$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143838.roa File: AS143838.roa (raw, json) Hash identifier: 1K48erFOL1XveuPtjBDHCvx6SMkIBk9p81jByBpcHMo= Subject key identifier: 46:FA:CF:6D:B5:71:F4:6B:41:BF:1B:8B:FA:5F:3B:7C:88:3E:AC:F0 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 47A06E63A005AD81C96681D78BF5F648DD4E90C4 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143838.roa Signing time: Wed 04 Mar 2026 06:13:17 +0000 ROA not before: Wed 04 Mar 2026 06:08:17 +0000 ROA not after: Wed 03 Mar 2027 06:13:17 +0000 asID: 143838 IP address blocks: 240a:a4a4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:a0:6e:63:a0:05:ad:81:c9:66:81:d7:8b:f5:f6:48:dd:4e:90:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:17 2026 GMT Not After : Mar 3 06:13:17 2027 GMT Subject: CN=46FACF6DB571F46B41BF1B8BFA5F3B7C883EACF0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:9c:e3:d9:68:da:54:04:1b:e2:e1:9c:85:38: dc:ba:af:9e:cc:46:e9:cb:cf:69:6b:fa:6e:aa:c9: 10:aa:80:30:36:9f:fb:19:34:56:d8:d5:57:25:27: 16:0b:74:cd:9e:ca:c2:6b:95:3c:d7:94:7f:dc:5a: 69:a0:0c:69:cb:01:1a:c7:b3:90:a5:1e:cb:18:b4: e4:59:88:f2:3c:7b:da:52:ee:b6:63:23:af:6a:d5: 95:0c:82:16:56:26:2f:9c:92:8e:08:41:4a:4a:96: c9:39:f3:e3:11:b8:82:2c:63:ab:5d:9d:bc:16:d8: ca:c8:83:45:97:c7:89:a7:d3:40:66:ee:e5:e0:20: 8a:8c:15:de:7e:70:b7:66:bc:84:68:7f:51:bd:a8: c1:fd:6a:8b:b8:29:dd:9b:d3:b1:c0:06:c8:c5:c8: e0:52:2f:9d:58:cd:93:6e:cd:a0:03:67:f6:73:74: fc:6e:b8:20:4d:72:fd:e5:50:f1:cc:d6:e6:d4:30: f6:84:90:26:cc:77:37:ee:a7:27:b0:ac:0d:5f:21: 8e:21:4e:4f:fd:63:9e:e8:bb:cc:c2:35:71:ba:4f: da:46:25:b5:bf:c1:2e:f5:fe:d9:c6:3b:12:c4:72: 7b:71:09:51:4f:02:e5:92:19:19:cb:96:88:f5:a9: 10:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:FA:CF:6D:B5:71:F4:6B:41:BF:1B:8B:FA:5F:3B:7C:88:3E:AC:F0 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143838.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4a4::/32 Signature Algorithm: sha256WithRSAEncryption 1f:b2:ec:7c:e6:8a:6c:08:eb:85:17:df:c5:4b:8a:e7:61:dc: d3:66:da:1b:56:53:b8:d4:7d:23:19:7c:77:dd:52:c1:0d:40: 43:ec:85:bb:ba:6d:a2:c6:ee:57:9e:48:d5:65:0b:1b:2a:5c: 94:80:b5:6a:91:fa:6c:6d:84:81:95:32:88:5a:90:d7:fd:0a: 5d:a6:be:bb:de:1e:da:01:a9:3d:2b:61:dd:e1:15:50:e5:69: 75:eb:b0:fb:ef:ab:8c:26:ec:da:58:eb:4d:7d:a8:d7:2a:c9: fd:93:9e:db:90:47:48:54:5e:fe:e7:a7:33:d8:e6:4f:07:9c: e3:a0:91:99:fb:14:d1:32:a4:12:21:64:1c:fe:50:ef:e6:a2: 08:3b:6b:00:d8:d9:04:60:8f:66:ab:a4:a9:51:c1:53:12:4f: 13:8f:65:e8:b8:61:c7:17:28:86:99:10:11:9a:99:b4:94:23: 89:b6:e6:9e:7c:f1:6b:37:68:c4:80:d3:2f:71:b9:a0:28:90: 3a:0c:a7:1d:46:3c:3c:48:67:ae:24:8b:e8:be:a1:69:be:98: c7:17:93:16:f8:e5:c4:d6:79:c7:d7:66:5f:e0:d4:15:90:53: fd:9a:eb:fe:e6:9d:4b:ca:08:24:75:f1:f3:f4:66:07:d7:d2: f3:fe:e0:0b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUR6BuY6AFrYHJZoHXi/X2SN1OkMQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgxN1oX DTI3MDMwMzA2MTMxN1owMzExMC8GA1UEAxMoNDZGQUNGNkRCNTcxRjQ2QjQxQkYx QjhCRkE1RjNCN0M4ODNFQUNGMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANWc49lo2lQEG+LhnIU43LqvnsxG6cvPaWv6bqrJEKqAMDaf+xk0VtjVVyUn Fgt0zZ7KwmuVPNeUf9xaaaAMacsBGsezkKUeyxi05FmI8jx72lLutmMjr2rVlQyC FlYmL5ySjghBSkqWyTnz4xG4gixjq12dvBbYysiDRZfHiafTQGbu5eAgiowV3n5w t2a8hGh/Ub2owf1qi7gp3ZvTscAGyMXI4FIvnVjNk27NoANn9nN0/G64IE1y/eVQ 8czW5tQw9oSQJsx3N+6nJ7CsDV8hjiFOT/1jnui7zMI1cbpP2kYltb/BLvX+2cY7 EsRye3EJUU8C5ZIZGcuWiPWpEAMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRG+s9t tXH0a0G/G4v6Xzt8iD6s8DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzgzOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pKQwDQYJKoZIhvcNAQELBQADggEBAB+y7HzmimwI64UX38VLiudh3NNm2htWU7jU fSMZfHfdUsENQEPshbu6baLG7leeSNVlCxsqXJSAtWqR+mxthIGVMohakNf9Cl2m vrveHtoBqT0rYd3hFVDlaXXrsPvvq4wm7NpY6019qNcqyf2TntuQR0hUXv7npzPY 5k8HnOOgkZn7FNEypBIhZBz+UO/mogg7awDY2QRgj2arpKlRwVMSTxOPZei4YccX KIaZEBGambSUI4m25p588Ws3aMSA0y9xuaAokDoMpx1GPDxIZ64ki+i+oWm+mMcX kxb45cTWecfXZl/g1BWQU/2a6/7mnUvKCCR18fP0ZgfX0vP+4As= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:40 2026 by rpki-client