$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143873.roa File: AS143873.roa (raw, json) Hash identifier: 2M9vs9Yl40XS5/a6Inuwd2FpIexN7vouF+2fZJggzvI= Subject key identifier: BB:04:27:12:7A:45:CD:B4:73:05:A6:0D:E9:E0:3A:D8:9C:1A:34:22 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 667771F94DA91A47B1EAD436F70876A2A502A712 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143873.roa Signing time: Wed 04 Mar 2026 06:13:56 +0000 ROA not before: Wed 04 Mar 2026 06:08:56 +0000 ROA not after: Wed 03 Mar 2027 06:13:56 +0000 asID: 143873 IP address blocks: 240a:a4c7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:77:71:f9:4d:a9:1a:47:b1:ea:d4:36:f7:08:76:a2:a5:02:a7:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:56 2026 GMT Not After : Mar 3 06:13:56 2027 GMT Subject: CN=BB0427127A45CDB47305A60DE9E03AD89C1A3422 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:3f:1c:24:c6:f4:33:e6:09:19:71:29:32:8c: 7d:35:ce:e7:12:d0:8d:85:8d:d4:13:8d:6d:44:de: 8a:6b:a5:1b:19:c4:9a:a7:d2:c4:76:71:b4:8c:ab: bd:de:f9:6b:58:9b:1f:53:f3:6a:36:bb:96:aa:11: 72:4f:da:4b:2e:bc:1b:12:3e:9d:27:90:c6:b7:49: 25:82:7d:92:f2:af:49:a0:0a:87:bb:a9:cb:57:13: 3b:81:14:a3:4e:82:23:91:47:73:64:42:da:71:70: 7c:4b:ec:e9:76:6a:c1:ba:43:5a:51:16:0d:62:71: c4:86:e7:fe:36:91:32:1e:02:14:03:9a:fc:63:8a: 3c:fb:d3:d1:b1:54:c1:4a:c8:2a:e8:54:23:c8:b9: 06:d4:22:f4:95:f2:76:2d:86:db:a9:a1:69:4f:b5: bb:de:a1:10:24:60:ae:5b:37:2c:eb:2e:7e:14:0f: e8:55:c9:6a:51:48:99:fc:fc:1f:29:fa:cf:02:09: 8d:d5:c8:56:11:3d:9c:8c:b7:75:b0:18:55:3a:39: 37:7d:bf:99:08:e4:91:9a:7b:d3:48:98:14:c6:9f: a6:d1:8b:5d:d5:5e:88:2f:cf:49:99:1f:e5:8e:39: c0:19:b2:36:3b:32:40:13:d1:d3:0e:1d:bf:16:62: e4:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:04:27:12:7A:45:CD:B4:73:05:A6:0D:E9:E0:3A:D8:9C:1A:34:22 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143873.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4c7::/32 Signature Algorithm: sha256WithRSAEncryption 64:03:e8:da:9e:d1:3f:4a:d1:72:c4:e0:23:ff:8d:34:74:a7: 23:0f:10:81:73:4f:e5:77:46:8e:11:b5:06:a3:91:da:6c:b7: 87:eb:96:93:cb:1f:9c:1e:1e:74:5d:cc:4a:eb:63:a1:9b:48: 75:8b:6a:a3:13:cf:94:23:6f:af:2f:1a:2c:29:57:cb:bb:86: 9c:1e:ae:07:53:d7:b8:1c:ca:47:33:b4:c2:b6:49:66:00:ba: 62:3e:4a:de:41:90:cc:a4:81:f6:46:20:22:00:2f:15:fe:cb: 66:db:19:1f:01:b4:d5:8f:65:dd:d0:b6:2e:87:c1:1d:ed:61: dc:c8:7a:1b:ca:8b:18:8b:cc:66:f9:e9:6b:94:23:f7:bc:e6: 1f:a3:ea:e2:8f:49:e5:27:7c:d2:e3:25:61:55:56:50:cd:01: 79:f6:44:e6:f6:d5:5c:7d:49:b8:99:24:7b:c1:cb:32:57:9b: 7d:aa:d5:3a:49:cc:20:73:21:79:79:5b:11:7e:f2:52:01:55: a2:38:b6:73:62:de:76:59:64:22:13:ae:b2:cf:43:f5:3d:da: 98:eb:da:90:4c:bc:2c:88:c7:31:08:37:5d:de:45:7a:92:e1: 02:26:f4:02:4a:24:68:06:68:74:98:fe:70:87:04:70:fb:6f: 08:4c:65:54 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUZndx+U2pGkex6tQ29wh2oqUCpxIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDg1NloX DTI3MDMwMzA2MTM1NlowMzExMC8GA1UEAxMoQkIwNDI3MTI3QTQ1Q0RCNDczMDVB NjBERTlFMDNBRDg5QzFBMzQyMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI0/HCTG9DPmCRlxKTKMfTXO5xLQjYWN1BONbUTeimulGxnEmqfSxHZxtIyr vd75a1ibH1Pzaja7lqoRck/aSy68GxI+nSeQxrdJJYJ9kvKvSaAKh7upy1cTO4EU o06CI5FHc2RC2nFwfEvs6XZqwbpDWlEWDWJxxIbn/jaRMh4CFAOa/GOKPPvT0bFU wUrIKuhUI8i5BtQi9JXydi2G26mhaU+1u96hECRgrls3LOsufhQP6FXJalFImfz8 Hyn6zwIJjdXIVhE9nIy3dbAYVTo5N32/mQjkkZp700iYFMafptGLXdVeiC/PSZkf 5Y45wBmyNjsyQBPR0w4dvxZi5KECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS7BCcS ekXNtHMFpg3p4DrYnBo0IjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzg3My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pMcwDQYJKoZIhvcNAQELBQADggEBAGQD6Nqe0T9K0XLE4CP/jTR0pyMPEIFzT+V3 Ro4RtQajkdpst4frlpPLH5weHnRdzErrY6GbSHWLaqMTz5Qjb68vGiwpV8u7hpwe rgdT17gcykcztMK2SWYAumI+St5BkMykgfZGICIALxX+y2bbGR8BtNWPZd3Qti6H wR3tYdzIehvKixiLzGb56WuUI/e85h+j6uKPSeUnfNLjJWFVVlDNAXn2ROb21Vx9 SbiZJHvByzJXm32q1TpJzCBzIXl5WxF+8lIBVaI4tnNi3nZZZCITrrLPQ/U92pjr 2pBMvCyIxzEIN13eRXqS4QIm9AJKJGgGaHSY/nCHBHD7bwhMZVQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:38 2026 by rpki-client