$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143925.roa File: AS143925.roa (raw, json) Hash identifier: gQpftyGsrr7TADDlYU/z0byWVdlXd+sQNQi2v73ynTc= Subject key identifier: C7:A2:BF:B7:70:F6:A9:C5:BA:55:FC:C2:65:C9:76:51:21:64:C6:D6 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3A51B8405D44EAA59470D8A7CD388538E3068A58 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143925.roa Signing time: Wed 04 Mar 2026 06:15:48 +0000 ROA not before: Wed 04 Mar 2026 06:10:48 +0000 ROA not after: Wed 03 Mar 2027 06:15:48 +0000 asID: 143925 IP address blocks: 240a:a4fb::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:51:b8:40:5d:44:ea:a5:94:70:d8:a7:cd:38:85:38:e3:06:8a:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:48 2026 GMT Not After : Mar 3 06:15:48 2027 GMT Subject: CN=C7A2BFB770F6A9C5BA55FCC265C976512164C6D6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:8b:17:b1:a7:9f:fb:59:bf:d0:9c:36:16:5a: 3c:e7:fe:81:b3:4d:d8:2c:bf:bd:22:fb:71:ca:f2: b1:be:cc:93:26:b1:7f:5c:f0:fd:38:0b:32:8b:5a: 8e:0a:e1:08:98:a6:7f:01:58:14:67:b9:e8:c6:6f: 9a:c0:1f:a0:aa:15:f3:fb:74:17:93:b2:2b:96:ef: fd:7a:09:ff:31:5d:67:b9:0e:06:52:a2:e1:a2:52: 44:4d:64:62:b3:6d:69:44:f2:9f:64:80:d2:09:51: 0a:31:3f:f4:dd:09:ec:ec:9c:f9:f6:5d:a3:79:09: 33:29:bf:fb:ff:63:56:a2:31:01:71:ab:c5:58:21: 29:2e:19:2a:07:10:e1:04:55:06:e7:9d:d3:09:cb: 96:f0:e4:f6:b4:76:46:64:a6:49:bf:48:39:21:b5: 5a:cc:c6:83:16:6b:b8:81:b4:c4:f8:ee:2a:41:dd: fb:ff:94:c0:4b:86:ac:87:e1:38:47:49:02:e3:de: 3c:ad:f2:ad:d6:63:48:ae:2a:de:c5:1d:a3:36:87: 8b:ac:e7:77:2e:f6:19:53:e2:ef:29:e0:e2:4f:3f: 08:51:11:89:86:9f:b3:c1:a5:e4:ec:aa:72:62:58: 63:8e:e7:1a:d1:f7:75:a4:1b:09:c2:92:ea:e8:25: aa:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:A2:BF:B7:70:F6:A9:C5:BA:55:FC:C2:65:C9:76:51:21:64:C6:D6 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143925.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4fb::/32 Signature Algorithm: sha256WithRSAEncryption 13:16:3f:25:ca:3a:b5:4a:c3:a9:91:6e:90:db:e3:4c:27:c8: e2:bb:87:22:d2:73:70:74:a3:80:29:ed:11:95:68:9c:c7:3e: 5f:4c:9d:42:da:0a:32:a9:dd:7d:c7:03:d8:98:f8:7c:a1:81: bf:9b:a8:aa:76:88:72:a1:95:1c:55:d0:0f:95:0a:2b:55:c7: 54:f1:54:9a:5f:ed:4a:36:ba:67:22:1f:e3:8b:ce:23:c9:c3: c5:45:9a:8b:8c:03:45:d6:f0:5b:ed:fd:c3:c0:92:40:1a:1f: b8:de:81:b4:10:1e:79:74:6e:81:29:1c:e8:d9:be:19:65:30: f9:86:48:2a:76:9a:1c:c2:5f:83:5e:f5:03:0b:90:d2:05:69: f9:25:e5:85:1e:e8:f5:18:a6:5d:b9:f9:5a:4a:6f:84:78:ee: 2e:94:20:44:f3:86:90:1c:4a:ce:04:9b:2d:43:3c:29:25:69: 70:a8:76:79:8f:c5:bd:0c:64:f3:78:5a:03:77:8a:65:1b:47: 5a:f4:84:dc:2b:5d:68:5f:4d:bb:79:35:e1:5c:47:85:34:ef: e3:a2:2a:01:05:9c:ad:24:d9:3e:4c:b6:ff:13:9d:42:87:9d: 29:ed:2e:20:87:c3:d6:c6:48:f4:bc:02:1b:d9:c0:a4:15:7a: 6a:c7:a7:ca -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUOlG4QF1E6qWUcNinzTiFOOMGilgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTA0OFoX DTI3MDMwMzA2MTU0OFowMzExMC8GA1UEAxMoQzdBMkJGQjc3MEY2QTlDNUJBNTVG Q0MyNjVDOTc2NTEyMTY0QzZENjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALCLF7Gnn/tZv9CcNhZaPOf+gbNN2Cy/vSL7ccrysb7Mkyaxf1zw/TgLMota jgrhCJimfwFYFGe56MZvmsAfoKoV8/t0F5OyK5bv/XoJ/zFdZ7kOBlKi4aJSRE1k YrNtaUTyn2SA0glRCjE/9N0J7Oyc+fZdo3kJMym/+/9jVqIxAXGrxVghKS4ZKgcQ 4QRVBued0wnLlvDk9rR2RmSmSb9IOSG1WszGgxZruIG0xPjuKkHd+/+UwEuGrIfh OEdJAuPePK3yrdZjSK4q3sUdozaHi6zndy72GVPi7yng4k8/CFERiYafs8Gl5Oyq cmJYY47nGtH3daQbCcKS6uglqhMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTHor+3 cPapxbpV/MJlyXZRIWTG1jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzkyNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pPswDQYJKoZIhvcNAQELBQADggEBABMWPyXKOrVKw6mRbpDb40wnyOK7hyLSc3B0 o4Ap7RGVaJzHPl9MnULaCjKp3X3HA9iY+Hyhgb+bqKp2iHKhlRxV0A+VCitVx1Tx VJpf7Uo2umciH+OLziPJw8VFmouMA0XW8Fvt/cPAkkAaH7jegbQQHnl0boEpHOjZ vhllMPmGSCp2mhzCX4Ne9QMLkNIFafkl5YUe6PUYpl25+VpKb4R47i6UIETzhpAc Ss4Emy1DPCklaXCodnmPxb0MZPN4WgN3imUbR1r0hNwrXWhfTbt5NeFcR4U07+Oi KgEFnK0k2T5Mtv8TnUKHnSntLiCHw9bGSPS8AhvZwKQVemrHp8o= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:48 2026 by rpki-client