$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143870.roa File: AS143870.roa (raw, json) Hash identifier: VYuaN9Z+3/jrseLs5oPB/1Db5bc5W06uanH1gSLQXf8= Subject key identifier: A6:02:7F:6D:AF:A2:7A:AB:DB:B3:3E:F7:85:CA:9E:2C:C0:CE:F7:AE Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 14B1759DE8E9EEFE49A748A5A19661A0ECA4F337 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143870.roa Signing time: Wed 04 Mar 2026 06:14:30 +0000 ROA not before: Wed 04 Mar 2026 06:09:30 +0000 ROA not after: Wed 03 Mar 2027 06:14:30 +0000 asID: 143870 IP address blocks: 240a:a4c4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:b1:75:9d:e8:e9:ee:fe:49:a7:48:a5:a1:96:61:a0:ec:a4:f3:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:30 2026 GMT Not After : Mar 3 06:14:30 2027 GMT Subject: CN=A6027F6DAFA27AABDBB33EF785CA9E2CC0CEF7AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:c0:3a:e3:8c:a6:cb:c6:e6:23:96:eb:2c:39: 3b:2f:1e:60:6a:a0:42:8c:bc:b2:11:d9:a8:00:a7: 8e:78:d4:2a:ac:ca:56:0b:b7:71:8d:15:27:10:d7: 4f:b7:6e:6c:83:dd:bf:a3:c2:4d:ff:e4:8b:9d:aa: 14:0b:9c:6a:8c:76:37:ea:0a:9a:a4:44:7f:dc:06: bd:60:e0:3c:83:a9:34:7a:23:cb:d3:b2:82:d0:a3: 7b:a4:c0:97:4c:7f:6e:be:26:b4:b8:84:f6:0f:56: 00:a0:69:69:a2:61:27:a8:c0:88:57:43:59:db:f7: 09:82:60:ce:54:8e:87:6e:bb:0a:dd:27:58:e4:cc: 7e:33:21:87:60:71:2e:4e:76:5e:4d:52:5b:a4:4f: 84:a8:92:d1:95:7f:96:5d:34:f1:88:8e:7f:51:1f: 3b:3f:34:b7:4a:f5:b9:38:a9:89:2f:b8:5a:44:08: 4b:ab:46:22:2d:ce:1e:7f:6b:9b:f8:be:f1:59:23: de:b7:e8:66:0f:bc:05:41:73:6c:5f:1d:a6:cf:74: d6:b6:71:f1:39:e1:93:59:3a:58:00:f0:24:53:e7: c4:13:ae:f4:cd:61:f1:e2:bb:5e:84:83:1c:9d:47: 68:2f:fb:a3:e0:7c:3f:02:2d:c8:d7:3d:b3:47:ea: 6d:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:02:7F:6D:AF:A2:7A:AB:DB:B3:3E:F7:85:CA:9E:2C:C0:CE:F7:AE X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143870.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4c4::/32 Signature Algorithm: sha256WithRSAEncryption be:f9:f3:1f:e8:e9:cf:fe:0b:8d:5d:1e:62:98:8e:f8:8f:d0: 19:d1:45:d8:95:38:cc:8d:cf:42:da:5f:25:c1:f2:bc:61:52: ef:a5:f7:8e:27:d9:50:bb:21:fb:0a:c6:86:22:25:32:ce:b0: f9:a5:7e:88:cc:72:8d:2a:96:d8:51:85:39:5f:63:f6:9f:58: 2a:c1:ed:c5:69:5b:bf:08:69:82:7f:fd:ec:d4:28:61:b5:d6: ae:6a:75:40:0e:4b:51:7d:bb:e2:b1:d4:2a:ac:cd:91:0c:20: eb:85:92:a1:fb:6a:11:1f:e9:0e:38:c0:0a:b0:7f:c4:ed:5a: 80:b1:27:4f:1b:e0:1d:29:0e:7c:be:56:7b:ec:c2:dd:c0:4e: 0b:17:50:dd:e1:a9:64:bc:9f:33:32:55:38:92:aa:8d:e9:28: 70:9e:5a:14:11:51:4d:ff:10:57:b0:11:54:af:d4:9f:fb:f5: 97:d6:00:09:00:61:c6:4b:f6:6d:94:3e:10:70:e1:cd:1f:d0: b8:62:2a:5b:fd:a5:26:bf:ad:76:7a:af:7f:ff:2c:25:c6:ef: db:a9:b7:a9:b8:88:db:14:06:74:61:68:c7:3e:9a:27:ae:70: 8f:55:61:61:df:5d:9b:a2:e9:87:cc:d7:a3:7d:9c:a7:39:b1: 58:9d:a3:97 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFLF1nejp7v5Jp0iloZZhoOyk8zcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkzMFoX DTI3MDMwMzA2MTQzMFowMzExMC8GA1UEAxMoQTYwMjdGNkRBRkEyN0FBQkRCQjMz RUY3ODVDQTlFMkNDMENFRjdBRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJzAOuOMpsvG5iOW6yw5Oy8eYGqgQoy8shHZqACnjnjUKqzKVgu3cY0VJxDX T7dubIPdv6PCTf/ki52qFAucaox2N+oKmqREf9wGvWDgPIOpNHojy9OygtCje6TA l0x/br4mtLiE9g9WAKBpaaJhJ6jAiFdDWdv3CYJgzlSOh267Ct0nWOTMfjMhh2Bx Lk52Xk1SW6RPhKiS0ZV/ll008YiOf1EfOz80t0r1uTipiS+4WkQIS6tGIi3OHn9r m/i+8Vkj3rfoZg+8BUFzbF8dps901rZx8Tnhk1k6WADwJFPnxBOu9M1h8eK7XoSD HJ1HaC/7o+B8PwItyNc9s0fqbYsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSmAn9t r6J6q9uzPveFyp4swM73rjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzg3MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pMQwDQYJKoZIhvcNAQELBQADggEBAL758x/o6c/+C41dHmKYjviP0BnRRdiVOMyN z0LaXyXB8rxhUu+l944n2VC7IfsKxoYiJTLOsPmlfojMco0qlthRhTlfY/afWCrB 7cVpW78IaYJ//ezUKGG11q5qdUAOS1F9u+Kx1CqszZEMIOuFkqH7ahEf6Q44wAqw f8TtWoCxJ08b4B0pDny+Vnvswt3ATgsXUN3hqWS8nzMyVTiSqo3pKHCeWhQRUU3/ EFewEVSv1J/79ZfWAAkAYcZL9m2UPhBw4c0f0LhiKlv9pSa/rXZ6r3//LCXG79up t6m4iNsUBnRhaMc+mieucI9VYWHfXZui6YfM16N9nKc5sVido5c= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:05 2026 by rpki-client