$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143868.roa File: AS143868.roa (raw, json) Hash identifier: B4lYztYJ8qTzKg9MW7DajISgKBeNOTsfRhfPg2cH9SI= Subject key identifier: 75:64:13:7E:8A:AD:2C:99:60:4B:93:83:B1:69:0F:75:6B:78:6C:7E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2BC79B20E07E6565C2054C9AA88C211DB99909BE Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143868.roa Signing time: Wed 04 Mar 2026 06:14:17 +0000 ROA not before: Wed 04 Mar 2026 06:09:17 +0000 ROA not after: Wed 03 Mar 2027 06:14:17 +0000 asID: 143868 IP address blocks: 240a:a4c2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:c7:9b:20:e0:7e:65:65:c2:05:4c:9a:a8:8c:21:1d:b9:99:09:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:17 2026 GMT Not After : Mar 3 06:14:17 2027 GMT Subject: CN=7564137E8AAD2C99604B9383B1690F756B786C7E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:f2:66:d4:27:30:fc:bc:21:44:8b:b2:2c:52: 0c:df:4d:eb:73:36:38:78:26:ed:7e:40:9f:65:ec: 35:16:b2:e8:47:74:da:ab:9e:05:9b:3c:6f:5d:98: a7:c5:e7:c2:a2:b2:17:e4:ce:fa:8d:f7:c0:c4:4e: d2:66:19:7c:c1:b1:5c:81:1d:6e:b3:2b:c3:46:1a: 03:c7:a7:3c:24:f9:31:df:71:bf:32:43:97:29:16: 52:13:4b:95:fd:c9:87:0c:f0:50:15:f2:6b:76:bc: 70:ab:1f:c5:1c:d1:d3:5c:54:f1:72:48:bd:c0:ac: de:11:d9:00:a8:cc:cc:1c:d1:e6:09:d1:bc:18:b7: fc:3b:ef:4b:68:8a:20:b4:1b:a1:a5:c3:42:3a:c6: 45:d7:ed:51:dc:38:ea:38:04:81:d7:ca:06:5e:16: 49:19:9b:ff:4e:db:23:a5:4d:83:5a:b7:3b:82:62: af:88:54:68:92:35:85:79:1b:33:8d:91:c7:30:17: 9c:9c:ae:07:c2:a0:35:13:25:63:70:21:6d:ad:5d: 67:7a:f5:6f:81:db:17:33:3e:ca:a7:cd:4c:3e:07: ba:ce:4e:25:53:5a:0c:55:92:b7:6e:c3:bb:81:44: a1:83:ce:7f:fb:21:f4:f7:d2:c0:cc:fa:1d:64:20: 5e:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:64:13:7E:8A:AD:2C:99:60:4B:93:83:B1:69:0F:75:6B:78:6C:7E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143868.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4c2::/32 Signature Algorithm: sha256WithRSAEncryption 09:d5:8d:30:24:68:5c:d9:44:85:f0:8d:a1:bc:8c:8b:ca:30: 18:0f:61:f7:61:0b:21:c6:a2:47:bb:09:96:d7:a7:20:a7:4e: 4e:d6:81:d4:60:94:45:8b:d1:9e:90:ab:72:8f:72:1c:7f:b7: 6e:0d:5f:46:dc:12:7c:72:90:75:20:2b:be:8b:c4:b4:7f:44: b8:c6:37:12:7e:58:c8:ff:e0:d8:85:99:64:e4:d2:3c:02:72: d3:b0:5a:20:10:09:27:df:f6:eb:99:b9:d0:94:13:0e:5c:4f: 94:f6:a4:dd:97:f8:88:dc:41:d9:fd:6d:34:96:d3:ab:10:1f: af:30:52:8f:3b:f4:34:63:31:46:23:f1:d1:5e:26:f3:d1:e1: ce:50:3e:89:71:84:6b:2d:b5:b2:ce:9f:11:45:6b:3f:f2:38: 0c:d5:11:8e:41:2a:d3:43:b9:15:e7:d4:59:53:5c:12:d0:43: f9:25:42:b7:71:6f:d2:5e:bf:87:91:e2:83:fa:1e:45:19:3a: af:fa:1b:ba:2d:4b:81:aa:0e:74:b3:a7:67:bd:5d:40:06:61: b4:75:07:46:82:e1:06:f0:37:4d:eb:ea:a1:3f:4a:0a:ef:00: a6:94:d9:d1:bf:6b:28:96:bf:32:7d:88:92:9c:fd:72:06:5b: a5:bd:1d:53 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUK8ebIOB+ZWXCBUyaqIwhHbmZCb4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkxN1oX DTI3MDMwMzA2MTQxN1owMzExMC8GA1UEAxMoNzU2NDEzN0U4QUFEMkM5OTYwNEI5 MzgzQjE2OTBGNzU2Qjc4NkM3RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKjyZtQnMPy8IUSLsixSDN9N63M2OHgm7X5An2XsNRay6Ed02queBZs8b12Y p8XnwqKyF+TO+o33wMRO0mYZfMGxXIEdbrMrw0YaA8enPCT5Md9xvzJDlykWUhNL lf3JhwzwUBXya3a8cKsfxRzR01xU8XJIvcCs3hHZAKjMzBzR5gnRvBi3/DvvS2iK ILQboaXDQjrGRdftUdw46jgEgdfKBl4WSRmb/07bI6VNg1q3O4Jir4hUaJI1hXkb M42RxzAXnJyuB8KgNRMlY3Ahba1dZ3r1b4HbFzM+yqfNTD4Hus5OJVNaDFWSt27D u4FEoYPOf/sh9PfSwMz6HWQgXu8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR1ZBN+ iq0smWBLk4OxaQ91a3hsfjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzg2OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pMIwDQYJKoZIhvcNAQELBQADggEBAAnVjTAkaFzZRIXwjaG8jIvKMBgPYfdhCyHG oke7CZbXpyCnTk7WgdRglEWL0Z6Qq3KPchx/t24NX0bcEnxykHUgK76LxLR/RLjG NxJ+WMj/4NiFmWTk0jwCctOwWiAQCSff9uuZudCUEw5cT5T2pN2X+IjcQdn9bTSW 06sQH68wUo879DRjMUYj8dFeJvPR4c5QPolxhGsttbLOnxFFaz/yOAzVEY5BKtND uRXn1FlTXBLQQ/klQrdxb9Jev4eR4oP6HkUZOq/6G7otS4GqDnSzp2e9XUAGYbR1 B0aC4QbwN03r6qE/SgrvAKaU2dG/ayiWvzJ9iJKc/XIGW6W9HVM= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:16 2026 by rpki-client