$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143857.roa File: AS143857.roa (raw, json) Hash identifier: VK9kVlQLsGCKHEomrdhTM+JiYUbhhqGbL3g9Bditw/w= Subject key identifier: FE:18:7F:C9:30:51:CA:D8:18:BE:77:7B:D7:97:B1:B1:A3:04:E3:6C Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 218806521BFE27426559A03AA315BEC22666B7CE Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143857.roa Signing time: Wed 04 Mar 2026 06:13:50 +0000 ROA not before: Wed 04 Mar 2026 06:08:50 +0000 ROA not after: Wed 03 Mar 2027 06:13:50 +0000 asID: 143857 IP address blocks: 240a:a4b7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:88:06:52:1b:fe:27:42:65:59:a0:3a:a3:15:be:c2:26:66:b7:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:50 2026 GMT Not After : Mar 3 06:13:50 2027 GMT Subject: CN=FE187FC93051CAD818BE777BD797B1B1A304E36C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:46:9b:66:5c:8c:ac:aa:9f:54:cd:f1:be:ec: 90:f3:3c:3c:ac:14:42:94:86:33:33:43:e2:11:5a: 2e:0a:a7:4a:d5:b3:ea:ce:91:9f:21:f9:2a:a9:8d: 6c:6f:81:f7:54:7b:d8:1b:1f:bd:91:52:74:2b:8e: 76:82:4a:d9:6a:c5:7b:87:83:3a:01:fa:dc:f4:71: 2b:cf:97:7d:ef:e1:7f:b0:af:0c:f5:c2:e2:88:9b: dd:b7:e7:85:50:e2:49:9a:fc:07:34:a2:30:d8:ea: d0:1a:63:a1:87:0d:02:0b:ed:42:b2:21:67:23:12: d6:b5:21:eb:ab:ed:59:d8:d8:ea:22:21:30:8f:13: 31:a9:9f:14:e3:d1:1c:31:e8:04:7e:9e:a8:49:68: 82:61:dd:63:ae:37:d0:3d:12:b6:ca:26:59:34:6d: 56:fe:c0:60:95:e3:17:f9:d0:03:0e:a2:68:7c:d0: fc:41:21:84:ba:8f:39:4c:78:d3:ca:3d:32:47:7f: 06:21:6f:2f:70:94:8c:44:36:31:14:17:2b:67:1d: 26:ae:d9:8a:e0:64:98:89:fe:97:f9:3d:e1:8c:c9: 81:3d:f9:52:8b:b2:13:ac:9d:85:d9:57:ab:2f:f7: 63:d8:41:93:d5:a4:6b:8e:22:ac:92:7c:a8:b9:5d: d4:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:18:7F:C9:30:51:CA:D8:18:BE:77:7B:D7:97:B1:B1:A3:04:E3:6C X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143857.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4b7::/32 Signature Algorithm: sha256WithRSAEncryption c6:16:e0:98:6b:25:b8:82:51:34:9f:04:f7:35:38:67:dc:b2: 2f:31:35:c0:2e:8f:52:82:84:60:1d:05:12:96:68:1c:ac:5b: 74:9b:17:a6:59:40:e4:3b:12:68:66:c6:cd:c4:4e:ee:7f:70: 40:83:8e:a8:ed:0f:9f:b7:fc:89:84:c6:4e:4e:b5:d1:bd:e5: 49:3f:b8:56:b5:c6:ba:98:c5:a8:38:72:fc:cd:03:04:53:47: a9:55:47:64:0a:53:7c:f1:a9:b8:bd:50:80:19:f4:fb:b1:a3: 7c:2a:22:30:c8:c2:57:0b:12:09:43:42:cc:6d:3f:6e:f8:14: d2:47:df:71:e9:f0:b0:55:a3:74:ba:0b:56:b6:e4:c5:4d:f3: 64:bb:01:7e:03:8e:56:68:2f:80:c3:41:f6:3d:4b:8a:58:9a: 77:48:eb:68:4f:58:8f:a6:c5:f9:19:42:4e:8f:ac:c0:ec:b3: 04:d7:2a:9b:0c:99:94:c0:c0:20:8b:da:8c:ea:bf:2f:99:32: d1:5c:fe:62:70:17:01:33:6f:2d:48:1b:1a:dc:96:89:93:76: 76:be:61:f2:4e:4e:06:5c:be:5e:4f:04:9c:b1:be:b8:2c:14: 7c:44:56:2f:28:51:1f:7c:cf:cb:6c:03:e4:be:c1:9d:ee:91: a2:2b:42:8f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUIYgGUhv+J0JlWaA6oxW+wiZmt84wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDg1MFoX DTI3MDMwMzA2MTM1MFowMzExMC8GA1UEAxMoRkUxODdGQzkzMDUxQ0FEODE4QkU3 NzdCRDc5N0IxQjFBMzA0RTM2QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALNGm2ZcjKyqn1TN8b7skPM8PKwUQpSGMzND4hFaLgqnStWz6s6RnyH5KqmN bG+B91R72BsfvZFSdCuOdoJK2WrFe4eDOgH63PRxK8+Xfe/hf7CvDPXC4oib3bfn hVDiSZr8BzSiMNjq0BpjoYcNAgvtQrIhZyMS1rUh66vtWdjY6iIhMI8TMamfFOPR HDHoBH6eqElogmHdY6430D0StsomWTRtVv7AYJXjF/nQAw6iaHzQ/EEhhLqPOUx4 08o9Mkd/BiFvL3CUjEQ2MRQXK2cdJq7ZiuBkmIn+l/k94YzJgT35UouyE6ydhdlX qy/3Y9hBk9Wka44irJJ8qLld1PkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT+GH/J MFHK2Bi+d3vXl7GxowTjbDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzg1Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pLcwDQYJKoZIhvcNAQELBQADggEBAMYW4JhrJbiCUTSfBPc1OGfcsi8xNcAuj1KC hGAdBRKWaBysW3SbF6ZZQOQ7Emhmxs3ETu5/cECDjqjtD5+3/ImExk5OtdG95Uk/ uFa1xrqYxag4cvzNAwRTR6lVR2QKU3zxqbi9UIAZ9Puxo3wqIjDIwlcLEglDQsxt P274FNJH33Hp8LBVo3S6C1a25MVN82S7AX4DjlZoL4DDQfY9S4pYmndI62hPWI+m xfkZQk6PrMDsswTXKpsMmZTAwCCL2ozqvy+ZMtFc/mJwFwEzby1IGxrclomTdna+ YfJOTgZcvl5PBJyxvrgsFHxEVi8oUR98z8tsA+S+wZ3ukaIrQo8= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:56 2026 by rpki-client