$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143795.roa File: AS143795.roa (raw, json) Hash identifier: IerSSOr1FBdN1BGZiMT5iYCY3ijW3YB1Wk4lQqjehGk= Subject key identifier: 3B:D3:70:94:93:C6:34:24:B7:FE:03:22:A9:4F:10:69:9F:6C:C8:32 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3C319F42070387614EABF49DF65431BFFA5E6869 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143795.roa Signing time: Wed 04 Mar 2026 06:14:19 +0000 ROA not before: Wed 04 Mar 2026 06:09:19 +0000 ROA not after: Wed 03 Mar 2027 06:14:19 +0000 asID: 143795 IP address blocks: 240a:a479::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:31:9f:42:07:03:87:61:4e:ab:f4:9d:f6:54:31:bf:fa:5e:68:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:19 2026 GMT Not After : Mar 3 06:14:19 2027 GMT Subject: CN=3BD3709493C63424B7FE0322A94F10699F6CC832 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:d6:ce:4a:48:d3:a0:c1:8e:50:63:99:b9:4d: ac:2f:5f:14:50:53:6c:83:ef:62:81:3e:70:29:ba: a3:f2:e4:aa:e0:66:ba:32:9f:3a:42:dc:7e:60:f0: 25:98:dd:9e:d6:cf:fb:c4:e6:89:02:68:b6:ea:88: 18:0f:bb:2d:69:ca:19:dd:4e:ed:a7:2f:85:ec:34: ad:ab:75:be:2a:7a:19:b0:76:ff:2b:05:c1:c4:ce: e5:9a:18:16:ce:da:3e:fd:0b:5e:7c:60:bd:09:d1: 96:aa:00:fa:96:20:08:e6:d4:62:79:be:be:23:f4: d1:36:f3:fb:32:9d:8e:cb:6f:c2:22:4b:10:af:84: 48:03:e7:de:1b:c3:13:2d:c0:d0:41:cd:60:9f:f1: 1d:95:e5:ad:3b:26:7b:07:5c:bb:ff:96:85:3f:bf: 37:b9:bf:00:28:4f:0b:f2:de:1d:e8:c4:af:d2:70: 59:04:5e:5a:21:13:df:23:c7:a7:29:43:48:e1:e4: e0:c8:7b:2b:1d:be:13:ec:2c:69:81:88:64:62:c6: f9:02:ea:e3:c5:80:c2:19:15:c8:03:32:77:17:2f: 2a:a5:79:40:b1:4c:a8:a9:a6:8e:9c:00:d6:56:e9: 37:fe:05:7b:3e:dd:d0:6b:6f:7b:6a:fa:74:64:46: c0:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:D3:70:94:93:C6:34:24:B7:FE:03:22:A9:4F:10:69:9F:6C:C8:32 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143795.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a479::/32 Signature Algorithm: sha256WithRSAEncryption 90:71:41:39:47:b3:9c:a8:43:f0:75:d0:2a:fd:20:bf:ee:9b: df:5d:ad:f3:e0:88:30:7b:bd:14:14:7c:e7:ae:c8:ee:36:0a: 44:11:97:04:25:9b:3a:21:1c:8d:70:7c:ee:ce:b5:6b:1a:56: b0:ec:27:a8:04:27:62:9c:bf:5c:16:80:cc:4d:d4:15:46:cc: de:20:9c:6b:ea:bd:e5:a6:3c:a6:84:93:88:f7:3e:82:be:c8: d1:7c:65:74:d7:d5:15:45:8c:5c:63:bb:5b:c0:93:ac:0d:66: b4:f5:77:ce:a3:dc:85:cd:95:e1:9b:9c:bf:b0:2d:ae:f9:63: 5a:9b:32:dc:1d:4d:4b:13:87:24:66:8d:2a:69:03:2e:67:7b: eb:9a:d2:89:63:76:ab:32:d0:2c:56:21:45:68:4c:80:11:42: d1:b1:e8:8c:83:79:6c:87:b0:fc:b4:19:5c:a5:86:c5:bd:cb: 96:3d:f8:84:07:b1:6d:2f:da:11:57:f0:31:d5:d1:db:71:80: ba:32:54:74:d1:95:9a:2c:c6:00:e6:35:f8:ca:aa:de:68:ae: d5:28:3c:65:d4:6f:94:f0:22:65:68:53:32:04:a9:e6:5d:72: ac:cf:54:ee:27:40:eb:c6:b8:a4:eb:2b:46:14:9f:4d:aa:56: 9e:54:88:d8 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPDGfQgcDh2FOq/Sd9lQxv/peaGkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkxOVoX DTI3MDMwMzA2MTQxOVowMzExMC8GA1UEAxMoM0JEMzcwOTQ5M0M2MzQyNEI3RkUw MzIyQTk0RjEwNjk5RjZDQzgzMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALTWzkpI06DBjlBjmblNrC9fFFBTbIPvYoE+cCm6o/LkquBmujKfOkLcfmDw JZjdntbP+8TmiQJotuqIGA+7LWnKGd1O7acvhew0rat1vip6GbB2/ysFwcTO5ZoY Fs7aPv0LXnxgvQnRlqoA+pYgCObUYnm+viP00Tbz+zKdjstvwiJLEK+ESAPn3hvD Ey3A0EHNYJ/xHZXlrTsmewdcu/+WhT+/N7m/AChPC/LeHejEr9JwWQReWiET3yPH pylDSOHk4Mh7Kx2+E+wsaYGIZGLG+QLq48WAwhkVyAMydxcvKqV5QLFMqKmmjpwA 1lbpN/4Fez7d0Gtve2r6dGRGwH8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQ703CU k8Y0JLf+AyKpTxBpn2zIMjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzc5NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pHkwDQYJKoZIhvcNAQELBQADggEBAJBxQTlHs5yoQ/B10Cr9IL/um99drfPgiDB7 vRQUfOeuyO42CkQRlwQlmzohHI1wfO7OtWsaVrDsJ6gEJ2Kcv1wWgMxN1BVGzN4g nGvqveWmPKaEk4j3PoK+yNF8ZXTX1RVFjFxju1vAk6wNZrT1d86j3IXNleGbnL+w La75Y1qbMtwdTUsThyRmjSppAy5ne+ua0oljdqsy0CxWIUVoTIARQtGx6IyDeWyH sPy0GVylhsW9y5Y9+IQHsW0v2hFX8DHV0dtxgLoyVHTRlZosxgDmNfjKqt5ortUo PGXUb5TwImVoUzIEqeZdcqzPVO4nQOvGuKTrK0YUn02qVp5UiNg= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:44 2026 by rpki-client