$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143775.roa File: AS143775.roa (raw, json) Hash identifier: kUcad8pcVW81045GEtpXma/PTFlb3ngV72e6dz73Lrc= Subject key identifier: 74:C6:AF:AB:2F:EE:DD:C1:19:0E:A4:28:8D:9E:4C:99:BE:4E:75:B7 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2BEAD12988A8835DDA4E83E3131D980CC7FC94D6 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143775.roa Signing time: Wed 04 Mar 2026 06:13:22 +0000 ROA not before: Wed 04 Mar 2026 06:08:22 +0000 ROA not after: Wed 03 Mar 2027 06:13:22 +0000 asID: 143775 IP address blocks: 240a:a465::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:ea:d1:29:88:a8:83:5d:da:4e:83:e3:13:1d:98:0c:c7:fc:94:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:22 2026 GMT Not After : Mar 3 06:13:22 2027 GMT Subject: CN=74C6AFAB2FEEDDC1190EA4288D9E4C99BE4E75B7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:31:5a:5c:f9:ae:c3:c7:e4:42:c8:6a:18:af: 1a:f1:53:a6:6d:c1:7c:e8:26:84:51:c7:9e:b6:5f: 0a:57:2b:18:3c:fd:c4:24:97:72:48:c2:74:f6:26: 6f:bd:0b:de:da:c3:00:e1:71:44:5b:3b:c3:ff:b7: ae:bb:35:cb:53:96:4f:24:e7:fb:b6:4f:59:f7:5a: 1d:cb:10:1a:91:c6:33:0d:73:5e:b3:5b:d6:a9:78: f3:82:1a:d7:dd:cc:d5:83:77:c2:90:41:1d:6c:a1: 94:b1:45:db:cb:71:93:d8:ed:86:a0:b6:7f:9b:48: 99:31:af:6a:45:bd:4d:be:7f:2b:46:bb:55:2b:06: 92:69:5b:91:36:dc:58:67:fc:0c:ec:a5:2a:dd:ff: 36:7d:ea:28:c1:ef:03:68:b9:56:29:0d:d2:5f:43: 77:00:d6:57:bc:65:ca:e8:7e:d4:9d:cf:02:a2:13: 7f:98:97:46:6f:91:b3:f8:43:de:44:20:19:eb:02: f7:6c:8c:0b:02:72:c2:ca:65:5a:95:01:b1:08:04: 9f:ab:ea:1a:ef:74:13:d9:e6:40:82:af:58:18:d2: 9a:35:7c:5e:35:bc:e9:f1:ed:dc:5b:8a:03:52:d7: a2:98:21:d9:b6:44:99:9d:87:08:9c:f6:b8:0d:97: 5d:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:C6:AF:AB:2F:EE:DD:C1:19:0E:A4:28:8D:9E:4C:99:BE:4E:75:B7 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143775.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a465::/32 Signature Algorithm: sha256WithRSAEncryption b5:29:ee:b8:d7:d2:c3:20:8a:a4:f3:92:bb:96:76:b0:f5:08: 78:4e:6b:3f:fd:ea:c3:6d:f1:a5:fb:80:4a:52:83:da:31:1a: 63:54:cf:f7:19:97:07:a7:b3:ed:5b:14:20:0a:bf:25:a1:c4: a7:c1:cc:10:02:6c:2d:8a:45:b1:02:18:0d:5e:d8:18:9b:14: 5c:a7:c8:7c:cb:2d:50:5f:33:41:e6:ab:6e:02:20:bf:09:4b: 51:d6:b9:df:f1:fe:39:3b:ec:94:f8:8a:65:0c:bc:17:fe:8b: 49:62:6b:fd:2e:6b:95:db:53:8a:17:64:23:49:b9:fc:a3:96: 20:6b:72:0f:ce:cb:c3:92:35:37:b0:a3:31:36:7d:15:dd:3e: 9a:76:d8:91:13:68:63:0a:9d:52:c3:be:f8:78:ee:d8:80:32: bb:96:27:a7:68:f1:b2:c6:a9:c0:e1:c3:58:5f:be:64:f8:ba: a0:e3:36:f7:50:95:d1:c1:2c:91:f6:5d:6b:9d:51:e2:3c:bf: 73:49:a6:c1:dd:9e:fc:e3:fc:b7:b9:4e:84:e7:2b:a7:2f:b1: 6c:01:6a:e8:e3:69:87:5a:05:be:cd:29:04:4c:2d:bb:ed:d8: 84:a2:84:73:05:bc:87:95:5f:40:d3:76:43:77:c1:4e:9f:1c: 69:c4:09:63 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUK+rRKYiog13aToPjEx2YDMf8lNYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgyMloX DTI3MDMwMzA2MTMyMlowMzExMC8GA1UEAxMoNzRDNkFGQUIyRkVFRERDMTE5MEVB NDI4OEQ5RTRDOTlCRTRFNzVCNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKUxWlz5rsPH5ELIahivGvFTpm3BfOgmhFHHnrZfClcrGDz9xCSXckjCdPYm b70L3trDAOFxRFs7w/+3rrs1y1OWTyTn+7ZPWfdaHcsQGpHGMw1zXrNb1ql484Ia 193M1YN3wpBBHWyhlLFF28txk9jthqC2f5tImTGvakW9Tb5/K0a7VSsGkmlbkTbc WGf8DOylKt3/Nn3qKMHvA2i5VikN0l9DdwDWV7xlyuh+1J3PAqITf5iXRm+Rs/hD 3kQgGesC92yMCwJywsplWpUBsQgEn6vqGu90E9nmQIKvWBjSmjV8XjW86fHt3FuK A1LXopgh2bZEmZ2HCJz2uA2XXaMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR0xq+r L+7dwRkOpCiNnkyZvk51tzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzc3NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pGUwDQYJKoZIhvcNAQELBQADggEBALUp7rjX0sMgiqTzkruWdrD1CHhOaz/96sNt 8aX7gEpSg9oxGmNUz/cZlwens+1bFCAKvyWhxKfBzBACbC2KRbECGA1e2BibFFyn yHzLLVBfM0Hmq24CIL8JS1HWud/x/jk77JT4imUMvBf+i0lia/0ua5XbU4oXZCNJ ufyjliBrcg/Oy8OSNTewozE2fRXdPpp22JETaGMKnVLDvvh47tiAMruWJ6do8bLG qcDhw1hfvmT4uqDjNvdQldHBLJH2XWudUeI8v3NJpsHdnvzj/Le5ToTnK6cvsWwB aujjaYdaBb7NKQRMLbvt2ISihHMFvIeVX0DTdkN3wU6fHGnECWM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:24 2026 by rpki-client