$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143975.roa File: AS143975.roa (raw, json) Hash identifier: ruHOKtsTX8eLybx74wzS11mEYCKqhEUD48xftyxkOCw= Subject key identifier: D0:E2:00:49:B3:85:E7:7D:AB:CF:E6:0A:6D:D8:F8:10:4D:F4:3C:98 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5696F20A48B0787D666A4A3487AC2EAEC647A22F Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143975.roa Signing time: Wed 04 Mar 2026 06:15:10 +0000 ROA not before: Wed 04 Mar 2026 06:10:10 +0000 ROA not after: Wed 03 Mar 2027 06:15:10 +0000 asID: 143975 IP address blocks: 240a:a52d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:96:f2:0a:48:b0:78:7d:66:6a:4a:34:87:ac:2e:ae:c6:47:a2:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:10 2026 GMT Not After : Mar 3 06:15:10 2027 GMT Subject: CN=D0E20049B385E77DABCFE60A6DD8F8104DF43C98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:45:d8:9e:66:9d:80:d2:56:b4:d0:61:ed:6e: b7:f6:1f:0a:ad:4d:bb:a0:6b:e6:4d:7c:e3:ba:30: cb:1b:ec:08:99:d7:ab:65:03:74:06:05:e2:6e:99: 4e:9d:38:e2:8c:f6:ea:7e:4d:e4:36:e6:cb:55:1e: dd:f4:d4:d8:5b:b2:fb:1a:94:f6:7e:8d:4a:ec:2a: b0:80:51:72:25:55:10:61:e9:60:39:b2:66:d6:4a: 7a:5e:9f:30:f9:78:e9:5c:dd:7f:7c:04:21:dd:48: 39:ce:56:aa:ff:b0:85:53:ad:2c:d5:77:39:d6:7f: 6c:a4:6d:d4:68:bd:d8:5c:3f:0e:91:55:1a:e6:d6: 67:e2:c3:58:89:ef:3b:ac:65:41:d6:47:54:0c:9a: be:45:db:30:c2:0a:52:d8:2e:67:62:70:13:44:d2: 34:f8:8a:40:8d:bf:d3:85:b1:f0:08:f0:cb:c4:3c: 31:35:e2:c2:13:02:fe:28:7a:53:66:a1:92:aa:ed: d3:70:c6:9b:7a:1a:64:d4:b5:12:3a:c7:4e:29:ec: 23:12:c7:f7:e9:a0:dd:ac:ce:57:01:e7:70:bf:9f: 7b:e2:72:21:d9:df:88:72:51:91:36:a6:7b:24:12: d7:89:34:3b:03:7e:e2:d1:ed:7c:5c:03:7b:0f:44: 81:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:E2:00:49:B3:85:E7:7D:AB:CF:E6:0A:6D:D8:F8:10:4D:F4:3C:98 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143975.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a52d::/32 Signature Algorithm: sha256WithRSAEncryption d9:a6:3d:3b:b8:0b:ef:f0:39:8f:87:b4:dc:f3:ab:08:48:f8: 83:3c:0a:8e:44:84:36:52:40:59:8c:59:e9:6e:e7:40:35:67: 3f:d1:b3:cb:5e:83:6f:6a:b8:a6:21:50:f8:ad:55:a7:ff:45: b9:ac:9b:2a:26:23:36:17:e1:36:6b:b6:6b:85:39:b7:2e:dd: 8a:dd:c5:a6:6e:75:6b:a2:7b:bf:23:21:c9:21:c8:9d:46:37: 50:c2:1f:73:06:a7:ee:28:6a:b2:ab:47:0c:ee:2a:ab:e5:38: ce:68:c1:1b:21:0b:8c:58:e4:53:65:f4:a7:2a:46:36:b4:26: 7e:a6:f4:3a:7a:19:f8:87:67:fa:f7:d6:41:56:4d:24:d0:b1: 05:3a:ee:a6:66:9e:51:74:6c:67:df:e3:df:ae:00:aa:f5:00: 37:10:e4:f2:c0:4a:0c:a2:d0:ae:c7:43:26:db:7a:8a:fb:a9: e1:a1:78:ae:57:cd:0a:64:59:9e:17:30:12:fb:39:bf:e2:6f: 38:42:7d:1a:dc:21:8e:fe:e8:89:b8:a3:2c:e9:79:5a:19:e8: 78:d3:90:e6:4f:81:0d:f9:fb:1f:29:25:dd:75:b2:b2:c7:05: 2f:ef:c1:95:62:71:2b:46:7c:07:d4:8f:75:fd:74:23:fe:dc: c4:a6:bc:f4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVpbyCkiweH1mako0h6wursZHoi8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAxMFoX DTI3MDMwMzA2MTUxMFowMzExMC8GA1UEAxMoRDBFMjAwNDlCMzg1RTc3REFCQ0ZF NjBBNkREOEY4MTA0REY0M0M5ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOBF2J5mnYDSVrTQYe1ut/YfCq1Nu6Br5k1847owyxvsCJnXq2UDdAYF4m6Z Tp044oz26n5N5Dbmy1Ue3fTU2Fuy+xqU9n6NSuwqsIBRciVVEGHpYDmyZtZKel6f MPl46Vzdf3wEId1IOc5Wqv+whVOtLNV3OdZ/bKRt1Gi92Fw/DpFVGubWZ+LDWInv O6xlQdZHVAyavkXbMMIKUtguZ2JwE0TSNPiKQI2/04Wx8Ajwy8Q8MTXiwhMC/ih6 U2ahkqrt03DGm3oaZNS1EjrHTinsIxLH9+mg3azOVwHncL+fe+JyIdnfiHJRkTam eyQS14k0OwN+4tHtfFwDew9EgRMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTQ4gBJ s4XnfavP5gpt2PgQTfQ8mDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk3NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pS0wDQYJKoZIhvcNAQELBQADggEBANmmPTu4C+/wOY+HtNzzqwhI+IM8Co5EhDZS QFmMWelu50A1Zz/Rs8teg29quKYhUPitVaf/RbmsmyomIzYX4TZrtmuFObcu3Yrd xaZudWuie78jIckhyJ1GN1DCH3MGp+4oarKrRwzuKqvlOM5owRshC4xY5FNl9Kcq Rja0Jn6m9Dp6GfiHZ/r31kFWTSTQsQU67qZmnlF0bGff49+uAKr1ADcQ5PLASgyi 0K7HQybbeor7qeGheK5XzQpkWZ4XMBL7Ob/ibzhCfRrcIY7+6Im4oyzpeVoZ6HjT kOZPgQ35+x8pJd11srLHBS/vwZVicStGfAfUj3X9dCP+3MSmvPQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:45 2026 by rpki-client