$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143977.roa File: AS143977.roa (raw, json) Hash identifier: TVwlB++503VPDwsePugtgnVBbSoW6l3W7lw0uSfagoQ= Subject key identifier: 00:10:68:46:75:5F:EF:11:D2:73:0D:A0:98:DD:FC:39:42:44:18:D1 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 72372A079BE94BA1827129EDA7173E7080633873 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143977.roa Signing time: Wed 04 Mar 2026 06:13:18 +0000 ROA not before: Wed 04 Mar 2026 06:08:18 +0000 ROA not after: Wed 03 Mar 2027 06:13:18 +0000 asID: 143977 IP address blocks: 240a:a52f::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:37:2a:07:9b:e9:4b:a1:82:71:29:ed:a7:17:3e:70:80:63:38:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:18 2026 GMT Not After : Mar 3 06:13:18 2027 GMT Subject: CN=00106846755FEF11D2730DA098DDFC39424418D1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:9a:28:d9:14:e1:01:c1:fb:52:51:7f:4f:d8: 2c:e3:69:b1:07:c0:7d:07:81:55:43:60:b2:bb:01: fc:53:b3:78:83:6f:28:38:ec:81:b3:0d:49:29:33: 69:f2:91:f3:0c:c7:a2:20:d1:b2:39:cd:67:56:10: 0c:be:91:63:a7:68:94:1c:1e:0c:ab:2a:5e:ad:14: 75:3d:c2:a3:af:e8:5a:3b:1e:9d:81:03:62:65:a5: 4e:b3:cf:43:45:ad:fd:33:4b:59:2c:cb:d6:f5:19: a1:a3:c2:4d:08:65:a6:7d:4d:2c:93:a2:f2:bb:c4: 04:6f:03:0b:b0:a8:17:91:19:98:6d:34:cd:6c:7a: a0:8b:d2:b0:e1:b6:16:04:f1:70:88:69:7d:c6:1e: a8:0a:92:5e:0b:8e:42:7f:81:4e:46:24:65:70:43: 0a:30:e6:a7:81:07:c0:24:7e:d1:ae:7e:24:26:d3: 56:97:e6:7c:d5:71:7e:b7:24:dc:98:2f:3d:15:46: e3:24:de:8e:81:90:eb:17:4d:be:95:a4:89:5d:29: 45:3b:87:6b:c1:e8:2e:e6:54:8e:a1:e2:ae:c1:2d: 94:fc:d8:97:32:a1:3e:62:00:bd:83:56:76:5d:a5: ba:90:02:ac:ee:19:0a:c9:f4:7e:5b:5f:cf:fa:fa: 52:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:10:68:46:75:5F:EF:11:D2:73:0D:A0:98:DD:FC:39:42:44:18:D1 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143977.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a52f::/32 Signature Algorithm: sha256WithRSAEncryption 48:ac:5b:87:db:d3:d0:28:a0:09:16:16:36:2c:4f:0e:5c:e9: a0:f8:fa:b1:03:6a:29:be:eb:2c:33:87:7f:41:c7:ad:c5:58: 09:6e:f3:0f:bd:37:d1:6f:f5:90:7d:e2:2c:3a:7d:99:79:be: fa:94:e7:99:9f:fc:f5:2d:ad:9b:3d:05:3b:c2:c3:6a:62:62: 3e:8d:d1:58:5f:63:bc:b2:2c:d1:3d:89:c9:fd:3f:2f:9d:d1: cf:c6:50:06:bd:de:e2:63:83:8e:bc:d6:bc:19:f8:39:66:06: 80:e0:18:90:be:60:c9:3c:39:4e:bc:20:7b:de:b1:e0:b5:09: 03:74:92:65:9e:00:95:4a:81:52:5e:16:e3:9c:26:17:d4:8e: 02:85:a5:22:7f:30:e6:58:ba:0c:e0:65:85:75:56:15:df:df: f4:c9:1c:65:7f:7f:48:51:1a:47:3a:23:43:42:23:17:d3:06: de:ff:96:1e:a7:fa:8b:4d:a7:e3:35:30:ac:4d:54:72:47:16: 4a:75:71:59:8e:50:16:39:7d:c1:42:8e:f9:7a:b5:f0:c4:2f: 33:1f:c9:1e:b6:f4:71:37:6b:2e:fb:a8:71:52:6f:1f:be:6b: 61:80:b9:3e:a3:0d:73:89:21:da:d0:e7:2f:21:5d:56:f5:c4: 29:2a:cd:ca -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUcjcqB5vpS6GCcSntpxc+cIBjOHMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgxOFoX DTI3MDMwMzA2MTMxOFowMzExMC8GA1UEAxMoMDAxMDY4NDY3NTVGRUYxMUQyNzMw REEwOThEREZDMzk0MjQ0MThEMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL+aKNkU4QHB+1JRf0/YLONpsQfAfQeBVUNgsrsB/FOzeINvKDjsgbMNSSkz afKR8wzHoiDRsjnNZ1YQDL6RY6dolBweDKsqXq0UdT3Co6/oWjsenYEDYmWlTrPP Q0Wt/TNLWSzL1vUZoaPCTQhlpn1NLJOi8rvEBG8DC7CoF5EZmG00zWx6oIvSsOG2 FgTxcIhpfcYeqAqSXguOQn+BTkYkZXBDCjDmp4EHwCR+0a5+JCbTVpfmfNVxfrck 3JgvPRVG4yTejoGQ6xdNvpWkiV0pRTuHa8HoLuZUjqHirsEtlPzYlzKhPmIAvYNW dl2lupACrO4ZCsn0fltfz/r6UisCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQAEGhG dV/vEdJzDaCY3fw5QkQY0TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk3Ny5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pS8wDQYJKoZIhvcNAQELBQADggEBAEisW4fb09AooAkWFjYsTw5c6aD4+rEDaim+ 6ywzh39Bx63FWAlu8w+9N9Fv9ZB94iw6fZl5vvqU55mf/PUtrZs9BTvCw2piYj6N 0VhfY7yyLNE9icn9Py+d0c/GUAa93uJjg4681rwZ+DlmBoDgGJC+YMk8OU68IHve seC1CQN0kmWeAJVKgVJeFuOcJhfUjgKFpSJ/MOZYugzgZYV1VhXf3/TJHGV/f0hR Gkc6I0NCIxfTBt7/lh6n+otNp+M1MKxNVHJHFkp1cVmOUBY5fcFCjvl6tfDELzMf yR629HE3ay77qHFSbx++a2GAuT6jDXOJIdrQ5y8hXVb1xCkqzco= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:07 2026 by rpki-client