$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143860.roa File: AS143860.roa (raw, json) Hash identifier: heq44DCTUlMQ2sVcTcjAl1q3Ei+ZA3/44W51O2TePnc= Subject key identifier: 64:2D:40:EB:B4:64:DF:3C:77:D6:92:F2:69:FB:7E:4C:8C:8E:F8:16 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3BACA9B12498D5B15539F09C360EAB31FE807FA7 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143860.roa Signing time: Wed 04 Mar 2026 06:14:08 +0000 ROA not before: Wed 04 Mar 2026 06:09:08 +0000 ROA not after: Wed 03 Mar 2027 06:14:08 +0000 asID: 143860 IP address blocks: 240a:a4ba::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:ac:a9:b1:24:98:d5:b1:55:39:f0:9c:36:0e:ab:31:fe:80:7f:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:08 2026 GMT Not After : Mar 3 06:14:08 2027 GMT Subject: CN=642D40EBB464DF3C77D692F269FB7E4C8C8EF816 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:03:ee:5a:10:a8:43:03:80:e6:7c:92:ac:e0: e5:a7:6f:7d:dc:2f:2f:87:1a:79:f7:12:4f:4b:ac: 0a:b4:ea:98:2c:eb:78:26:47:d3:30:6b:bb:f1:4a: 89:04:a1:84:93:aa:95:98:68:6f:37:8a:98:5c:46: a1:cf:73:87:77:cc:30:3b:9f:29:d0:0f:81:fc:9d: 8b:c9:62:0d:ed:f7:78:d0:d3:39:9b:aa:74:17:71: 26:29:f9:19:cd:8c:47:cd:04:8e:1d:d8:1b:81:55: b9:b5:24:7c:a9:14:a3:8c:85:cc:3f:15:14:10:81: 12:ea:1b:3a:ab:5e:96:fd:15:4d:4e:4c:5b:15:d2: 1f:e5:3a:a4:a8:63:62:35:1a:f9:3d:fa:54:7f:98: f8:7f:f2:f1:9f:c4:24:99:f3:44:67:83:07:cf:1d: ed:37:91:f0:06:5c:c0:2b:f6:1f:e0:a6:e6:4d:83: 17:50:23:eb:5c:b2:6e:7e:29:11:c3:87:98:16:2f: 3e:c0:2d:b8:d7:95:96:a9:bd:70:7a:49:fe:60:f3: f3:dc:a4:4d:56:08:e1:62:61:0c:76:c3:6a:67:b6: 8c:83:ff:d2:dd:e8:f5:2c:69:67:b3:e7:11:25:e3: 7c:cb:a4:bd:a3:bd:ee:1c:12:03:fc:2b:0b:6f:f0: 5d:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:2D:40:EB:B4:64:DF:3C:77:D6:92:F2:69:FB:7E:4C:8C:8E:F8:16 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143860.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4ba::/32 Signature Algorithm: sha256WithRSAEncryption b1:6c:82:57:d7:1d:91:99:88:c5:20:52:ce:c8:88:c2:93:7b: 2d:36:8c:44:61:fe:37:87:77:af:dd:87:4c:93:57:0c:6a:bd: 5d:91:62:7b:aa:40:d2:47:06:56:a2:87:ba:e9:b8:19:13:1d: 77:9f:8a:40:0f:5d:b0:91:db:62:60:d1:b9:e7:8f:67:17:71: 84:ee:fb:97:77:29:c5:d6:0d:e8:f0:8c:0c:2a:7d:10:cc:f8: 9a:a5:5d:e1:8f:d6:f5:59:1d:51:2c:31:86:c4:bc:01:7b:2e: a6:96:cc:9e:e2:c7:31:f6:85:ab:94:c0:59:93:4a:28:ca:3c: 6f:4b:95:65:21:bc:7f:43:0a:21:5e:52:c8:94:2f:c8:69:54: e4:af:88:de:52:6a:f4:a2:d5:8e:02:11:31:0f:bc:78:be:55: 53:54:55:1e:30:b4:a9:71:f0:c0:82:89:31:b0:31:d5:ca:6c: a5:40:61:04:d7:ac:00:96:76:20:df:b0:50:6a:5a:c5:76:f5: 68:be:43:b9:82:bb:aa:b7:82:e2:5c:7b:6b:5f:2a:44:fe:91: 6d:ea:3d:f8:6b:f3:68:f5:ea:d9:1c:a4:60:aa:7a:08:43:32: 29:e7:08:62:24:f3:39:49:80:60:6e:f0:5e:76:e4:0f:29:ff: 52:29:07:07 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUO6ypsSSY1bFVOfCcNg6rMf6Af6cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkwOFoX DTI3MDMwMzA2MTQwOFowMzExMC8GA1UEAxMoNjQyRDQwRUJCNDY0REYzQzc3RDY5 MkYyNjlGQjdFNEM4QzhFRjgxNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIwD7loQqEMDgOZ8kqzg5advfdwvL4caefcST0usCrTqmCzreCZH0zBru/FK iQShhJOqlZhobzeKmFxGoc9zh3fMMDufKdAPgfydi8liDe33eNDTOZuqdBdxJin5 Gc2MR80Ejh3YG4FVubUkfKkUo4yFzD8VFBCBEuobOqtelv0VTU5MWxXSH+U6pKhj YjUa+T36VH+Y+H/y8Z/EJJnzRGeDB88d7TeR8AZcwCv2H+Cm5k2DF1Aj61yybn4p EcOHmBYvPsAtuNeVlqm9cHpJ/mDz89ykTVYI4WJhDHbDame2jIP/0t3o9SxpZ7Pn ESXjfMukvaO97hwSA/wrC2/wXZsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRkLUDr tGTfPHfWkvJp+35MjI74FjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzg2MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pLowDQYJKoZIhvcNAQELBQADggEBALFsglfXHZGZiMUgUs7IiMKTey02jERh/jeH d6/dh0yTVwxqvV2RYnuqQNJHBlaih7rpuBkTHXefikAPXbCR22Jg0bnnj2cXcYTu +5d3KcXWDejwjAwqfRDM+JqlXeGP1vVZHVEsMYbEvAF7LqaWzJ7ixzH2hauUwFmT SijKPG9LlWUhvH9DCiFeUsiUL8hpVOSviN5SavSi1Y4CETEPvHi+VVNUVR4wtKlx 8MCCiTGwMdXKbKVAYQTXrACWdiDfsFBqWsV29Wi+Q7mCu6q3guJce2tfKkT+kW3q Pfhr82j16tkcpGCqeghDMinnCGIk8zlJgGBu8F525A8p/1IpBwc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:10 2026 by rpki-client