$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143793.roa File: AS143793.roa (raw, json) Hash identifier: otc9gCHWexGPYsF9Qi+sw/3mmsLa+JmmwsOim9h4Hy4= Subject key identifier: 54:38:18:F8:95:5E:93:2C:88:09:EB:FC:24:39:76:FE:F8:28:51:20 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 554C2D5675598B7750125E977627BC57E905672F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143793.roa Signing time: Wed 04 Mar 2026 06:13:04 +0000 ROA not before: Wed 04 Mar 2026 06:08:04 +0000 ROA not after: Wed 03 Mar 2027 06:13:04 +0000 asID: 143793 IP address blocks: 240a:a477::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:4c:2d:56:75:59:8b:77:50:12:5e:97:76:27:bc:57:e9:05:67:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:04 2026 GMT Not After : Mar 3 06:13:04 2027 GMT Subject: CN=543818F8955E932C8809EBFC243976FEF8285120 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:e0:e7:53:2b:0e:d3:78:1d:6e:31:e1:02:59: 1d:c2:ae:42:1d:50:4f:a6:74:f4:af:c9:0f:cc:d8: a7:40:f8:a0:bf:05:c4:11:41:82:5b:14:54:c6:d8: da:e2:95:6b:6c:05:39:2e:0c:bc:45:cc:f7:ad:cc: c3:df:96:6f:5e:b6:4b:45:66:6d:8b:50:1b:09:d3: 94:a1:38:16:ac:1e:75:79:6a:a8:70:e5:f3:42:1c: ce:2e:3d:71:27:2e:55:7d:0a:81:d9:6b:ce:a7:99: 90:e9:53:b9:a1:b3:4b:99:33:89:fb:2d:c6:38:c2: d1:49:56:20:bd:2f:29:8b:cf:bf:24:50:bd:83:17: 44:66:b0:b2:3b:0c:93:e6:d8:90:ed:20:f8:33:89: f5:e3:61:d9:dd:9f:74:9a:66:15:e6:94:9a:77:e9: 24:eb:99:ea:32:18:9d:55:e9:5a:09:a3:fc:f3:77: b5:a4:2a:9b:78:81:fa:5a:cd:ce:ea:21:e5:81:e6: 80:6b:d0:f8:46:0f:65:a2:d4:1b:70:5a:95:d9:17: c0:c4:d4:08:74:f7:48:39:4b:90:70:c2:b6:15:d4: 85:dc:ce:29:57:68:22:30:cf:1d:3f:64:b7:59:d5: 97:ea:c6:d3:b0:01:5e:11:6e:ef:0c:39:c5:2b:51: b3:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:38:18:F8:95:5E:93:2C:88:09:EB:FC:24:39:76:FE:F8:28:51:20 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143793.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a477::/32 Signature Algorithm: sha256WithRSAEncryption a7:ff:9b:93:98:aa:f0:c8:67:df:2f:db:3f:04:95:75:5b:e5: 18:d2:1f:dd:19:74:18:54:e0:16:75:c0:24:c5:37:ec:1a:19: dd:55:1f:99:00:ca:c0:2f:0b:93:09:b5:47:4d:9e:74:7d:01: 4b:c0:06:57:1c:1d:39:3a:2e:85:79:9e:3f:39:cb:16:b1:a5: 35:38:87:55:cd:b6:3d:b8:c9:ac:26:44:93:b2:75:59:1b:fc: 29:0f:df:70:e1:82:d2:ee:11:d2:a4:bc:3e:79:dd:7c:3d:22: 4c:41:22:43:7c:59:be:67:ef:3d:48:74:70:70:2d:c9:fa:fa: f7:fe:9f:d9:14:b4:78:81:8b:8e:fa:cd:19:62:49:55:71:67: bb:9a:b4:a8:46:59:d3:48:90:df:dc:eb:a4:66:59:48:83:ea: 93:10:1d:fb:14:30:e6:5b:1f:85:16:7b:ea:82:b0:ae:70:fa: 7e:a5:6f:33:07:08:95:84:20:36:27:be:7a:ee:12:10:c6:08: a7:66:9d:2f:49:29:76:6c:c9:30:79:59:6e:9b:b6:b6:27:31: 7a:be:f3:5b:73:c1:36:22:22:06:7f:fc:61:22:8b:0c:03:14: 25:4f:d0:b5:f0:43:72:8a:21:64:97:7f:5e:2c:ec:f1:a3:c7: a0:84:c2:40 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVUwtVnVZi3dQEl6Xdie8V+kFZy8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgwNFoX DTI3MDMwMzA2MTMwNFowMzExMC8GA1UEAxMoNTQzODE4Rjg5NTVFOTMyQzg4MDlF QkZDMjQzOTc2RkVGODI4NTEyMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMfg51MrDtN4HW4x4QJZHcKuQh1QT6Z09K/JD8zYp0D4oL8FxBFBglsUVMbY 2uKVa2wFOS4MvEXM963Mw9+Wb162S0VmbYtQGwnTlKE4FqwedXlqqHDl80Iczi49 cScuVX0KgdlrzqeZkOlTuaGzS5kzifstxjjC0UlWIL0vKYvPvyRQvYMXRGawsjsM k+bYkO0g+DOJ9eNh2d2fdJpmFeaUmnfpJOuZ6jIYnVXpWgmj/PN3taQqm3iB+lrN zuoh5YHmgGvQ+EYPZaLUG3BaldkXwMTUCHT3SDlLkHDCthXUhdzOKVdoIjDPHT9k t1nVl+rG07ABXhFu7ww5xStRs/UCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRUOBj4 lV6TLIgJ6/wkOXb++ChRIDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzc5My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pHcwDQYJKoZIhvcNAQELBQADggEBAKf/m5OYqvDIZ98v2z8ElXVb5RjSH90ZdBhU 4BZ1wCTFN+waGd1VH5kAysAvC5MJtUdNnnR9AUvABlccHTk6LoV5nj85yxaxpTU4 h1XNtj24yawmRJOydVkb/CkP33DhgtLuEdKkvD553Xw9IkxBIkN8Wb5n7z1IdHBw Lcn6+vf+n9kUtHiBi476zRliSVVxZ7uatKhGWdNIkN/c66RmWUiD6pMQHfsUMOZb H4UWe+qCsK5w+n6lbzMHCJWEIDYnvnruEhDGCKdmnS9JKXZsyTB5WW6btrYnMXq+ 81tzwTYiIgZ//GEiiwwDFCVP0LXwQ3KKIWSXf14s7PGjx6CEwkA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:32 2026 by rpki-client