$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143822.roa File: AS143822.roa (raw, json) Hash identifier: GTjt+13nQ+p3vuf/ub2pfNx5gWy7HOJYet2w4g3X8dY= Subject key identifier: 06:16:D7:29:80:1A:15:1D:97:0A:37:ED:89:DE:FC:5D:A1:55:DF:84 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4D38B470F1AC32EA0559962332A512683A29A7D2 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143822.roa Signing time: Wed 04 Mar 2026 06:15:37 +0000 ROA not before: Wed 04 Mar 2026 06:10:37 +0000 ROA not after: Wed 03 Mar 2027 06:15:37 +0000 asID: 143822 IP address blocks: 240a:a494::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:38:b4:70:f1:ac:32:ea:05:59:96:23:32:a5:12:68:3a:29:a7:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:37 2026 GMT Not After : Mar 3 06:15:37 2027 GMT Subject: CN=0616D729801A151D970A37ED89DEFC5DA155DF84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:16:95:3c:88:fc:8d:0c:bb:43:12:bf:6d:ea: a0:1e:47:a7:56:f3:07:dc:06:58:fa:3c:37:10:40: 2f:a3:2a:f6:a1:9c:1a:6b:48:7a:0d:11:ee:05:2e: 8e:65:f2:40:49:90:65:0c:36:32:ce:33:c1:11:fc: 2c:39:df:ac:e5:c5:5c:5c:a9:60:7a:34:e1:9d:36: 19:52:7e:c7:be:96:98:05:1e:15:2f:ef:e3:2f:69: 2c:67:ce:59:70:8d:d0:93:17:f3:2e:0c:bb:32:b4: dc:eb:4b:70:b8:69:af:be:6b:ff:aa:eb:b9:63:56: 18:98:dc:4d:ca:40:2d:07:a1:97:ea:82:39:9a:bd: 11:af:d0:9a:02:c3:e1:0d:5d:9e:8e:3f:c7:1f:0d: 32:d8:92:fd:93:14:5d:f7:43:34:2d:02:0d:a0:0b: 06:87:00:8e:23:ef:ef:f4:f0:7f:b5:dc:c8:33:ca: bf:dc:7d:52:a7:e5:01:83:fc:2f:82:1f:6c:10:f8: c2:8f:c6:7c:dd:be:ba:9b:36:46:65:c2:be:3e:c1: d4:a5:01:e5:06:2f:0c:9d:fa:48:25:5c:8d:17:96: 8b:59:e0:23:4c:ac:28:b9:b7:ae:f5:04:33:b5:7e: 70:c7:0b:70:6d:df:47:8a:b2:05:a5:01:f1:8d:3c: 40:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:16:D7:29:80:1A:15:1D:97:0A:37:ED:89:DE:FC:5D:A1:55:DF:84 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143822.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a494::/32 Signature Algorithm: sha256WithRSAEncryption 9c:24:a5:4b:f7:df:03:5a:6f:41:71:8c:9f:25:82:4f:20:15: b8:01:36:da:80:60:0f:c5:42:ec:53:11:e6:da:66:86:e7:44: d4:c7:5a:b7:81:f0:4c:ec:ea:e4:c9:ab:b4:8d:21:7c:f2:44: 86:fe:a3:39:24:67:c4:58:62:6b:a3:5f:2f:c9:1a:68:28:ea: 32:ee:f0:9a:b1:7e:5c:92:11:44:bb:3c:53:3a:ef:c3:d9:d5: fe:4d:fe:dc:24:62:ff:82:bf:0f:c0:3f:b3:15:c4:e9:cc:69: d6:85:fe:d6:fe:e0:47:e2:e7:6b:2c:0e:37:fc:c8:70:d0:e5: f0:64:38:d7:18:c1:9a:a2:85:99:62:16:a0:7b:7f:f9:b8:6f: 55:c8:f8:c7:c6:eb:f5:bf:eb:7f:c4:f5:36:5a:92:19:61:a8: 8f:20:61:35:8f:8f:12:25:ed:0a:06:75:fc:eb:d7:3b:c5:0d: 5b:aa:fc:7d:7b:98:66:33:ab:fa:c0:e4:5d:bc:9d:f5:63:88: 61:a1:10:96:c1:c5:9d:74:ef:57:0f:17:ff:52:f0:df:d5:66: e2:76:44:a0:bf:1e:69:23:c1:9b:89:08:c3:b8:2a:d7:af:52: 95:8c:82:7f:4e:6e:e1:6f:7e:6d:f4:c7:e9:31:bf:bd:0e:e3: fd:73:44:e3 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTTi0cPGsMuoFWZYjMqUSaDopp9IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAzN1oX DTI3MDMwMzA2MTUzN1owMzExMC8GA1UEAxMoMDYxNkQ3Mjk4MDFBMTUxRDk3MEEz N0VEODlERUZDNURBMTU1REY4NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALwWlTyI/I0Mu0MSv23qoB5Hp1bzB9wGWPo8NxBAL6Mq9qGcGmtIeg0R7gUu jmXyQEmQZQw2Ms4zwRH8LDnfrOXFXFypYHo04Z02GVJ+x76WmAUeFS/v4y9pLGfO WXCN0JMX8y4MuzK03OtLcLhpr75r/6rruWNWGJjcTcpALQehl+qCOZq9Ea/QmgLD 4Q1dno4/xx8NMtiS/ZMUXfdDNC0CDaALBocAjiPv7/Twf7XcyDPKv9x9UqflAYP8 L4IfbBD4wo/GfN2+ups2RmXCvj7B1KUB5QYvDJ36SCVcjReWi1ngI0ysKLm3rvUE M7V+cMcLcG3fR4qyBaUB8Y08QBsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQGFtcp gBoVHZcKN+2J3vxdoVXfhDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzgyMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pJQwDQYJKoZIhvcNAQELBQADggEBAJwkpUv33wNab0FxjJ8lgk8gFbgBNtqAYA/F QuxTEebaZobnRNTHWreB8Ezs6uTJq7SNIXzyRIb+ozkkZ8RYYmujXy/JGmgo6jLu 8JqxflySEUS7PFM678PZ1f5N/twkYv+Cvw/AP7MVxOnMadaF/tb+4Efi52ssDjf8 yHDQ5fBkONcYwZqihZliFqB7f/m4b1XI+MfG6/W/63/E9TZakhlhqI8gYTWPjxIl 7QoGdfzr1zvFDVuq/H17mGYzq/rA5F28nfVjiGGhEJbBxZ1071cPF/9S8N/VZuJ2 RKC/HmkjwZuJCMO4KtevUpWMgn9ObuFvfm30x+kxv70O4/1zROM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:39 2026 by rpki-client