$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143876.roa File: AS143876.roa (raw, json) Hash identifier: HCRbqquZmSBp0wBfcFDt/hbpA91Khwqh0c6mBX99PaU= Subject key identifier: 64:F9:C2:BF:C2:44:68:50:FB:5F:3E:4A:4B:2F:56:AC:41:86:C4:F8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 061FE0BBE5BFAAFBAB92D1979F7A662271894E02 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143876.roa Signing time: Wed 04 Mar 2026 06:13:17 +0000 ROA not before: Wed 04 Mar 2026 06:08:17 +0000 ROA not after: Wed 03 Mar 2027 06:13:17 +0000 asID: 143876 IP address blocks: 240a:a4ca::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:1f:e0:bb:e5:bf:aa:fb:ab:92:d1:97:9f:7a:66:22:71:89:4e:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:17 2026 GMT Not After : Mar 3 06:13:17 2027 GMT Subject: CN=64F9C2BFC2446850FB5F3E4A4B2F56AC4186C4F8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:b4:6c:03:2e:32:fb:cc:65:df:e3:31:7e:d5: 40:f4:38:a7:bd:ab:7f:e9:b7:66:80:f5:cb:30:ba: c2:00:a1:5d:61:5a:3a:96:c5:46:84:23:8a:a2:21: 39:fb:ad:86:0c:e9:a6:bf:b6:4c:77:3c:ab:63:29: 91:f8:1e:fc:9d:b4:35:67:0d:32:94:44:9a:65:2f: 2e:f7:ed:da:bc:83:05:85:85:08:f3:e2:f2:ee:08: a1:ba:01:c4:7b:22:f3:13:bc:a9:2d:ae:99:1c:56: e4:bd:be:ca:9a:72:08:c4:66:3d:61:af:53:ad:d1: 1b:07:97:b7:ac:3a:cc:08:72:58:7d:1b:1f:78:b5: e0:24:b6:53:5a:da:15:3a:e0:fb:2b:7b:64:93:ad: a9:22:95:ce:4b:ba:01:a1:82:e5:e2:24:45:6c:8b: 7a:fe:ca:d5:0e:f7:0c:bf:47:fd:8b:21:63:66:2d: 69:5e:1c:4f:11:c5:bd:1d:1a:fd:67:25:e5:4e:de: 90:4e:c4:ac:c3:54:3d:e5:53:36:8c:97:a5:66:74: 83:0d:b3:4c:c0:7a:d0:5f:57:1f:f7:4a:a5:24:b0: 50:aa:ac:02:09:c7:fb:5a:d8:d9:c0:01:b3:5b:48: 09:c4:c5:05:55:86:ba:79:5b:86:a5:b7:72:76:b3: 00:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:F9:C2:BF:C2:44:68:50:FB:5F:3E:4A:4B:2F:56:AC:41:86:C4:F8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143876.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4ca::/32 Signature Algorithm: sha256WithRSAEncryption 6b:5a:76:f8:7a:c2:a7:58:d6:a7:ee:fb:45:d3:6b:0d:15:86: a1:e3:5c:81:8d:31:79:3d:18:50:6a:a2:f6:5b:fd:4b:ae:5e: 26:3c:0e:f3:be:07:c2:41:4a:27:3f:01:db:95:f7:e0:c3:2f: 24:de:3b:a5:53:33:59:e7:cc:a4:b4:e6:ef:e9:96:b6:4a:38: 4e:73:47:50:7e:4a:d1:05:80:93:b3:c4:eb:bb:cf:49:6f:65: 8b:fa:c0:92:25:6c:a0:e8:19:2f:af:e9:b7:f4:bb:ac:80:27: b3:79:e6:52:cb:30:4a:cf:be:83:ab:80:5b:03:f6:d9:f7:2a: 6a:67:7f:ec:f2:e2:9a:45:f0:9b:f5:6b:ed:4e:d0:4b:72:7f: 7c:99:c7:8f:e4:93:01:1f:ab:e5:f5:fd:04:72:00:9c:1e:57: 1e:cf:22:78:6b:8f:c0:4a:80:a6:ac:bc:21:77:57:fb:97:bb: 36:1f:7d:40:56:a5:d1:ac:da:d1:25:f0:e5:95:75:29:49:0a: 9c:93:f8:59:fd:54:c5:fd:3a:f8:b7:48:d8:fc:fa:f9:45:76: bd:5e:a8:c0:c7:28:c3:98:b0:31:31:c9:a9:a5:72:46:5d:c8: d8:e1:ae:19:b6:06:b3:bb:2e:1d:a4:fc:53:11:47:40:da:c1: 4a:5c:0f:57 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBh/gu+W/qvurktGXn3pmInGJTgIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgxN1oX DTI3MDMwMzA2MTMxN1owMzExMC8GA1UEAxMoNjRGOUMyQkZDMjQ0Njg1MEZCNUYz RTRBNEIyRjU2QUM0MTg2QzRGODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANq0bAMuMvvMZd/jMX7VQPQ4p72rf+m3ZoD1yzC6wgChXWFaOpbFRoQjiqIh Ofuthgzppr+2THc8q2Mpkfge/J20NWcNMpREmmUvLvft2ryDBYWFCPPi8u4IoboB xHsi8xO8qS2umRxW5L2+yppyCMRmPWGvU63RGweXt6w6zAhyWH0bH3i14CS2U1ra FTrg+yt7ZJOtqSKVzku6AaGC5eIkRWyLev7K1Q73DL9H/YshY2YtaV4cTxHFvR0a /Wcl5U7ekE7ErMNUPeVTNoyXpWZ0gw2zTMB60F9XH/dKpSSwUKqsAgnH+1rY2cAB s1tICcTFBVWGunlbhqW3cnazAGkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRk+cK/ wkRoUPtfPkpLL1asQYbE+DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzg3Ni5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pMowDQYJKoZIhvcNAQELBQADggEBAGtadvh6wqdY1qfu+0XTaw0VhqHjXIGNMXk9 GFBqovZb/UuuXiY8DvO+B8JBSic/AduV9+DDLyTeO6VTM1nnzKS05u/plrZKOE5z R1B+StEFgJOzxOu7z0lvZYv6wJIlbKDoGS+v6bf0u6yAJ7N55lLLMErPvoOrgFsD 9tn3Kmpnf+zy4ppF8Jv1a+1O0Etyf3yZx4/kkwEfq+X1/QRyAJweVx7PInhrj8BK gKasvCF3V/uXuzYffUBWpdGs2tEl8OWVdSlJCpyT+Fn9VMX9Ovi3SNj8+vlFdr1e qMDHKMOYsDExyamlckZdyNjhrhm2BrO7Lh2k/FMRR0DawUpcD1c= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:38 2026 by rpki-client