$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143808.roa File: AS143808.roa (raw, json) Hash identifier: fPtBLVb/r9j26W7wNvtuRFxgeYnUUs0tGzxi/WcPaN8= Subject key identifier: 6A:C8:F3:0F:0D:F7:77:9C:22:1A:C0:B7:AB:8A:E2:4B:32:AA:21:ED Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3D129AEB76ECF6AC96FF26B932E2C0927730315A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143808.roa Signing time: Wed 04 Mar 2026 06:13:14 +0000 ROA not before: Wed 04 Mar 2026 06:08:14 +0000 ROA not after: Wed 03 Mar 2027 06:13:14 +0000 asID: 143808 IP address blocks: 240a:a486::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:12:9a:eb:76:ec:f6:ac:96:ff:26:b9:32:e2:c0:92:77:30:31:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:14 2026 GMT Not After : Mar 3 06:13:14 2027 GMT Subject: CN=6AC8F30F0DF7779C221AC0B7AB8AE24B32AA21ED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:90:b2:f3:ee:ba:f6:88:66:73:b3:c7:e9:03: b3:f6:28:af:65:68:94:74:45:3d:7d:26:a0:99:31: 10:c6:c9:55:ce:06:2e:08:96:25:42:cd:bd:1a:f4: ed:4c:a3:0e:b7:20:ef:1e:21:5d:bf:78:1e:2f:29: 7d:12:ac:3c:5d:7a:60:f7:01:ea:a0:64:4a:09:72: 4c:81:06:c2:fa:6c:f2:9c:8c:30:5d:82:a2:3d:27: 18:d5:b6:28:22:19:2d:74:e2:96:83:85:ae:ae:95: 2e:2d:56:5d:4a:0c:6c:76:f0:bb:19:47:28:ae:22: be:02:79:ba:5a:b7:5c:b1:8e:20:87:24:43:c7:7b: 40:b1:f3:50:b4:55:0b:45:69:57:e6:1c:9d:68:23: 42:d2:07:c1:84:a5:c0:b7:c7:60:c6:17:a8:88:c5: e3:89:2e:31:43:6c:b2:09:9a:bf:5b:af:6f:62:11: 96:f7:d6:61:10:36:3b:7d:f0:b0:7a:d9:98:be:e7: f1:8a:00:43:dd:68:6c:50:a1:ca:18:53:36:c1:da: e1:fe:37:eb:a0:99:85:a6:b9:e4:4a:60:b1:b9:f5: 59:94:7a:47:e7:1a:77:9c:ec:57:7d:b0:5d:c5:da: af:08:09:cf:cf:ef:bd:f0:f0:88:0d:2e:6e:e8:8a: e6:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:C8:F3:0F:0D:F7:77:9C:22:1A:C0:B7:AB:8A:E2:4B:32:AA:21:ED X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143808.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a486::/32 Signature Algorithm: sha256WithRSAEncryption 4d:f1:49:af:bc:bb:c9:99:44:f3:ce:74:03:55:9d:e0:dc:65: 5f:29:5b:ed:df:3b:f0:ce:b6:71:70:3f:3d:ea:4d:35:72:ca: 18:79:96:d4:18:26:cb:6b:7b:22:62:19:a1:da:e6:bc:50:0d: c7:41:a4:b2:2e:4e:6d:24:d2:c9:ab:b8:53:2c:ca:c9:22:f8: 5a:0f:89:9b:03:f3:f4:d3:90:90:43:49:d9:7b:95:5b:ea:80: 2c:fe:ad:f3:bd:6c:f7:95:25:21:a9:10:56:7c:45:ee:3d:3c: 1b:ab:29:d2:38:ea:68:f4:67:ab:69:70:f8:64:e2:5b:2d:22: 00:13:af:c4:1f:1b:aa:83:9e:99:1c:92:1a:ad:3c:45:de:04: 17:fd:1d:a1:56:87:d5:50:37:40:38:0d:67:42:40:49:00:2d: c1:2d:ed:f3:a9:7c:fb:85:b6:90:dd:f5:95:91:ef:28:5c:43: 8a:81:dd:4f:d2:eb:ef:9c:09:6a:b1:c9:07:e1:fe:f5:39:76: 46:09:9d:8b:a2:3d:98:1b:bb:0d:e4:e9:2e:4c:09:c2:84:20: 58:2f:de:be:11:11:32:0f:34:d5:c3:6f:74:0b:68:5c:6e:9e: 89:48:24:b1:84:0c:b6:2d:c0:ff:65:47:a0:5f:24:a6:7e:3d: bd:7c:e6:45 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPRKa63bs9qyW/ya5MuLAkncwMVowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgxNFoX DTI3MDMwMzA2MTMxNFowMzExMC8GA1UEAxMoNkFDOEYzMEYwREY3Nzc5QzIyMUFD MEI3QUI4QUUyNEIzMkFBMjFFRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJGQsvPuuvaIZnOzx+kDs/Yor2VolHRFPX0moJkxEMbJVc4GLgiWJULNvRr0 7UyjDrcg7x4hXb94Hi8pfRKsPF16YPcB6qBkSglyTIEGwvps8pyMMF2Coj0nGNW2 KCIZLXTiloOFrq6VLi1WXUoMbHbwuxlHKK4ivgJ5ulq3XLGOIIckQ8d7QLHzULRV C0VpV+YcnWgjQtIHwYSlwLfHYMYXqIjF44kuMUNssgmav1uvb2IRlvfWYRA2O33w sHrZmL7n8YoAQ91obFChyhhTNsHa4f4366CZhaa55Epgsbn1WZR6R+cad5zsV32w XcXarwgJz8/vvfDwiA0ubuiK5vECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRqyPMP Dfd3nCIawLeriuJLMqoh7TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzgwOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pIYwDQYJKoZIhvcNAQELBQADggEBAE3xSa+8u8mZRPPOdANVneDcZV8pW+3fO/DO tnFwPz3qTTVyyhh5ltQYJstreyJiGaHa5rxQDcdBpLIuTm0k0smruFMsyski+FoP iZsD8/TTkJBDSdl7lVvqgCz+rfO9bPeVJSGpEFZ8Re49PBurKdI46mj0Z6tpcPhk 4lstIgATr8QfG6qDnpkckhqtPEXeBBf9HaFWh9VQN0A4DWdCQEkALcEt7fOpfPuF tpDd9ZWR7yhcQ4qB3U/S6++cCWqxyQfh/vU5dkYJnYuiPZgbuw3k6S5MCcKEIFgv 3r4RETIPNNXDb3QLaFxunolIJLGEDLYtwP9lR6BfJKZ+Pb185kU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:46 2026 by rpki-client