$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143847.roa File: AS143847.roa (raw, json) Hash identifier: k7KDWsupmPl5Xfs9qvDTxtvnvp74NvPf66VKfXIaE9Y= Subject key identifier: 23:1B:FB:B0:45:BD:AF:99:4A:3F:85:DB:AE:0A:AD:9D:31:8F:E7:7A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5AA00399E19DD003BB10BAED1641D22C1347CA9F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143847.roa Signing time: Wed 04 Mar 2026 06:13:11 +0000 ROA not before: Wed 04 Mar 2026 06:08:11 +0000 ROA not after: Wed 03 Mar 2027 06:13:11 +0000 asID: 143847 IP address blocks: 240a:a4ad::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:a0:03:99:e1:9d:d0:03:bb:10:ba:ed:16:41:d2:2c:13:47:ca:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:11 2026 GMT Not After : Mar 3 06:13:11 2027 GMT Subject: CN=231BFBB045BDAF994A3F85DBAE0AAD9D318FE77A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:06:ed:b5:6c:95:2c:d4:1b:14:68:e9:d0:33: 19:4e:13:f2:24:da:c9:ad:44:ba:0b:98:33:92:3a: f9:97:57:f6:34:45:11:31:58:cc:56:07:ed:ac:a7: 02:30:fb:39:90:37:8d:40:7b:2d:96:2a:5e:f4:f1: 6d:6a:5a:97:a2:54:d4:29:23:a9:cc:84:eb:aa:d2: dc:2a:89:2c:8f:98:d6:08:78:e3:44:93:c9:04:79: 23:45:df:14:14:8a:38:07:39:72:c9:c5:7e:b7:d0: 9c:8e:0a:da:58:db:6c:20:3a:c0:77:49:b0:c3:25: 7e:88:6b:07:17:41:a8:b3:b9:3b:58:d7:58:78:7e: 8e:4e:5d:58:15:f1:2f:82:74:be:4d:b4:63:c9:84: e1:19:fa:0d:eb:73:6a:7a:38:92:56:8b:63:3e:27: f0:cc:f0:dd:6e:31:8a:b8:de:24:cc:90:e8:e6:d4: c7:1c:2a:40:7b:e4:01:31:2f:b0:d0:01:88:cb:e3: 0b:63:56:46:11:4c:24:e9:72:f4:b5:d1:d2:8e:35: 0a:a9:58:a3:f2:32:3a:e0:9e:93:2e:9e:04:41:ec: 38:f2:e4:f8:a4:cc:9a:0c:4d:d3:8a:09:a2:d3:75: 1a:79:9a:a4:80:fa:b8:a6:84:a0:08:14:43:fc:a5: dd:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:1B:FB:B0:45:BD:AF:99:4A:3F:85:DB:AE:0A:AD:9D:31:8F:E7:7A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143847.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4ad::/32 Signature Algorithm: sha256WithRSAEncryption a4:a2:22:5b:41:04:79:4c:83:80:7e:32:47:79:a6:c0:2b:e4: 87:b4:9c:0a:b1:de:ba:ac:34:4c:47:14:1e:f0:21:78:dd:c4: 8e:c0:a2:ed:eb:0f:fd:00:89:61:2b:2d:f9:c9:ad:62:af:9e: 00:ab:6c:eb:f0:1f:f7:11:7e:dc:b4:d0:46:03:61:f1:40:11: 8a:32:c0:00:d7:71:e8:8c:fb:7b:3c:50:dd:d3:cc:7d:bd:f5: 97:25:49:97:da:06:34:b5:63:48:15:d8:5e:f3:1a:c1:57:f3: a1:e7:59:56:dd:1a:02:d1:ba:c7:66:e9:43:23:a2:b5:b7:07: c3:dd:4a:a9:16:63:4c:41:3f:63:1d:ac:81:8a:13:e1:36:1c: 9c:5e:2e:22:f8:84:0d:70:27:a0:dc:7f:6a:35:be:89:f9:81: b5:a4:ea:3f:89:7a:0d:4d:2f:d0:ef:0a:df:4d:33:60:68:c6: 85:39:c0:4e:cd:fc:e7:42:7a:e2:64:4b:81:04:dc:5e:f9:ba: d7:5f:cf:df:bb:42:d6:7e:17:d9:3c:d0:e5:f8:59:ae:5f:10: 23:ac:74:d1:d3:f0:6e:8e:0b:22:62:75:76:d4:ed:e1:c3:40: cb:01:d2:74:ab:45:73:a3:41:4e:41:43:ce:2b:3b:df:f1:bf: 4b:6e:a0:e2 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWqADmeGd0AO7ELrtFkHSLBNHyp8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgxMVoX DTI3MDMwMzA2MTMxMVowMzExMC8GA1UEAxMoMjMxQkZCQjA0NUJEQUY5OTRBM0Y4 NURCQUUwQUFEOUQzMThGRTc3QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANEG7bVslSzUGxRo6dAzGU4T8iTaya1EuguYM5I6+ZdX9jRFETFYzFYH7ayn AjD7OZA3jUB7LZYqXvTxbWpal6JU1CkjqcyE66rS3CqJLI+Y1gh440STyQR5I0Xf FBSKOAc5csnFfrfQnI4K2ljbbCA6wHdJsMMlfohrBxdBqLO5O1jXWHh+jk5dWBXx L4J0vk20Y8mE4Rn6Detzano4klaLYz4n8Mzw3W4xirjeJMyQ6ObUxxwqQHvkATEv sNABiMvjC2NWRhFMJOly9LXR0o41CqlYo/IyOuCeky6eBEHsOPLk+KTMmgxN04oJ otN1GnmapID6uKaEoAgUQ/yl3YUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQjG/uw Rb2vmUo/hduuCq2dMY/nejAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzg0Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pK0wDQYJKoZIhvcNAQELBQADggEBAKSiIltBBHlMg4B+Mkd5psAr5Ie0nAqx3rqs NExHFB7wIXjdxI7Aou3rD/0AiWErLfnJrWKvngCrbOvwH/cRfty00EYDYfFAEYoy wADXceiM+3s8UN3TzH299ZclSZfaBjS1Y0gV2F7zGsFX86HnWVbdGgLRusdm6UMj orW3B8PdSqkWY0xBP2MdrIGKE+E2HJxeLiL4hA1wJ6Dcf2o1von5gbWk6j+Jeg1N L9DvCt9NM2BoxoU5wE7N/OdCeuJkS4EE3F75utdfz9+7QtZ+F9k80OX4Wa5fECOs dNHT8G6OCyJidXbU7eHDQMsB0nSrRXOjQU5BQ84rO9/xv0tuoOI= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:02 2026 by rpki-client