithRSAEncryption a2:dc:57:bf:3b:f2:2a:6f:9d:a7:c4:a8:bc:eb:3e:fd:2d:a6: 72:03:d3:f8:25:53:37:5d:15:b8:d4:c9:7d:22:70:7d:89:60: bb:bd:07:51:3f:dd:4a:1f:36:0d:0d:a7:84:46:c8:cf:db:be: 59:cc:81:cf:b6:54:09:3f:51:ca:38:a7:f2:35:bb:bf:c0:43: b6:aa:1e:47:ae:a9:6c:d4:ee:1e:76:44:09:9a:a2:1a:d2:92: ec:34:72:14:e8:f4:0f:ed:6e:6c:18:0a:b2:0b:0a:6d:2f:4c: 18:91:6e:5c:91:9c:14:9a:f7:7b:89:4a:1e:68:c1:5f:47:f5: 8f:77:ba:ec:e1:93:c0:aa:ef:eb:1e:9f:9c:28:19:ce:2c:a8: d1:02:46:6c:1d:73:25:8c:7e:01:58:d1:a7:13:af:b6:1a:d0: 0c:46:c0:5b:17:e1:a4:45:a1:03:58:07:b6:8d:e9:ea:ee:11: cd:64:19:36:7b:1b:36:c2:2a:42:b6:55:1b:ed:7f:d4:7a:e3: 86:e5:0b:f9:f7:91:cf:12:47:f6:cd:c8:11:69:d9:ff:cc:b9: 59:e5:d7:5a:42:5d:01:f1:00:55:df:56:3d:0e:39:52:86:e1: 58:37:4d:ba:ef:8d:8a:86:7a:ff:2e:a9:55:f6:78:ae:37:36: d1:8b:7f:ec -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBf4HzeicaJ2A30ERjufQkJlOQZYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTA0MloX DTI3MDMwMzA2MTU0MlowMzExMC8GA1UEAxMoMDAzNUJDMEQyOTlGNjM3QjExMUE4 MDlEMjFCRjM1NkQyMUFDQkIzNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKY8F2GVOPzA5nn9TZjRj8hCLge9LTadaiSHtoSppbvdFLvez7urNQTsUTc5 L+oHEx7+Sj1C9fIglUpRqBXsM7W6eVUNTJmiapTGKgfwuz/SsezJR1sU5zsoCYfr l+0yjb4NupZ52CMcxZ3E8MXYeqBZP3xufiv7y5/wkTY1Xak4gUy0wE9fzO4B3avd oo96VDqukdl8GH/3S9Rni1wQNLHw4I9oNfkAU1wNjmujsY5Tj4vkQJYKXF039zDY QbJOos1Ra9afWIHJMxjCQGe+toESd0DUZLl3yExR2pAO1I8XTXQiODXyX4sORpTV cuj9udX04OAPRa91YEVRYz2+0nUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQANbwN KZ9jexEagJ0hvzVtIay7NzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzc3My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pGMwDQYJKoZIhvcNAQELBQADggEBAKLcV7878ipvnafEqLzrPv0tpnID0/glUzdd FbjUyX0icH2JYLu9B1E/3UofNg0Np4RGyM/bvlnMgc+2VAk/Uco4p/I1u7/AQ7aq HkeuqWzU7h52RAmaohrSkuw0chTo9A/tbmwYCrILCm0vTBiRblyRnBSa93uJSh5o wV9H9Y93uuzhk8Cq7+sen5woGc4sqNECRmwdcyWMfgFY0acTr7Ya0AxGwFsX4aRF oQNYB7aN6eruEc1kGTZ7GzbCKkK2VRvtf9R644blC/n3kc8SR/bNyBFp2f/MuVnl 11pCXQHxAFXfVj0OOVKG4Vg3TbrvjYqGev8uqVX2eK43NtGLf+w= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:43 2026 by rpki-client