$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143927.roa File: AS143927.roa (raw, json) Hash identifier: AILhHP8kB/Iy2GlZhksk/6x1e258Dajl+HBiFDx0QrQ= Subject key identifier: BF:1A:DB:0D:08:1A:AF:B6:16:7E:42:8C:F5:9C:77:C2:C7:95:DD:B8 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 70B4398F91FA9B55FF2C19767BE48977A8EA1279 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143927.roa Signing time: Wed 04 Mar 2026 06:13:19 +0000 ROA not before: Wed 04 Mar 2026 06:08:19 +0000 ROA not after: Wed 03 Mar 2027 06:13:19 +0000 asID: 143927 IP address blocks: 240a:a4fd::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:b4:39:8f:91:fa:9b:55:ff:2c:19:76:7b:e4:89:77:a8:ea:12:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:19 2026 GMT Not After : Mar 3 06:13:19 2027 GMT Subject: CN=BF1ADB0D081AAFB6167E428CF59C77C2C795DDB8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:9d:4f:76:6e:91:4b:4b:42:e9:11:f0:40:db: d9:39:54:1e:d8:21:be:e8:4c:93:03:7b:ae:27:21: 81:26:e2:92:fa:1e:8c:6b:a1:34:08:1f:01:ae:76: bc:18:0a:a1:75:5f:60:75:c5:4d:fb:ff:09:c7:ff: 8b:db:e8:53:8c:f1:e6:24:33:8c:8b:76:99:60:57: 17:bc:97:1f:39:e4:d1:a8:97:1b:39:72:c5:25:dd: 3f:03:a3:d1:ca:fa:33:14:5a:3b:1f:f2:de:ba:7a: c6:f9:0a:8a:bb:ac:26:49:56:3f:4f:36:4d:a3:80: a4:e5:fd:30:35:17:73:ea:3a:b2:e1:98:0c:10:71: a4:17:63:f6:73:55:d2:a8:58:3c:f7:01:cb:53:af: f3:27:f9:7c:b1:bb:11:4d:65:0e:df:d9:77:18:aa: d7:e6:6c:c4:ec:62:b6:6c:17:d9:d2:d3:bb:6e:b5: 8a:76:92:ca:ed:25:5f:f5:46:4e:80:27:7c:5f:fa: 11:f3:b2:5f:42:30:be:9a:74:02:47:74:66:b6:e4: 2c:12:4d:eb:46:f1:29:40:2b:50:a3:04:e5:a1:bd: 03:f8:83:1a:71:4b:a4:c5:dd:68:33:8e:16:a3:e0: d8:ff:ec:18:12:11:7c:83:f3:a1:cb:60:2b:5b:93: ff:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:1A:DB:0D:08:1A:AF:B6:16:7E:42:8C:F5:9C:77:C2:C7:95:DD:B8 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143927.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4fd::/32 Signature Algorithm: sha256WithRSAEncryption dc:e6:ee:f4:98:2a:ac:99:62:dd:0c:42:bd:15:ee:75:87:1a: e2:ab:53:04:ce:8e:5a:4f:60:00:7b:75:f2:1f:cf:d9:e3:67: 36:47:4d:80:8f:36:7e:c1:44:5b:bb:94:81:ae:23:29:56:5c: 25:cd:28:80:61:e9:e8:88:25:b0:b2:5d:b1:da:83:be:a3:4b: d4:5d:ef:b8:57:90:bc:ad:53:3f:ea:48:9a:b4:d3:b0:67:a5: 00:d1:2f:f3:d4:b8:69:0a:f4:f3:9c:4c:1c:d1:fb:6c:77:8b: f1:36:ce:5d:e2:3f:ab:da:7f:99:15:33:41:e9:88:3a:d0:29: 73:ed:1c:c6:c8:ad:a9:cc:58:59:48:e5:38:25:94:30:e1:7a: bb:8c:9a:2f:82:66:b8:d1:70:06:83:dc:4f:fd:ee:b0:6d:70: ec:1f:de:ff:ae:1d:c1:84:29:a5:04:8c:f5:ae:e6:46:dc:7c: 6f:9f:db:78:a3:fc:2d:80:51:13:d6:36:1c:13:71:37:f3:2b: e9:88:7c:d0:df:17:c0:a5:17:3b:70:f0:9f:c9:b0:bc:5c:84: 06:fe:b5:4d:46:bb:98:59:05:ce:8b:dc:b2:46:37:c2:6a:2f: 01:7b:07:31:f3:30:ff:37:14:65:24:28:9a:9f:9d:e9:f1:e2: 4f:2d:d9:9b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUcLQ5j5H6m1X/LBl2e+SJd6jqEnkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgxOVoX DTI3MDMwMzA2MTMxOVowMzExMC8GA1UEAxMoQkYxQURCMEQwODFBQUZCNjE2N0U0 MjhDRjU5Qzc3QzJDNzk1RERCODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOmdT3ZukUtLQukR8EDb2TlUHtghvuhMkwN7richgSbikvoejGuhNAgfAa52 vBgKoXVfYHXFTfv/Ccf/i9voU4zx5iQzjIt2mWBXF7yXHznk0aiXGzlyxSXdPwOj 0cr6MxRaOx/y3rp6xvkKirusJklWP082TaOApOX9MDUXc+o6suGYDBBxpBdj9nNV 0qhYPPcBy1Ov8yf5fLG7EU1lDt/Zdxiq1+ZsxOxitmwX2dLTu261inaSyu0lX/VG ToAnfF/6EfOyX0Iwvpp0Akd0ZrbkLBJN60bxKUArUKME5aG9A/iDGnFLpMXdaDOO FqPg2P/sGBIRfIPzoctgK1uT//kCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS/GtsN CBqvthZ+Qoz1nHfCx5XduDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzkyNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pP0wDQYJKoZIhvcNAQELBQADggEBANzm7vSYKqyZYt0MQr0V7nWHGuKrUwTOjlpP YAB7dfIfz9njZzZHTYCPNn7BRFu7lIGuIylWXCXNKIBh6eiIJbCyXbHag76jS9Rd 77hXkLytUz/qSJq007BnpQDRL/PUuGkK9POcTBzR+2x3i/E2zl3iP6vaf5kVM0Hp iDrQKXPtHMbIranMWFlI5TgllDDheruMmi+CZrjRcAaD3E/97rBtcOwf3v+uHcGE KaUEjPWu5kbcfG+f23ij/C2AURPWNhwTcTfzK+mIfNDfF8ClFztw8J/JsLxchAb+ tU1Gu5hZBc6L3LJGN8JqLwF7BzHzMP83FGUkKJqfnenx4k8t2Zs= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:38 2026 by rpki-client