$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143797.roa File: AS143797.roa (raw, json) Hash identifier: k08K+6hT8WGc9CNS/EKIC2e4xJdmOTemsVz5L9iMprs= Subject key identifier: F3:E4:A0:19:1A:A3:A1:6A:88:1A:F7:3A:C5:FC:BB:CE:58:86:B8:3A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 45A62E1F126FFBDA2A4C76727748EADD790F18AC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143797.roa Signing time: Wed 04 Mar 2026 06:12:29 +0000 ROA not before: Wed 04 Mar 2026 06:07:29 +0000 ROA not after: Wed 03 Mar 2027 06:12:29 +0000 asID: 143797 IP address blocks: 240a:a47b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:a6:2e:1f:12:6f:fb:da:2a:4c:76:72:77:48:ea:dd:79:0f:18:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:29 2026 GMT Not After : Mar 3 06:12:29 2027 GMT Subject: CN=F3E4A0191AA3A16A881AF73AC5FCBBCE5886B83A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:32:e6:af:86:6c:2d:30:2a:f8:f8:f9:0e:97: 30:17:b5:d4:08:7a:c9:83:a8:60:ca:be:2a:79:6b: 63:cd:1a:9a:ad:4f:de:ad:57:a0:38:4c:4b:15:66: 72:23:3c:a4:c0:43:23:f2:14:c3:d0:93:37:86:a2: 3b:5d:1d:04:87:7b:dd:4f:e8:56:0f:f5:a5:6f:19: 02:60:98:07:9f:58:bf:1d:a5:89:2f:16:bc:4f:61: f1:38:e2:3e:5a:21:1d:63:fa:14:c8:92:e9:4b:3f: 40:7a:cb:c4:4f:f3:b1:3f:92:9c:7e:84:f7:b7:ab: 2f:4c:ce:1e:c9:16:6c:a7:6e:60:1c:a6:6e:ea:0b: 63:86:63:c9:4a:96:f2:ae:02:d7:d0:90:65:48:43: 48:f6:4e:34:22:5f:58:d6:7d:6f:3e:70:4d:40:65: c2:7d:e7:e2:15:90:ed:2d:5f:ac:32:5c:00:94:30: d1:17:80:22:37:a7:05:00:4e:a1:96:e1:b6:bf:c9: 95:7a:4f:02:86:1b:f2:7c:f8:04:f9:61:20:e3:d7: 18:91:0f:e6:2c:e7:20:14:fb:1b:67:db:68:b5:63: df:43:76:eb:4a:50:c3:f5:8b:6c:f4:09:fc:bc:ce: 21:b2:1e:9b:8b:55:7f:26:40:9c:7f:2e:a0:df:b5: e6:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:E4:A0:19:1A:A3:A1:6A:88:1A:F7:3A:C5:FC:BB:CE:58:86:B8:3A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143797.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a47b::/32 Signature Algorithm: sha256WithRSAEncryption 23:fd:c1:84:35:0d:0e:87:c6:ac:bb:7b:a0:4e:c3:b5:0a:a4: af:1f:58:78:c0:05:3c:88:e2:0c:82:aa:c9:60:1e:f8:11:4e: 58:d4:f4:7f:ef:32:f0:91:7c:ef:78:77:5c:3b:56:c9:91:fd: 07:a7:41:48:a9:df:7f:f5:b2:a4:b4:5a:2a:03:01:45:41:8b: 8b:f0:86:44:97:5d:15:b6:0a:28:62:ae:1d:3f:53:a7:b3:65: bd:1a:32:37:a1:61:6d:62:25:db:90:c2:ff:d6:b9:ae:b5:15: ad:65:e1:13:c9:0a:23:50:c3:1f:fa:5a:fd:90:5b:23:d2:d3: aa:12:5f:27:81:a3:03:d5:d0:b4:fb:f2:ef:21:65:a9:a8:c5: 6f:50:ed:81:50:98:6c:52:af:e1:0c:7e:cc:ac:b5:a4:8e:ae: 83:c6:63:9d:e9:34:26:66:6c:e8:73:4e:f8:f3:a5:4d:fb:7e: 44:4f:45:e2:ea:05:23:ec:61:39:2d:bf:cb:9e:30:d4:c9:92: b9:38:ae:be:a1:22:5d:16:ae:58:17:96:f7:df:70:46:a6:7a: b6:7e:55:c7:d3:bb:23:d0:fd:e0:fa:33:28:53:0a:25:cd:3f: a0:dd:7e:b5:76:f1:8d:ed:eb:cb:11:01:c3:fd:aa:ba:bf:c8: dd:b8:c7:69 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIURaYuHxJv+9oqTHZyd0jq3XkPGKwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDcyOVoX DTI3MDMwMzA2MTIyOVowMzExMC8GA1UEAxMoRjNFNEEwMTkxQUEzQTE2QTg4MUFG NzNBQzVGQ0JCQ0U1ODg2QjgzQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALUy5q+GbC0wKvj4+Q6XMBe11Ah6yYOoYMq+KnlrY80amq1P3q1XoDhMSxVm ciM8pMBDI/IUw9CTN4aiO10dBId73U/oVg/1pW8ZAmCYB59Yvx2liS8WvE9h8Tji PlohHWP6FMiS6Us/QHrLxE/zsT+SnH6E97erL0zOHskWbKduYBymbuoLY4ZjyUqW 8q4C19CQZUhDSPZONCJfWNZ9bz5wTUBlwn3n4hWQ7S1frDJcAJQw0ReAIjenBQBO oZbhtr/JlXpPAoYb8nz4BPlhIOPXGJEP5iznIBT7G2fbaLVj30N260pQw/WLbPQJ /LzOIbIem4tVfyZAnH8uoN+15skCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTz5KAZ GqOhaoga9zrF/LvOWIa4OjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzc5Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pHswDQYJKoZIhvcNAQELBQADggEBACP9wYQ1DQ6Hxqy7e6BOw7UKpK8fWHjABTyI 4gyCqslgHvgRTljU9H/vMvCRfO94d1w7VsmR/QenQUip33/1sqS0WioDAUVBi4vw hkSXXRW2Cihirh0/U6ezZb0aMjehYW1iJduQwv/Wua61Fa1l4RPJCiNQwx/6Wv2Q WyPS06oSXyeBowPV0LT78u8hZamoxW9Q7YFQmGxSr+EMfsystaSOroPGY53pNCZm bOhzTvjzpU37fkRPReLqBSPsYTktv8ueMNTJkrk4rr6hIl0WrlgXlvffcEamerZ+ VcfTuyPQ/eD6MyhTCiXNP6DdfrV28Y3t68sRAcP9qrq/yN24x2k= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:34 2026 by rpki-client