$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143817.roa File: AS143817.roa (raw, json) Hash identifier: xxubSz48/7UAsf58iF73dSmRaB9rKOtmPlqLEYb26Bs= Subject key identifier: D1:92:F9:D9:25:1C:AF:52:BB:6A:C5:3C:BC:06:77:53:DC:6B:C0:81 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 057D13012E60101A5946392DD8FBB718C8FE2622 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143817.roa Signing time: Wed 04 Mar 2026 06:14:19 +0000 ROA not before: Wed 04 Mar 2026 06:09:19 +0000 ROA not after: Wed 03 Mar 2027 06:14:19 +0000 asID: 143817 IP address blocks: 240a:a48f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:7d:13:01:2e:60:10:1a:59:46:39:2d:d8:fb:b7:18:c8:fe:26:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:19 2026 GMT Not After : Mar 3 06:14:19 2027 GMT Subject: CN=D192F9D9251CAF52BB6AC53CBC067753DC6BC081 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:24:36:e7:15:d8:86:73:96:f2:4e:79:48:87: 7a:c8:de:eb:68:da:5b:87:47:0e:79:b5:92:bb:d7: dc:0f:0c:c9:39:e8:49:4f:bd:7b:68:d9:5d:26:e6: 9e:f6:ba:30:17:d5:6b:a8:3b:20:27:55:26:a1:0c: 61:e9:49:b2:28:0c:34:3d:e0:e7:7c:1b:d9:14:57: 7b:c6:8d:9f:fd:62:9d:bc:f6:15:4e:d7:6b:01:2a: f5:75:e6:d7:5a:fb:41:10:ac:0a:f2:2c:4c:73:35: 98:05:86:d0:ac:dc:38:8f:32:53:79:b2:9e:89:04: 23:47:d8:d1:28:2e:bf:26:af:4d:d8:6f:cd:af:18: d0:a1:f8:24:76:24:d4:d4:d9:f3:5a:f1:43:f8:0c: 58:7c:79:65:cd:73:cf:f9:6b:30:e9:9f:2f:22:d6: 85:82:f9:3f:ae:fb:04:82:de:dd:00:e0:a3:39:e4: 26:11:e0:32:ef:d8:57:84:08:33:bb:4a:32:06:67: cc:c1:29:f1:8b:53:8e:d1:ac:88:8d:8a:f4:e9:48: d8:5a:03:0c:39:5c:c9:0a:4f:0a:5d:2f:fa:45:f8: 05:a0:8e:79:0e:fb:de:77:a2:ee:34:48:8e:db:a2: ed:87:c4:78:4b:f7:5d:07:92:ab:f2:93:8e:af:7d: fd:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:92:F9:D9:25:1C:AF:52:BB:6A:C5:3C:BC:06:77:53:DC:6B:C0:81 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143817.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a48f::/32 Signature Algorithm: sha256WithRSAEncryption b8:b6:1d:75:26:bc:8b:b9:e0:a8:eb:5f:02:db:fa:b7:30:11: 37:55:c5:fb:4e:c1:a8:ee:31:df:0c:37:0c:48:ab:f5:55:2a: f2:ae:0c:5c:8a:f6:12:56:ec:53:23:46:3f:58:dc:1a:be:5e: 56:cb:01:5b:13:fd:8d:c0:67:e9:82:e0:fc:56:5f:9e:75:27: d0:2e:b8:d6:97:00:e3:41:33:83:b2:e9:c7:cc:7a:c0:97:67: 64:11:79:88:dd:4d:cb:b2:03:c1:d8:b0:94:23:86:c1:47:8a: fc:cd:cb:f1:4c:6e:c7:cc:35:db:74:01:fd:9f:94:45:61:20: 33:3a:a8:34:8f:0f:67:3e:7b:3e:17:cd:66:5e:b6:82:a6:3e: bd:04:28:9c:de:af:44:36:df:47:21:62:93:4b:e3:8c:61:e1: ac:da:b9:a3:4c:b6:e6:04:4b:3e:34:5b:17:8c:c2:f4:e6:a5: 2a:f5:ab:34:02:47:33:27:4a:ac:ee:45:b4:15:01:1e:ff:1d: 2c:74:eb:e7:a8:12:be:e8:5e:33:83:53:bf:8a:fa:70:6a:ed: 21:8b:99:a3:59:3e:e3:74:ed:96:4b:80:b5:dd:d7:45:3d:ac: 5a:b4:e9:9a:f0:84:e7:b9:0b:77:71:cb:42:2f:46:1c:93:c4: 3d:11:f0:db -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBX0TAS5gEBpZRjkt2Pu3GMj+JiIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkxOVoX DTI3MDMwMzA2MTQxOVowMzExMC8GA1UEAxMoRDE5MkY5RDkyNTFDQUY1MkJCNkFD NTNDQkMwNjc3NTNEQzZCQzA4MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALAkNucV2IZzlvJOeUiHesje62jaW4dHDnm1krvX3A8MyTnoSU+9e2jZXSbm nva6MBfVa6g7ICdVJqEMYelJsigMND3g53wb2RRXe8aNn/1inbz2FU7XawEq9XXm 11r7QRCsCvIsTHM1mAWG0KzcOI8yU3mynokEI0fY0SguvyavTdhvza8Y0KH4JHYk 1NTZ81rxQ/gMWHx5Zc1zz/lrMOmfLyLWhYL5P677BILe3QDgoznkJhHgMu/YV4QI M7tKMgZnzMEp8YtTjtGsiI2K9OlI2FoDDDlcyQpPCl0v+kX4BaCOeQ773nei7jRI jtui7YfEeEv3XQeSq/KTjq99/cECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTRkvnZ JRyvUrtqxTy8BndT3GvAgTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzgxNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pI8wDQYJKoZIhvcNAQELBQADggEBALi2HXUmvIu54KjrXwLb+rcwETdVxftOwaju Md8MNwxIq/VVKvKuDFyK9hJW7FMjRj9Y3Bq+XlbLAVsT/Y3AZ+mC4PxWX551J9Au uNaXAONBM4Oy6cfMesCXZ2QReYjdTcuyA8HYsJQjhsFHivzNy/FMbsfMNdt0Af2f lEVhIDM6qDSPD2c+ez4XzWZetoKmPr0EKJzer0Q230chYpNL44xh4azauaNMtuYE Sz40WxeMwvTmpSr1qzQCRzMnSqzuRbQVAR7/HSx06+eoEr7oXjODU7+K+nBq7SGL maNZPuN07ZZLgLXd10U9rFq06ZrwhOe5C3dxy0IvRhyTxD0R8Ns= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:49 2026 by rpki-client