$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143809.roa File: AS143809.roa (raw, json) Hash identifier: Ziwde99HP5tdzxQXkB35ljDJtWzll+JFZpW7vxCu9c0= Subject key identifier: A3:EA:80:E6:34:F7:E6:74:CE:F2:AC:54:D1:52:A1:62:D6:C2:1C:07 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 073CB2625DD348FB0986A692472378905BFEDC43 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143809.roa Signing time: Wed 04 Mar 2026 06:12:50 +0000 ROA not before: Wed 04 Mar 2026 06:07:50 +0000 ROA not after: Wed 03 Mar 2027 06:12:50 +0000 asID: 143809 IP address blocks: 240a:a487::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:3c:b2:62:5d:d3:48:fb:09:86:a6:92:47:23:78:90:5b:fe:dc:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:50 2026 GMT Not After : Mar 3 06:12:50 2027 GMT Subject: CN=A3EA80E634F7E674CEF2AC54D152A162D6C21C07 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:c0:05:b1:e2:a8:4e:59:9d:c4:f8:5b:f8:d9: 9d:83:9f:f8:99:2b:d8:7d:86:16:87:ea:8d:43:65: 34:51:34:75:c5:a1:8c:20:ed:31:87:f7:11:b6:7b: 3d:c4:74:12:6b:94:64:07:56:d7:1b:e5:fc:41:b1: 3f:8a:78:3f:34:2a:29:58:5a:18:4f:fa:0b:44:7f: 3c:c1:d3:29:bc:7b:af:92:6a:04:9b:4d:4c:08:4e: 2e:c2:c4:f0:a0:90:6b:b8:63:89:30:5d:7b:f0:d9: 17:84:f2:15:d4:b5:bf:ac:4c:a5:3a:35:88:7b:71: 2c:88:3f:18:04:97:c0:3a:7f:38:ee:64:73:9e:1d: 30:c6:58:58:80:78:c4:5b:84:6e:73:31:96:8e:63: 37:f6:7d:8e:02:bf:4b:28:12:5c:ad:53:08:46:95: 89:af:2c:bd:dd:68:aa:f7:90:93:65:64:7b:d1:7d: 88:1e:4a:07:b9:d9:08:86:4e:68:7b:8e:a1:38:17: 1c:54:29:b1:4d:0a:72:e2:34:88:37:c3:f6:3d:35: 95:6b:09:cb:84:bd:d9:d4:a7:68:9b:02:52:e8:87: 92:f6:aa:8e:53:9a:72:b5:60:9e:d7:de:4e:a2:1c: 31:12:a7:85:a9:70:84:bc:42:01:57:39:0e:2e:0a: d1:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:EA:80:E6:34:F7:E6:74:CE:F2:AC:54:D1:52:A1:62:D6:C2:1C:07 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143809.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a487::/32 Signature Algorithm: sha256WithRSAEncryption d5:bc:a6:e7:0f:8d:a2:0b:28:c9:c1:bf:8d:80:ae:f3:e1:9d: 94:a8:82:93:56:d6:a6:eb:3b:69:5a:7c:12:cd:98:db:05:34: 31:82:99:29:25:d9:84:d6:36:20:a7:e7:1e:6f:99:cd:16:e2: 56:2f:5d:82:a5:82:e5:48:fe:e6:ae:10:bb:e9:20:b2:93:aa: 88:15:cc:44:8a:59:07:69:ec:c5:e6:05:93:c8:89:3b:17:22: b8:42:d8:ee:bc:e2:ea:99:ff:52:c6:f5:d8:67:0f:90:01:b1: df:09:80:f5:83:e4:7e:83:cc:19:9e:65:22:98:50:0b:c7:4e: 82:e6:48:8b:27:e6:b7:ca:42:c1:87:28:74:c9:0a:f6:d0:39: b6:e7:a4:88:72:65:a9:b1:a8:89:30:91:8f:53:62:9e:c1:4d: 0d:cf:f5:6d:4b:9c:70:c2:bc:3f:13:c2:54:0b:69:b1:ec:83: fc:65:62:40:63:3f:a5:ec:52:07:78:8a:4b:4b:dd:f2:c8:58: 59:f1:1a:96:48:f3:fb:b2:0c:05:86:d7:58:c5:e0:e0:cb:52: ec:27:54:24:00:5b:6e:6d:8c:9a:5e:25:33:25:92:51:63:e4: c4:32:b7:dc:fc:28:c4:63:3f:dc:6a:84:1c:5d:cc:f6:13:f0: 87:5e:5b:c0 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBzyyYl3TSPsJhqaSRyN4kFv+3EMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDc1MFoX DTI3MDMwMzA2MTI1MFowMzExMC8GA1UEAxMoQTNFQTgwRTYzNEY3RTY3NENFRjJB QzU0RDE1MkExNjJENkMyMUMwNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMLABbHiqE5ZncT4W/jZnYOf+Jkr2H2GFofqjUNlNFE0dcWhjCDtMYf3EbZ7 PcR0EmuUZAdW1xvl/EGxP4p4PzQqKVhaGE/6C0R/PMHTKbx7r5JqBJtNTAhOLsLE 8KCQa7hjiTBde/DZF4TyFdS1v6xMpTo1iHtxLIg/GASXwDp/OO5kc54dMMZYWIB4 xFuEbnMxlo5jN/Z9jgK/SygSXK1TCEaVia8svd1oqveQk2Vke9F9iB5KB7nZCIZO aHuOoTgXHFQpsU0KcuI0iDfD9j01lWsJy4S92dSnaJsCUuiHkvaqjlOacrVgntfe TqIcMRKnhalwhLxCAVc5Di4K0TcCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSj6oDm NPfmdM7yrFTRUqFi1sIcBzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzgwOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pIcwDQYJKoZIhvcNAQELBQADggEBANW8pucPjaILKMnBv42ArvPhnZSogpNW1qbr O2lafBLNmNsFNDGCmSkl2YTWNiCn5x5vmc0W4lYvXYKlguVI/uauELvpILKTqogV zESKWQdp7MXmBZPIiTsXIrhC2O684uqZ/1LG9dhnD5ABsd8JgPWD5H6DzBmeZSKY UAvHToLmSIsn5rfKQsGHKHTJCvbQObbnpIhyZamxqIkwkY9TYp7BTQ3P9W1LnHDC vD8TwlQLabHsg/xlYkBjP6XsUgd4iktL3fLIWFnxGpZI8/uyDAWG11jF4ODLUuwn VCQAW25tjJpeJTMlklFj5MQyt9z8KMRjP9xqhBxdzPYT8IdeW8A= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:18 2026 by rpki-client