$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143813.roa File: AS143813.roa (raw, json) Hash identifier: P/wfLvrieGXb9mZfXYKar14QZk7lAmOmDEM3+NIDP0Y= Subject key identifier: 91:1D:F3:31:AC:09:BF:E0:FA:C2:AF:97:D2:C5:70:79:57:67:58:28 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 68B3DF86CCF22E34E03A1BA89BCF5B416C9E9CD0 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143813.roa Signing time: Wed 04 Mar 2026 06:13:31 +0000 ROA not before: Wed 04 Mar 2026 06:08:31 +0000 ROA not after: Wed 03 Mar 2027 06:13:31 +0000 asID: 143813 IP address blocks: 240a:a48b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:b3:df:86:cc:f2:2e:34:e0:3a:1b:a8:9b:cf:5b:41:6c:9e:9c:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:31 2026 GMT Not After : Mar 3 06:13:31 2027 GMT Subject: CN=911DF331AC09BFE0FAC2AF97D2C5707957675828 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:f6:c3:b2:05:36:f6:fb:19:95:37:4a:c4:4b: 37:ac:7c:cd:84:25:f2:84:86:f9:45:3e:eb:ef:6d: 04:0f:0f:a6:fa:7f:1f:f8:ec:06:8b:b5:f0:11:e0: e0:d5:e8:d0:be:ad:78:72:40:c5:5e:85:2d:59:09: fe:e4:a8:76:ad:4e:43:8e:db:f5:7c:10:e4:22:b4: 53:73:90:89:41:fb:9b:c9:00:92:0d:1c:71:37:32: bc:0e:74:0e:8e:f6:9f:8b:f2:80:0b:1c:40:96:56: 3c:fc:3a:dd:6d:01:42:bd:7f:e5:75:83:c6:61:91: 0e:8b:56:ef:ed:e8:9e:9b:3a:36:5b:0e:e4:9c:78: 5d:dd:d1:42:10:86:2a:93:11:ce:dc:51:92:5a:5d: 68:25:6b:78:c1:aa:86:f9:86:d3:cc:4d:75:19:ca: 6a:ce:b3:67:8f:6b:14:a7:b4:7e:25:8f:e5:fd:6b: 2e:fa:b9:1b:66:76:9b:b5:42:f0:46:4a:11:f9:fe: bf:d6:aa:6b:2f:7e:cd:94:10:30:8b:3f:ac:5e:f3: 12:3f:06:28:ca:cf:ca:2f:13:e0:13:08:e0:07:46: 96:96:4f:61:fe:b5:93:c7:cd:63:ac:1a:d5:d6:4e: 93:50:1d:f0:0e:6f:33:37:7c:28:b2:78:34:a5:68: 19:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:1D:F3:31:AC:09:BF:E0:FA:C2:AF:97:D2:C5:70:79:57:67:58:28 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143813.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a48b::/32 Signature Algorithm: sha256WithRSAEncryption 51:b3:73:75:d2:89:7f:28:bc:c2:af:bd:c5:68:f7:a9:7e:5e: d6:ec:6d:c9:3b:15:8f:55:d9:1b:b8:3c:0c:4a:18:b6:64:f7: a2:da:fb:c8:d3:70:79:fc:80:16:1d:dd:a6:8e:4f:ea:09:aa: 8b:8a:da:47:07:68:13:4b:2f:4e:b1:5d:c5:ca:c7:19:c7:b9: 27:35:5a:03:c2:fe:a1:8a:91:12:4e:f9:16:07:32:3e:f0:11: b4:1e:f2:16:74:1c:3f:b7:af:c8:94:82:77:52:06:7b:ec:ca: b2:63:31:70:ff:48:28:b1:c8:c2:46:19:3c:ee:68:a9:22:a4: 28:69:1e:25:52:f7:d3:56:46:72:1e:45:96:94:79:cd:86:a4: e1:73:f5:d2:1a:5d:ce:cf:a6:eb:ff:12:20:ec:7e:25:b6:91: 7e:b7:db:9d:0d:4e:a9:a2:a4:e9:39:f0:04:86:69:d3:28:e0: 54:f8:00:8b:4a:a8:3e:52:a3:cc:50:85:3d:2c:f9:eb:b4:e3: c4:2e:a8:22:1d:ee:6b:e3:f0:34:61:d7:0c:05:00:3a:07:90: b4:10:08:f5:d7:6c:1d:89:74:d5:05:34:ac:97:1d:67:9f:a0: b0:ea:63:c2:66:72:99:de:49:0c:2e:0a:79:9b:29:4f:cf:d0: f0:72:2b:21 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUaLPfhszyLjTgOhuom89bQWyenNAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgzMVoX DTI3MDMwMzA2MTMzMVowMzExMC8GA1UEAxMoOTExREYzMzFBQzA5QkZFMEZBQzJB Rjk3RDJDNTcwNzk1NzY3NTgyODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKj2w7IFNvb7GZU3SsRLN6x8zYQl8oSG+UU+6+9tBA8Ppvp/H/jsBou18BHg 4NXo0L6teHJAxV6FLVkJ/uSodq1OQ47b9XwQ5CK0U3OQiUH7m8kAkg0ccTcyvA50 Do72n4vygAscQJZWPPw63W0BQr1/5XWDxmGRDotW7+3onps6NlsO5Jx4Xd3RQhCG KpMRztxRklpdaCVreMGqhvmG08xNdRnKas6zZ49rFKe0fiWP5f1rLvq5G2Z2m7VC 8EZKEfn+v9aqay9+zZQQMIs/rF7zEj8GKMrPyi8T4BMI4AdGlpZPYf61k8fNY6wa 1dZOk1Ad8A5vMzd8KLJ4NKVoGVECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSRHfMx rAm/4PrCr5fSxXB5V2dYKDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzgxMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pIswDQYJKoZIhvcNAQELBQADggEBAFGzc3XSiX8ovMKvvcVo96l+Xtbsbck7FY9V 2Ru4PAxKGLZk96La+8jTcHn8gBYd3aaOT+oJqouK2kcHaBNLL06xXcXKxxnHuSc1 WgPC/qGKkRJO+RYHMj7wEbQe8hZ0HD+3r8iUgndSBnvsyrJjMXD/SCixyMJGGTzu aKkipChpHiVS99NWRnIeRZaUec2GpOFz9dIaXc7Ppuv/EiDsfiW2kX63250NTqmi pOk58ASGadMo4FT4AItKqD5So8xQhT0s+eu048QuqCId7mvj8DRh1wwFADoHkLQQ CPXXbB2JdNUFNKyXHWefoLDqY8JmcpneSQwuCnmbKU/P0PByKyE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:09 2026 by rpki-client