$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143878.roa File: AS143878.roa (raw, json) Hash identifier: g8sv6Jthm37fDwSKsG14KJdIqV3HcklVqm0uFS8zRDw= Subject key identifier: 96:BC:57:22:56:A2:85:6B:C4:2E:82:9F:17:97:45:1E:D6:85:34:81 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 75ACC77F2DAF31F982267A7B686A7D72D90D2568 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143878.roa Signing time: Wed 04 Mar 2026 06:12:34 +0000 ROA not before: Wed 04 Mar 2026 06:07:34 +0000 ROA not after: Wed 03 Mar 2027 06:12:34 +0000 asID: 143878 IP address blocks: 240a:a4cc::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:ac:c7:7f:2d:af:31:f9:82:26:7a:7b:68:6a:7d:72:d9:0d:25:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:07:34 2026 GMT Not After : Mar 3 06:12:34 2027 GMT Subject: CN=96BC572256A2856BC42E829F1797451ED6853481 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:c8:cc:24:27:e3:5e:78:71:e5:59:fc:cd:a1: 0f:df:8f:be:8e:b9:e5:88:87:4f:e2:c0:84:a5:23: 61:8a:6c:22:c9:b6:aa:cc:d9:b3:f4:8c:f8:b9:18: 2b:f9:0b:e9:0d:87:3f:f8:1b:d5:e1:48:bc:c8:69: 1d:c6:8d:b5:ee:a5:a1:8f:48:40:f9:8c:a0:f5:73: 8c:6e:12:5b:b1:bb:1c:22:b9:5d:3f:79:b9:36:57: 04:1a:69:73:31:73:c3:48:4c:b8:4a:be:c3:50:82: 72:07:9b:dd:df:c0:24:1e:19:c4:2d:46:bf:69:5f: dd:93:ae:78:14:6b:0f:40:67:00:6c:3f:0d:d6:e6: 69:b4:73:39:57:86:ec:b4:51:7f:58:c1:ea:40:e5: 75:bd:aa:cf:eb:d7:d2:8b:1b:f0:a8:11:14:05:76: 98:d3:23:77:fb:c4:6c:15:cf:eb:52:60:8d:a2:46: 93:ae:26:1e:ae:55:6f:ff:b9:47:ac:c5:6e:76:60: 4d:eb:e3:58:16:0e:8e:eb:53:33:77:a5:e3:65:65: 05:49:6f:22:ed:19:d7:14:13:d5:f6:26:65:fe:3e: d2:3d:60:bc:37:07:f7:8e:ea:c5:8e:59:01:0a:96: 1e:6c:38:a2:34:09:bd:b1:9d:ca:4c:ef:3e:98:5b: c3:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:BC:57:22:56:A2:85:6B:C4:2E:82:9F:17:97:45:1E:D6:85:34:81 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143878.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4cc::/32 Signature Algorithm: sha256WithRSAEncryption bf:e9:42:4f:43:81:b5:36:70:4b:60:c3:f6:e1:b5:29:88:45: b8:81:ed:7d:1d:b9:9d:eb:53:70:43:67:ab:de:97:5e:5c:06: b7:05:fc:4d:29:c4:0e:04:26:b4:d0:6b:d4:1b:f2:51:e4:6f: 94:09:f0:6d:f3:f9:fb:32:12:2a:b4:d5:7a:d8:d7:68:5b:4c: 16:9d:64:66:19:3d:89:4a:f8:f8:7f:d3:30:06:94:04:86:e0: 82:f1:b3:0b:f6:2b:32:aa:c7:56:41:c1:a3:e7:15:0c:b1:61: e0:48:8f:76:d1:30:1f:b8:26:ba:e0:c3:19:3d:f2:e1:48:fb: 8a:50:6b:d5:2c:a7:63:4a:d3:ae:78:f7:e5:12:10:7e:aa:b9: f7:09:b5:48:ee:b8:5f:55:10:c6:5b:e1:98:85:2a:7a:ab:1b: 23:43:d2:3f:33:81:56:a7:63:2e:47:9c:db:18:1c:87:44:b0: 2a:2d:70:25:cd:8b:42:e1:10:cd:d4:c0:c3:50:68:77:db:a7: 36:2a:1f:4f:95:45:78:c8:3f:6d:00:c6:d1:6d:e6:d4:a3:d7: bd:72:37:29:9a:1b:fd:ff:81:21:33:43:09:a3:1c:05:36:50: dc:74:e2:dc:8c:7d:2b:ce:34:59:ef:21:1d:4c:c7:93:1d:af: 1c:66:44:29 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUdazHfy2vMfmCJnp7aGp9ctkNJWgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDczNFoX DTI3MDMwMzA2MTIzNFowMzExMC8GA1UEAxMoOTZCQzU3MjI1NkEyODU2QkM0MkU4 MjlGMTc5NzQ1MUVENjg1MzQ4MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANfIzCQn4154ceVZ/M2hD9+Pvo655YiHT+LAhKUjYYpsIsm2qszZs/SM+LkY K/kL6Q2HP/gb1eFIvMhpHcaNte6loY9IQPmMoPVzjG4SW7G7HCK5XT95uTZXBBpp czFzw0hMuEq+w1CCcgeb3d/AJB4ZxC1Gv2lf3ZOueBRrD0BnAGw/DdbmabRzOVeG 7LRRf1jB6kDldb2qz+vX0osb8KgRFAV2mNMjd/vEbBXP61JgjaJGk64mHq5Vb/+5 R6zFbnZgTevjWBYOjutTM3el42VlBUlvIu0Z1xQT1fYmZf4+0j1gvDcH947qxY5Z AQqWHmw4ojQJvbGdykzvPphbww8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSWvFci VqKFa8Qugp8Xl0Ue1oU0gTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzg3OC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pMwwDQYJKoZIhvcNAQELBQADggEBAL/pQk9DgbU2cEtgw/bhtSmIRbiB7X0duZ3r U3BDZ6vel15cBrcF/E0pxA4EJrTQa9Qb8lHkb5QJ8G3z+fsyEiq01XrY12hbTBad ZGYZPYlK+Ph/0zAGlASG4ILxswv2KzKqx1ZBwaPnFQyxYeBIj3bRMB+4Jrrgwxk9 8uFI+4pQa9Usp2NK06549+USEH6qufcJtUjuuF9VEMZb4ZiFKnqrGyND0j8zgVan Yy5HnNsYHIdEsCotcCXNi0LhEM3UwMNQaHfbpzYqH0+VRXjIP20AxtFt5tSj171y NymaG/3/gSEzQwmjHAU2UNx04tyMfSvONFnvIR1Mx5MdrxxmRCk= -----END CERTIFICATE-----Generated at Sat Mar 28 13:10:25 2026 by rpki-client