$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143807.roa File: AS143807.roa (raw, json) Hash identifier: OlnioT6JMBcTTR2gVFLAp7yFaV+Hgfrqx1Vfsz4Nuug= Subject key identifier: 4E:84:A3:AE:69:FB:59:DD:0F:3D:DC:70:4E:D5:40:E7:DE:70:1A:8C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2602F2E2DBF2046B263383E755A2A0568A04DBD6 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143807.roa Signing time: Wed 04 Mar 2026 06:14:29 +0000 ROA not before: Wed 04 Mar 2026 06:09:29 +0000 ROA not after: Wed 03 Mar 2027 06:14:29 +0000 asID: 143807 IP address blocks: 240a:a485::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:02:f2:e2:db:f2:04:6b:26:33:83:e7:55:a2:a0:56:8a:04:db:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:29 2026 GMT Not After : Mar 3 06:14:29 2027 GMT Subject: CN=4E84A3AE69FB59DD0F3DDC704ED540E7DE701A8C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:80:bd:c5:af:2e:52:06:ec:7f:7d:a0:39:aa: 3f:7a:bd:f2:11:8e:0a:eb:28:38:f2:45:1d:39:bb: 82:78:ca:6a:28:b2:27:97:5d:67:12:15:68:ed:6d: 57:dd:15:66:26:6d:a4:30:29:84:0c:ea:f6:6f:74: ff:45:ab:fc:fa:72:41:12:36:73:42:33:61:3f:e6: 59:5f:d2:92:1d:85:26:69:b5:8d:04:79:4d:60:d9: 1b:41:97:e6:1b:06:f5:1d:de:3d:94:b9:9f:69:55: 87:fa:ff:5d:56:6c:74:19:29:e8:da:3a:54:20:3e: 59:07:34:60:da:2a:4c:d1:d1:2f:c7:fb:82:85:2b: 6f:12:bf:46:69:3e:7c:4c:5c:a2:1c:2b:e9:66:87: 4c:e6:ed:f5:16:4b:25:02:fe:1a:ae:86:06:d3:e9: 58:ce:6c:74:f0:c0:0b:9e:ee:48:04:3f:05:89:24: 74:81:fc:cb:01:ef:32:5a:16:fe:a1:0a:ae:7c:62: 26:ff:40:6a:4c:58:11:73:9c:97:12:1b:e9:d2:21: b1:50:7c:a1:ba:53:d0:9b:d6:7d:3b:17:92:46:e3: 5c:6b:9f:a9:bc:b5:33:bc:64:e9:5a:f7:17:b1:84: 9f:6c:bf:25:c3:34:48:45:bf:df:a6:80:02:d0:b3: f6:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:84:A3:AE:69:FB:59:DD:0F:3D:DC:70:4E:D5:40:E7:DE:70:1A:8C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143807.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a485::/32 Signature Algorithm: sha256WithRSAEncryption 0a:5f:09:8c:9b:30:79:2d:06:64:e1:ef:f6:82:08:e1:51:fe: ab:0b:8d:41:19:4f:90:6f:2d:21:4e:44:1d:30:ec:63:12:65: d4:d0:98:81:8c:88:a1:9e:3b:2c:28:76:52:e6:97:e1:2d:24: 80:d9:68:ca:70:25:31:fa:bf:28:a5:8b:d3:07:95:2e:b1:8a: ee:4a:42:8c:26:2d:bc:bf:0d:51:75:4a:77:39:54:27:ca:2e: 51:6c:2e:3f:64:cd:c1:b6:e6:44:63:1a:9c:ea:7d:27:cf:1f: dc:d2:d6:a2:71:ba:0c:e5:29:22:4c:72:ee:08:86:6b:65:90: 50:1c:79:86:b6:1f:f5:db:0d:d5:6a:3f:64:a1:6a:2d:a3:39: ef:05:39:4c:15:ef:df:c3:00:94:b2:6b:8d:0e:6a:a6:96:e7: 96:99:ce:dd:bf:39:52:05:8e:9e:a3:88:ea:52:43:85:35:98: bc:74:ee:5c:d0:83:42:da:65:03:99:2c:25:19:b8:71:25:44: ec:6a:a5:aa:c3:2b:88:ef:df:60:85:3d:32:7f:bd:e0:6d:5e: 5c:76:3c:f1:5e:aa:35:74:35:91:44:52:ab:08:de:25:28:b6: e8:0d:b5:32:51:4d:2b:e4:95:b0:28:19:88:69:be:6b:e1:80: aa:74:c3:9d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUJgLy4tvyBGsmM4PnVaKgVooE29YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkyOVoX DTI3MDMwMzA2MTQyOVowMzExMC8GA1UEAxMoNEU4NEEzQUU2OUZCNTlERDBGM0RE QzcwNEVENTQwRTdERTcwMUE4QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIeAvcWvLlIG7H99oDmqP3q98hGOCusoOPJFHTm7gnjKaiiyJ5ddZxIVaO1t V90VZiZtpDAphAzq9m90/0Wr/PpyQRI2c0IzYT/mWV/Skh2FJmm1jQR5TWDZG0GX 5hsG9R3ePZS5n2lVh/r/XVZsdBkp6No6VCA+WQc0YNoqTNHRL8f7goUrbxK/Rmk+ fExcohwr6WaHTObt9RZLJQL+Gq6GBtPpWM5sdPDAC57uSAQ/BYkkdIH8ywHvMloW /qEKrnxiJv9AakxYEXOclxIb6dIhsVB8obpT0JvWfTsXkkbjXGufqby1M7xk6Vr3 F7GEn2y/JcM0SEW/36aAAtCz9mUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBROhKOu aftZ3Q893HBO1UDn3nAajDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzgwNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pIUwDQYJKoZIhvcNAQELBQADggEBAApfCYybMHktBmTh7/aCCOFR/qsLjUEZT5Bv LSFORB0w7GMSZdTQmIGMiKGeOywodlLml+EtJIDZaMpwJTH6vyili9MHlS6xiu5K QowmLby/DVF1Snc5VCfKLlFsLj9kzcG25kRjGpzqfSfPH9zS1qJxugzlKSJMcu4I hmtlkFAceYa2H/XbDdVqP2Shai2jOe8FOUwV79/DAJSya40OaqaW55aZzt2/OVIF jp6jiOpSQ4U1mLx07lzQg0LaZQOZLCUZuHElROxqparDK4jv32CFPTJ/veBtXlx2 PPFeqjV0NZFEUqsI3iUotugNtTJRTSvklbAoGYhpvmvhgKp0w50= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:02 2026 by rpki-client