$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143872.roa File: AS143872.roa (raw, json) Hash identifier: PY/egRyEZ1F9+rAG6MriwGBI5PfKbrZXG4VEuzuwnJg= Subject key identifier: 48:2A:F1:50:5E:CA:AF:D0:65:8D:E2:44:F5:CA:36:84:C6:E3:CA:05 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 38E3175DF1F4B3A3C4CC3079B73AB09C5980F1DC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143872.roa Signing time: Wed 04 Mar 2026 06:15:00 +0000 ROA not before: Wed 04 Mar 2026 06:10:00 +0000 ROA not after: Wed 03 Mar 2027 06:15:00 +0000 asID: 143872 IP address blocks: 240a:a4c6::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:e3:17:5d:f1:f4:b3:a3:c4:cc:30:79:b7:3a:b0:9c:59:80:f1:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:00 2026 GMT Not After : Mar 3 06:15:00 2027 GMT Subject: CN=482AF1505ECAAFD0658DE244F5CA3684C6E3CA05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:26:9e:04:1c:91:25:3b:ab:6d:cf:c5:7d:e7: f8:6c:0e:da:83:32:bc:dd:84:72:a2:73:db:4f:1e: 97:55:49:e2:25:f8:a1:02:18:a7:01:f0:b1:a1:2a: 49:61:e5:d5:98:3c:9a:9e:23:dd:62:10:ff:66:52: 5e:07:2c:eb:ed:0a:29:f8:e2:74:1a:0a:67:9c:59: ea:07:28:bd:3d:a4:a3:e9:df:c6:5e:4f:52:2d:8a: 69:e4:ec:e8:4c:e8:74:2c:01:68:4a:7b:56:f5:a3: 1f:d1:65:a5:cb:26:44:65:f1:78:8b:8d:13:3a:8f: f1:d8:33:6d:de:41:a9:e6:a6:ab:1c:80:cd:5a:b4: 21:2f:84:56:78:59:d0:93:9c:42:61:e7:30:fa:c1: 99:48:2f:71:43:17:86:73:57:22:df:97:68:aa:76: 7f:d6:f7:26:61:7d:85:1d:96:3d:22:4c:41:cc:78: 3c:f2:57:4f:1e:60:f9:4a:db:af:c0:b0:7f:54:d5: 92:3c:4d:54:61:7c:9c:ce:37:60:36:50:cc:48:c2: 0f:8d:6c:31:cf:b5:00:32:02:55:ca:f7:90:cd:1c: 56:8e:33:f9:72:6a:c6:1d:88:4d:5f:a8:77:76:29: 8f:38:72:fc:7b:11:e1:1e:b6:93:cd:ad:ca:66:5c: b1:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:2A:F1:50:5E:CA:AF:D0:65:8D:E2:44:F5:CA:36:84:C6:E3:CA:05 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143872.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4c6::/32 Signature Algorithm: sha256WithRSAEncryption 5d:4b:f9:0f:05:f0:fe:49:dc:81:9c:1a:f6:1a:64:c3:3b:73: eb:3a:7c:2c:d9:9b:57:33:e5:3a:86:8a:f4:c4:e9:d8:05:54: c5:c0:f6:99:a4:e0:ca:1e:78:07:dc:8d:d5:27:e4:5a:28:6c: 39:86:3a:28:4d:07:6d:73:7d:27:0b:24:5f:e4:03:73:b9:14: 13:42:11:a7:1b:31:72:5a:aa:1b:36:e1:c9:ff:53:7e:9d:fc: 8a:c3:8c:7c:56:d0:f6:61:49:9d:a3:ba:f8:58:f0:e3:51:4e: da:0d:21:ba:df:b9:d2:3b:ab:aa:96:ad:77:c4:92:03:86:2e: 34:79:48:c8:c9:5c:0b:54:74:b2:4b:f7:6d:cb:50:44:14:88: ce:3a:dc:10:55:93:6d:f1:f7:8d:14:6d:5e:26:47:fe:7e:37: 15:59:aa:68:26:85:13:9a:26:3c:0e:9a:90:ed:87:04:0c:74: 73:e4:d4:7d:2e:83:ca:c2:38:ea:3e:18:36:ef:87:a1:59:99: 66:ff:94:4a:58:97:a7:69:0e:78:90:44:e7:eb:8a:75:b2:9c: fb:86:ee:f4:31:44:d1:c1:9c:eb:49:7a:46:2d:c6:95:d6:53: 0a:16:a6:44:42:ad:07:06:8a:84:84:38:06:9b:16:75:8f:b0: 35:fe:d4:80 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUOOMXXfH0s6PEzDB5tzqwnFmA8dwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAwMFoX DTI3MDMwMzA2MTUwMFowMzExMC8GA1UEAxMoNDgyQUYxNTA1RUNBQUZEMDY1OERF MjQ0RjVDQTM2ODRDNkUzQ0EwNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKsmngQckSU7q23PxX3n+GwO2oMyvN2EcqJz208el1VJ4iX4oQIYpwHwsaEq SWHl1Zg8mp4j3WIQ/2ZSXgcs6+0KKfjidBoKZ5xZ6gcovT2ko+nfxl5PUi2KaeTs 6EzodCwBaEp7VvWjH9FlpcsmRGXxeIuNEzqP8dgzbd5BqeamqxyAzVq0IS+EVnhZ 0JOcQmHnMPrBmUgvcUMXhnNXIt+XaKp2f9b3JmF9hR2WPSJMQcx4PPJXTx5g+Urb r8Cwf1TVkjxNVGF8nM43YDZQzEjCD41sMc+1ADICVcr3kM0cVo4z+XJqxh2ITV+o d3Ypjzhy/HsR4R62k82tymZcsQUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRIKvFQ Xsqv0GWN4kT1yjaExuPKBTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzg3Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pMYwDQYJKoZIhvcNAQELBQADggEBAF1L+Q8F8P5J3IGcGvYaZMM7c+s6fCzZm1cz 5TqGivTE6dgFVMXA9pmk4MoeeAfcjdUn5FoobDmGOihNB21zfScLJF/kA3O5FBNC EacbMXJaqhs24cn/U36d/IrDjHxW0PZhSZ2juvhY8ONRTtoNIbrfudI7q6qWrXfE kgOGLjR5SMjJXAtUdLJL923LUEQUiM463BBVk23x940UbV4mR/5+NxVZqmgmhROa JjwOmpDthwQMdHPk1H0ug8rCOOo+GDbvh6FZmWb/lEpYl6dpDniQROfrinWynPuG 7vQxRNHBnOtJekYtxpXWUwoWpkRCrQcGioSEOAabFnWPsDX+1IA= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:40 2026 by rpki-client