$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143784.roa File: AS143784.roa (raw, json) Hash identifier: TR08urcV62xCCYseiU0RTXVAvudxvkp8lM4EBPfBo/s= Subject key identifier: 3E:66:92:B6:68:D0:45:EB:F2:75:2E:A3:D8:6D:AD:43:29:E4:11:E3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 211504311593E2BCE825EF58C2E4B8B06E93C225 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143784.roa Signing time: Wed 04 Mar 2026 06:14:05 +0000 ROA not before: Wed 04 Mar 2026 06:09:05 +0000 ROA not after: Wed 03 Mar 2027 06:14:05 +0000 asID: 143784 IP address blocks: 240a:a46e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:15:04:31:15:93:e2:bc:e8:25:ef:58:c2:e4:b8:b0:6e:93:c2:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:05 2026 GMT Not After : Mar 3 06:14:05 2027 GMT Subject: CN=3E6692B668D045EBF2752EA3D86DAD4329E411E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:ae:89:88:cc:17:dd:c8:9d:0e:af:04:e4:b5: b0:4c:5f:8a:90:1a:d1:6e:9e:e2:fc:1e:38:f3:ea: 53:d0:9e:18:d1:14:ab:a9:24:8a:ce:45:77:8f:da: ac:9e:f5:53:fc:c1:cb:25:fc:71:75:d3:84:1e:3f: 2f:c8:ea:af:cb:14:a7:c9:f0:38:6d:aa:eb:2d:8a: 85:e4:90:21:21:33:72:ea:fa:f6:80:21:af:37:cf: 0f:36:88:8c:48:fa:3f:f4:49:34:00:4e:de:a1:2f: 8a:4b:db:5b:cc:4b:e8:b8:43:04:d3:fb:9b:b4:a1: 92:0c:09:03:68:76:1a:7d:d8:e8:1a:9e:e4:80:87: 86:ff:c1:e7:5b:0b:c7:34:08:d0:79:21:7f:e0:76: 67:73:d9:78:cd:4a:28:61:79:65:6f:0a:01:86:6f: b0:4b:41:4e:05:7a:a4:13:33:e1:c0:aa:be:53:05: 2f:ed:89:60:e9:29:61:84:e4:0e:18:e0:8b:9e:2c: 27:db:91:8b:e2:85:fd:c8:bc:8e:27:4d:c5:17:ec: e4:df:7f:c1:33:b9:76:f4:f9:0e:a7:00:35:db:fe: 00:06:26:b3:1a:5f:67:2d:4c:55:78:72:a8:dc:3a: 36:66:c5:b4:f4:f0:a7:ec:55:85:79:c8:c3:e2:d8: 37:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:66:92:B6:68:D0:45:EB:F2:75:2E:A3:D8:6D:AD:43:29:E4:11:E3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143784.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a46e::/32 Signature Algorithm: sha256WithRSAEncryption 65:43:9d:5a:f3:5d:ff:46:2b:93:2f:54:60:7a:98:cb:f6:a5: 52:5e:d0:7f:f0:3a:a9:bf:32:f5:3a:3a:21:a6:e5:e3:6c:61: 22:3b:b2:3f:1e:7a:f9:0c:1d:15:aa:83:f6:c5:4d:df:0a:0a: 6c:63:6f:c0:81:de:a0:7a:02:11:ff:65:8b:60:71:1b:23:9c: e2:c6:e5:65:53:d9:dc:f8:ea:35:e3:fc:2f:a5:e3:39:74:09: 7d:5d:7b:b9:22:f7:03:16:41:e3:df:96:04:02:60:ce:56:ba: 61:e0:4a:4c:15:1c:94:10:5c:6a:6b:36:04:6d:f7:95:65:09: 35:62:4e:9b:39:c8:66:fa:b7:a7:c4:0a:1d:f5:5a:ae:d1:89: 93:25:64:27:ad:f3:59:ca:25:b7:31:de:a5:8f:ba:df:bf:6c: 6d:69:43:3d:5e:bd:81:39:2d:f4:0f:fd:26:cd:3e:13:8d:40: 85:40:1e:d5:57:9e:a8:84:7f:c3:c1:68:2b:d7:f9:df:c8:63: ba:96:af:4d:74:df:c4:9f:fd:f4:91:d6:33:28:f1:4f:4f:22: ab:5a:53:e9:01:d4:5f:e4:7a:bb:a3:67:26:90:2f:3f:7a:0f: 9a:1f:fa:87:a4:c2:2d:b8:f7:1a:03:2d:92:7d:ed:a4:7c:68: f3:d0:7b:f4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUIRUEMRWT4rzoJe9YwuS4sG6TwiUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkwNVoX DTI3MDMwMzA2MTQwNVowMzExMC8GA1UEAxMoM0U2NjkyQjY2OEQwNDVFQkYyNzUy RUEzRDg2REFENDMyOUU0MTFFMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJyuiYjMF93InQ6vBOS1sExfipAa0W6e4vweOPPqU9CeGNEUq6kkis5Fd4/a rJ71U/zByyX8cXXThB4/L8jqr8sUp8nwOG2q6y2KheSQISEzcur69oAhrzfPDzaI jEj6P/RJNABO3qEvikvbW8xL6LhDBNP7m7ShkgwJA2h2Gn3Y6Bqe5ICHhv/B51sL xzQI0Hkhf+B2Z3PZeM1KKGF5ZW8KAYZvsEtBTgV6pBMz4cCqvlMFL+2JYOkpYYTk Dhjgi54sJ9uRi+KF/ci8jidNxRfs5N9/wTO5dvT5DqcANdv+AAYmsxpfZy1MVXhy qNw6NmbFtPTwp+xVhXnIw+LYN8UCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ+ZpK2 aNBF6/J1LqPYba1DKeQR4zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzc4NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pG4wDQYJKoZIhvcNAQELBQADggEBAGVDnVrzXf9GK5MvVGB6mMv2pVJe0H/wOqm/ MvU6OiGm5eNsYSI7sj8eevkMHRWqg/bFTd8KCmxjb8CB3qB6AhH/ZYtgcRsjnOLG 5WVT2dz46jXj/C+l4zl0CX1de7ki9wMWQePflgQCYM5WumHgSkwVHJQQXGprNgRt 95VlCTViTps5yGb6t6fECh31Wq7RiZMlZCet81nKJbcx3qWPut+/bG1pQz1evYE5 LfQP/SbNPhONQIVAHtVXnqiEf8PBaCvX+d/IY7qWr01038Sf/fSR1jMo8U9PIqta U+kB1F/kerujZyaQLz96D5of+oekwi249xoDLZJ97aR8aPPQe/Q= -----END CERTIFICATE-----Generated at Sat Mar 28 14:26:40 2026 by rpki-client