$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143874.roa File: AS143874.roa (raw, json) Hash identifier: MAUNwem7mmAztU79GIGm1d8e02bUzb/d1HBPx2mChDs= Subject key identifier: 7D:17:1C:64:2F:DF:E5:7E:AE:E4:83:37:E1:D5:A9:0D:4E:BB:2F:99 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 4DF3EB53C0B52EACEE59AA52DA92A50603E74B3B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143874.roa Signing time: Wed 04 Mar 2026 06:13:03 +0000 ROA not before: Wed 04 Mar 2026 06:08:03 +0000 ROA not after: Wed 03 Mar 2027 06:13:03 +0000 asID: 143874 IP address blocks: 240a:a4c8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:f3:eb:53:c0:b5:2e:ac:ee:59:aa:52:da:92:a5:06:03:e7:4b:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:03 2026 GMT Not After : Mar 3 06:13:03 2027 GMT Subject: CN=7D171C642FDFE57EAEE48337E1D5A90D4EBB2F99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:6e:a6:cc:5e:7c:25:57:b5:31:ca:c3:64:55: 5c:a7:6c:92:14:71:bc:79:27:88:07:51:cc:04:f6: 01:45:e6:f7:5e:ed:d3:fd:09:4e:99:e6:14:32:7d: 4a:f6:7f:20:01:df:04:25:01:54:ae:fd:e0:5e:ad: e7:c0:4d:db:e1:6c:c0:f0:a3:38:e3:d9:9b:13:ba: 63:6d:6c:ef:44:08:70:f8:ac:9a:94:eb:56:e4:3d: e2:a5:83:b2:95:35:8b:d8:6e:49:dd:3c:73:31:5e: a3:a2:e7:cd:44:20:fb:f1:5f:5f:ac:ff:e6:06:fa: 2d:db:83:80:fe:ef:13:7c:ff:01:41:12:2f:43:37: 76:3f:37:44:43:dd:64:6f:e9:29:46:9c:a7:38:e5: 2e:5b:2d:b2:f5:6c:3e:f9:21:51:09:5e:5e:46:3c: c4:6c:3f:84:72:e6:98:6d:a5:66:a5:cd:3e:cf:86: 12:d8:d8:7e:4f:df:c9:20:c8:5c:a7:8b:78:15:3a: 68:b4:c6:a2:01:67:7f:8b:84:52:94:ed:b5:f9:93: 74:fb:11:56:ca:48:af:dd:6a:85:85:ff:43:dd:3f: 6b:01:20:87:5f:dc:e7:9b:e9:b8:a0:77:14:c5:83: 1b:fa:31:74:ee:c7:f2:d5:5a:23:0d:90:48:7a:11: 64:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:17:1C:64:2F:DF:E5:7E:AE:E4:83:37:E1:D5:A9:0D:4E:BB:2F:99 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143874.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4c8::/32 Signature Algorithm: sha256WithRSAEncryption 57:19:19:c0:e9:7c:22:5b:a2:06:eb:15:37:05:0c:12:a4:ff: a2:5c:cb:86:8b:88:bf:b1:a0:06:87:7d:58:b2:3a:c9:72:a6: 86:0d:68:31:44:4f:4b:8a:94:26:66:9c:c6:6a:64:f8:ed:9e: 2b:c2:3a:db:ee:df:da:69:2e:12:03:72:fd:74:c5:28:4b:b4: f1:e9:75:60:ad:41:d2:08:ca:15:9b:5e:d7:a0:03:28:ff:49: a3:cc:55:ae:6b:db:fd:b9:6c:36:85:01:88:35:e4:ad:8a:51: bf:28:26:6d:cc:7c:54:7a:f1:ae:7b:be:4f:1f:70:98:40:91: 56:ad:59:4a:64:fa:f0:22:83:cb:9e:25:58:ca:83:0c:db:8b: 6c:4e:67:0c:f7:cc:89:da:bc:94:09:31:bd:cc:53:1b:d1:05: e3:2a:1f:90:82:25:7a:f7:da:ae:81:15:86:3f:a3:b3:94:a1: 55:8d:3e:93:03:02:e6:72:7b:6b:2b:35:7d:c9:94:04:a5:5a: 81:87:38:ab:ac:1d:89:93:04:f5:10:c3:38:6d:54:a7:99:47: 38:7c:41:ea:1d:73:7d:5e:6d:07:ea:9d:65:1a:55:ed:13:41: c2:59:c6:fc:fc:0f:c7:e7:a3:17:12:43:ee:3e:17:d7:95:11: 53:83:25:ab -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUTfPrU8C1LqzuWapS2pKlBgPnSzswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgwM1oX DTI3MDMwMzA2MTMwM1owMzExMC8GA1UEAxMoN0QxNzFDNjQyRkRGRTU3RUFFRTQ4 MzM3RTFENUE5MEQ0RUJCMkY5OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMlupsxefCVXtTHKw2RVXKdskhRxvHkniAdRzAT2AUXm917t0/0JTpnmFDJ9 SvZ/IAHfBCUBVK794F6t58BN2+FswPCjOOPZmxO6Y21s70QIcPismpTrVuQ94qWD spU1i9huSd08czFeo6LnzUQg+/FfX6z/5gb6LduDgP7vE3z/AUESL0M3dj83REPd ZG/pKUacpzjlLlstsvVsPvkhUQleXkY8xGw/hHLmmG2lZqXNPs+GEtjYfk/fySDI XKeLeBU6aLTGogFnf4uEUpTttfmTdPsRVspIr91qhYX/Q90/awEgh1/c55vpuKB3 FMWDG/oxdO7H8tVaIw2QSHoRZIsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR9Fxxk L9/lfq7kgzfh1akNTrsvmTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzg3NC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pMgwDQYJKoZIhvcNAQELBQADggEBAFcZGcDpfCJbogbrFTcFDBKk/6Jcy4aLiL+x oAaHfViyOslypoYNaDFET0uKlCZmnMZqZPjtnivCOtvu39ppLhIDcv10xShLtPHp dWCtQdIIyhWbXtegAyj/SaPMVa5r2/25bDaFAYg15K2KUb8oJm3MfFR68a57vk8f cJhAkVatWUpk+vAig8ueJVjKgwzbi2xOZwz3zInavJQJMb3MUxvRBeMqH5CCJXr3 2q6BFYY/o7OUoVWNPpMDAuZye2srNX3JlASlWoGHOKusHYmTBPUQwzhtVKeZRzh8 Qeodc31ebQfqnWUaVe0TQcJZxvz8D8fnoxcSQ+4+F9eVEVODJas= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:43 2026 by rpki-client