$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143816.roa File: AS143816.roa (raw, json) Hash identifier: ck4OpCnonDkEdGnV5cxD/fkMAnnQSgoXFIlH9Blut2E= Subject key identifier: 6F:9E:40:2F:72:1B:0A:14:BB:DB:E6:9A:07:03:6C:E2:AD:D8:B7:12 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2DB27E76103819F52CC7B59DA14B498049C8AB38 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143816.roa Signing time: Wed 04 Mar 2026 06:13:01 +0000 ROA not before: Wed 04 Mar 2026 06:08:01 +0000 ROA not after: Wed 03 Mar 2027 06:13:01 +0000 asID: 143816 IP address blocks: 240a:a48e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:b2:7e:76:10:38:19:f5:2c:c7:b5:9d:a1:4b:49:80:49:c8:ab:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:01 2026 GMT Not After : Mar 3 06:13:01 2027 GMT Subject: CN=6F9E402F721B0A14BBDBE69A07036CE2ADD8B712 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:64:ac:34:79:cd:c7:86:aa:e9:a2:f8:98:8f: e5:d5:52:10:38:b3:b3:9a:25:a8:f0:d1:7a:7e:f7: cc:c3:a6:bb:ae:af:e1:5b:e0:c3:63:26:42:33:f9: c5:13:b3:c1:0d:4a:c2:77:d6:ff:d1:50:25:f1:b2: c5:3d:f8:2c:65:04:f3:83:e5:73:11:e7:cd:46:eb: df:a2:16:c9:34:0a:53:e5:4b:1b:2c:bf:7b:86:73: ec:ea:8e:5f:f5:00:46:80:41:01:07:ca:67:23:d6: 42:61:db:08:1c:45:5b:a0:f9:14:d5:c8:df:36:cf: 66:5a:2b:15:74:91:4b:9c:6b:63:9f:99:02:d2:67: ae:64:ca:6f:08:0f:54:2b:ea:5a:9f:07:28:1b:6a: e0:59:6a:15:a4:3e:39:54:da:85:83:1d:d4:30:6b: 52:e4:24:dc:f1:9b:9b:50:a1:71:4c:da:fa:d0:e8: 97:8a:71:73:7a:4c:ce:34:4b:f7:cf:6c:ac:66:ae: cb:9b:20:d4:d0:14:78:1f:d2:04:7a:3f:cd:85:ad: 88:d1:7c:5d:1a:7f:f6:ad:08:d6:dd:f1:1e:ba:5a: 42:c1:ea:b3:f0:b2:97:31:2f:d3:83:28:de:36:e5: ed:4b:e1:0e:f4:f5:c9:4e:6a:59:64:95:5c:9d:c8: 37:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:9E:40:2F:72:1B:0A:14:BB:DB:E6:9A:07:03:6C:E2:AD:D8:B7:12 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143816.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a48e::/32 Signature Algorithm: sha256WithRSAEncryption 42:f6:e4:5e:79:c8:7b:db:72:c2:b5:90:7f:7e:8d:3e:77:fe: 3b:eb:e1:40:eb:7b:51:99:6a:c5:d5:da:f8:9a:47:fb:bb:05: 0b:6e:4e:f6:78:62:48:1d:e9:a7:33:c2:19:dd:ba:78:27:b7: 2b:bd:df:7e:91:99:3a:5f:50:07:de:b6:bf:af:62:0c:9c:65: eb:b0:07:2f:dd:95:4f:52:c7:87:21:77:8c:d2:7d:b7:3c:0e: 13:2f:7b:fb:f6:c6:d5:f6:8e:28:a7:8b:d4:38:a1:79:be:cd: 20:df:1c:e6:bd:22:70:f0:44:69:5b:a0:40:7f:57:f2:ec:a7: 31:c8:c2:14:2f:12:45:72:a4:b3:1d:d9:d0:17:1f:60:e9:47: 38:6b:22:1e:6c:46:e1:03:b2:59:d5:fa:15:38:33:5c:c7:1c: e9:ce:ee:76:5e:d8:7c:ae:b9:f5:8a:ce:bb:24:2a:19:41:6b: 5e:8a:38:09:8a:e5:3a:2f:17:64:e1:9a:ec:d9:65:59:09:8d: 6c:72:62:ec:99:fd:88:09:56:14:f8:0b:31:90:5b:28:1e:72: 66:57:c3:d3:4f:9b:f2:90:49:e3:8a:f5:33:67:e2:17:a8:74: ab:01:97:bb:ff:12:8e:10:7b:14:63:34:d7:c4:87:cd:d8:97: f3:99:ac:b6 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULbJ+dhA4GfUsx7WdoUtJgEnIqzgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgwMVoX DTI3MDMwMzA2MTMwMVowMzExMC8GA1UEAxMoNkY5RTQwMkY3MjFCMEExNEJCREJF NjlBMDcwMzZDRTJBREQ4QjcxMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALVkrDR5zceGqumi+JiP5dVSEDizs5olqPDRen73zMOmu66v4Vvgw2MmQjP5 xROzwQ1KwnfW/9FQJfGyxT34LGUE84PlcxHnzUbr36IWyTQKU+VLGyy/e4Zz7OqO X/UARoBBAQfKZyPWQmHbCBxFW6D5FNXI3zbPZlorFXSRS5xrY5+ZAtJnrmTKbwgP VCvqWp8HKBtq4FlqFaQ+OVTahYMd1DBrUuQk3PGbm1ChcUza+tDol4pxc3pMzjRL 989srGauy5sg1NAUeB/SBHo/zYWtiNF8XRp/9q0I1t3xHrpaQsHqs/CylzEv04Mo 3jbl7UvhDvT1yU5qWWSVXJ3IN0sCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRvnkAv chsKFLvb5poHA2zirdi3EjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzgxNi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pI4wDQYJKoZIhvcNAQELBQADggEBAEL25F55yHvbcsK1kH9+jT53/jvr4UDre1GZ asXV2viaR/u7BQtuTvZ4Ykgd6aczwhndungntyu9336RmTpfUAfetr+vYgycZeuw By/dlU9Sx4chd4zSfbc8DhMve/v2xtX2jiini9Q4oXm+zSDfHOa9InDwRGlboEB/ V/LspzHIwhQvEkVypLMd2dAXH2DpRzhrIh5sRuEDslnV+hU4M1zHHOnO7nZe2Hyu ufWKzrskKhlBa16KOAmK5TovF2ThmuzZZVkJjWxyYuyZ/YgJVhT4CzGQWygecmZX w9NPm/KQSeOK9TNn4heodKsBl7v/Eo4QexRjNNfEh83Yl/OZrLY= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:07 2026 by rpki-client