$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143972.roa File: AS143972.roa (raw, json) Hash identifier: bCyKIMIWhGGE/Wv0dSGD5cLwC9ZDQZxRhJoIo2vzLlE= Subject key identifier: BD:BC:D6:6C:72:B0:AA:62:93:FF:AE:B7:C2:07:07:C2:08:A8:C8:FB Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 6B9D74CEC963D64A2780856181D23EA3AA584BBA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143972.roa Signing time: Wed 04 Mar 2026 06:15:06 +0000 ROA not before: Wed 04 Mar 2026 06:10:06 +0000 ROA not after: Wed 03 Mar 2027 06:15:06 +0000 asID: 143972 IP address blocks: 240a:a52a::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:9d:74:ce:c9:63:d6:4a:27:80:85:61:81:d2:3e:a3:aa:58:4b:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:06 2026 GMT Not After : Mar 3 06:15:06 2027 GMT Subject: CN=BDBCD66C72B0AA6293FFAEB7C20707C208A8C8FB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:7d:9e:b7:84:f4:6a:9e:b0:bd:a6:8e:27:91: 60:c3:bd:65:e8:b9:b6:ae:f5:8f:f4:b1:17:ff:56: 07:aa:57:16:0d:cb:70:72:28:72:12:2e:41:1c:1c: 32:01:34:c0:5c:a4:a1:be:0f:92:7b:f8:6a:41:d0: ec:77:3b:2c:55:24:a9:ac:87:3f:b3:6e:e5:cc:64: 7f:14:09:2b:f4:89:99:da:91:70:00:1d:a5:d5:60: 01:5d:ab:2b:7a:ad:a1:2f:50:b9:89:8c:9a:54:a7: cb:de:30:7c:99:5f:6a:b1:89:10:0b:9d:46:b0:42: 6b:ad:af:56:09:6d:99:77:93:72:a4:24:fb:78:c4: a8:ec:95:45:16:66:6c:9d:90:49:05:79:c6:5f:66: 03:02:b8:31:00:01:af:75:8d:a6:94:c7:38:5c:b9: b9:96:43:da:ae:6b:f8:03:67:c7:40:99:84:db:65: e5:f0:16:fc:ba:88:64:cf:ff:e0:bb:35:45:69:1b: bb:dd:08:f8:c7:0d:fd:d4:06:92:6e:c3:da:42:7e: ac:ec:c7:7b:0e:8e:df:df:d0:28:72:f7:a9:27:f5: a3:e1:c9:61:96:55:33:73:34:b4:82:43:9b:bb:d9: 10:c5:5b:5e:ab:82:5a:5c:6e:49:05:92:ce:12:0e: c6:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:BC:D6:6C:72:B0:AA:62:93:FF:AE:B7:C2:07:07:C2:08:A8:C8:FB X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143972.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a52a::/32 Signature Algorithm: sha256WithRSAEncryption 54:59:9e:e8:b9:fe:39:81:f1:fa:aa:b9:61:08:26:ea:47:15: 54:f8:f0:d3:48:65:5b:85:7a:4e:3f:ec:78:cd:b4:99:7d:40: 8b:a1:df:44:b5:89:d3:bf:3a:30:ca:ee:5f:25:f0:61:5a:85: 85:8f:a4:c9:ac:41:8a:ed:e1:97:93:c7:a6:b0:e0:9b:b0:6e: c6:55:63:c4:12:11:68:b3:d5:bf:e0:76:5e:d4:15:91:52:58: 4f:0c:e8:d5:a4:2c:56:8f:ea:2b:79:04:e7:9d:ed:b7:bd:37: 15:05:62:f6:50:2d:f0:23:a9:85:30:50:f4:55:d3:ff:fa:48: 03:c0:a8:65:2a:cb:ac:53:ae:b5:52:68:11:38:28:13:8e:3e: 07:7a:f3:c4:c9:c5:a6:fa:8b:a3:86:5b:d7:c4:04:d1:ee:42: 3d:d4:17:f9:ba:f8:d3:78:6d:3f:bb:d5:01:d7:a1:c9:ee:1a: 51:c5:da:d0:bf:e1:47:77:8b:89:1c:76:dc:82:6d:5b:a8:90: e8:dc:04:08:d9:5b:01:ba:78:0e:4a:7d:39:a9:d4:e4:87:93: 6e:9b:56:1e:9e:82:06:ed:ff:c7:06:65:0c:78:1b:e9:1b:dd: a9:53:56:79:26:c1:22:c9:04:eb:10:10:a6:71:11:6f:91:60: 7a:74:c7:da -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUa510zslj1kongIVhgdI+o6pYS7owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAwNloX DTI3MDMwMzA2MTUwNlowMzExMC8GA1UEAxMoQkRCQ0Q2NkM3MkIwQUE2MjkzRkZB RUI3QzIwNzA3QzIwOEE4QzhGQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALd9nreE9GqesL2mjieRYMO9Zei5tq71j/SxF/9WB6pXFg3LcHIochIuQRwc MgE0wFykob4Pknv4akHQ7Hc7LFUkqayHP7Nu5cxkfxQJK/SJmdqRcAAdpdVgAV2r K3qtoS9QuYmMmlSny94wfJlfarGJEAudRrBCa62vVgltmXeTcqQk+3jEqOyVRRZm bJ2QSQV5xl9mAwK4MQABr3WNppTHOFy5uZZD2q5r+ANnx0CZhNtl5fAW/LqIZM// 4Ls1RWkbu90I+McN/dQGkm7D2kJ+rOzHew6O39/QKHL3qSf1o+HJYZZVM3M0tIJD m7vZEMVbXquCWlxuSQWSzhIOxh8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBS9vNZs crCqYpP/rrfCBwfCCKjI+zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk3Mi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pSowDQYJKoZIhvcNAQELBQADggEBAFRZnui5/jmB8fqquWEIJupHFVT48NNIZVuF ek4/7HjNtJl9QIuh30S1idO/OjDK7l8l8GFahYWPpMmsQYrt4ZeTx6aw4JuwbsZV Y8QSEWiz1b/gdl7UFZFSWE8M6NWkLFaP6it5BOed7be9NxUFYvZQLfAjqYUwUPRV 0//6SAPAqGUqy6xTrrVSaBE4KBOOPgd688TJxab6i6OGW9fEBNHuQj3UF/m6+NN4 bT+71QHXocnuGlHF2tC/4Ud3i4kcdtyCbVuokOjcBAjZWwG6eA5KfTmp1OSHk26b Vh6eggbt/8cGZQx4G+kb3alTVnkmwSLJBOsQEKZxEW+RYHp0x9o= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:19 2026 by rpki-client