$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143040.roa File: AS143040.roa (raw, json) Hash identifier: +7YEWJrjOSf9Q41kJB+/WiEE1M+VM2TdNdqVUcqmz8Y= Subject key identifier: 52:D1:B4:02:93:7D:11:6B:6F:37:B0:CD:88:A6:B9:90:AE:DA:85:C4 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3E5B9C0904A6750D3C8FA717079A560320732831 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143040.roa Signing time: Wed 04 Mar 2026 06:07:55 +0000 ROA not before: Wed 04 Mar 2026 06:02:55 +0000 ROA not after: Wed 03 Mar 2027 06:07:55 +0000 asID: 143040 IP address blocks: 240a:a186::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:5b:9c:09:04:a6:75:0d:3c:8f:a7:17:07:9a:56:03:20:73:28:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:55 2026 GMT Not After : Mar 3 06:07:55 2027 GMT Subject: CN=52D1B402937D116B6F37B0CD88A6B990AEDA85C4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:af:d1:e1:81:e1:46:a9:23:65:6c:ae:35:5d: 8c:7a:22:30:26:62:49:b7:e7:91:1f:0f:99:cb:40: 14:de:a7:45:fe:5e:06:ba:1b:90:a7:70:1d:2a:ed: 70:d0:00:ae:d0:5c:0e:00:9b:6c:72:39:95:23:a0: 38:6a:8a:bf:58:96:1e:27:2c:18:da:87:2d:e7:0c: e6:72:48:05:4d:d1:96:31:ae:c7:b5:6a:52:35:34: f8:d1:77:b0:5f:a2:75:8e:c0:d0:43:40:21:b8:37: ba:92:9e:02:ea:02:64:8f:04:3d:a4:e5:94:90:19: be:7a:d8:a6:9d:0e:ae:14:93:a9:09:5d:98:14:0b: b8:5f:d0:ef:fc:53:4e:83:17:e8:bf:3d:fb:43:f5: 99:04:63:e7:a2:e2:2c:53:1c:39:da:43:f4:cc:13: d8:f8:61:8e:c8:41:62:f4:41:0d:16:0e:25:3a:0a: 6a:f5:c4:b1:47:c3:31:f0:6a:1a:dd:ac:dd:ce:b0: 22:6e:9a:11:49:dd:8c:90:69:2c:dc:6f:17:5d:f7: 5a:1e:66:5c:fb:7e:15:8c:7d:c8:95:4b:b4:72:a5: 3d:15:1d:02:06:96:96:52:0e:ba:2e:21:4e:9e:2c: 2f:72:06:c9:a5:77:ac:b1:3b:0e:be:67:15:45:df: d2:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:D1:B4:02:93:7D:11:6B:6F:37:B0:CD:88:A6:B9:90:AE:DA:85:C4 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143040.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a186::/32 Signature Algorithm: sha256WithRSAEncryption 3b:02:09:47:f6:9c:78:c8:73:c7:61:0f:45:14:02:c1:da:6c: 7e:c0:84:1e:87:ff:37:0e:79:31:6f:97:20:8d:3b:89:26:4d: d5:d4:1c:47:33:9b:07:ac:cb:16:ca:81:07:5d:13:79:f0:c2: 60:af:26:41:82:d7:fa:af:14:6a:2a:1c:e4:db:b4:96:8e:ba: 5b:68:91:29:d1:77:1a:25:34:7b:c2:f1:f7:35:ca:7e:26:fd: e7:16:44:d3:5e:28:75:8c:66:57:83:18:b7:4e:34:2b:d7:4d: bc:cb:59:60:18:04:95:11:5d:87:f6:22:ec:b0:97:56:3f:36: d5:58:c6:ce:d0:5f:26:67:6f:75:63:87:13:87:6d:80:68:bb: 6e:13:62:6d:85:1f:be:fb:21:29:b1:7e:36:67:7c:8c:0b:67: 23:c5:6d:1c:fc:23:2d:bc:d8:b9:7f:40:dc:ef:45:4e:83:dc: 62:d8:59:5f:9a:c8:1b:dd:af:42:2a:b8:a6:20:bd:e8:d0:cf: d8:19:02:79:79:3c:8a:72:b6:a4:f1:59:8c:cc:69:4a:d5:70: a2:79:ec:d7:89:74:f5:6a:d0:ad:34:70:b1:58:c6:4a:dd:8b: 65:36:83:e2:4f:38:2a:c8:63:15:31:d0:02:5b:48:32:a9:0f: 41:0d:95:4d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPlucCQSmdQ08j6cXB5pWAyBzKDEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDI1NVoX DTI3MDMwMzA2MDc1NVowMzExMC8GA1UEAxMoNTJEMUI0MDI5MzdEMTE2QjZGMzdC MENEODhBNkI5OTBBRURBODVDNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJev0eGB4UapI2VsrjVdjHoiMCZiSbfnkR8PmctAFN6nRf5eBrobkKdwHSrt cNAArtBcDgCbbHI5lSOgOGqKv1iWHicsGNqHLecM5nJIBU3RljGux7VqUjU0+NF3 sF+idY7A0ENAIbg3upKeAuoCZI8EPaTllJAZvnrYpp0OrhSTqQldmBQLuF/Q7/xT ToMX6L89+0P1mQRj56LiLFMcOdpD9MwT2PhhjshBYvRBDRYOJToKavXEsUfDMfBq Gt2s3c6wIm6aEUndjJBpLNxvF133Wh5mXPt+FYx9yJVLtHKlPRUdAgaWllIOui4h Tp4sL3IGyaV3rLE7Dr5nFUXf0oUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRS0bQC k30Ra283sM2IprmQrtqFxDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzA0MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oYYwDQYJKoZIhvcNAQELBQADggEBADsCCUf2nHjIc8dhD0UUAsHabH7AhB6H/zcO eTFvlyCNO4kmTdXUHEczmwesyxbKgQddE3nwwmCvJkGC1/qvFGoqHOTbtJaOulto kSnRdxolNHvC8fc1yn4m/ecWRNNeKHWMZleDGLdONCvXTbzLWWAYBJURXYf2Iuyw l1Y/NtVYxs7QXyZnb3VjhxOHbYBou24TYm2FH777ISmxfjZnfIwLZyPFbRz8Iy28 2Ll/QNzvRU6D3GLYWV+ayBvdr0IquKYgvejQz9gZAnl5PIpytqTxWYzMaUrVcKJ5 7NeJdPVq0K00cLFYxkrdi2U2g+JPOCrIYxUx0AJbSDKpD0ENlU0= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:41 2026 by rpki-client