$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143090.roa File: AS143090.roa (raw, json) Hash identifier: Z+DpcktOi9gONWL1pRLepg3EtSWX9XB+5LD9eGq+jyc= Subject key identifier: 5E:3C:50:19:56:AA:99:4E:04:FD:A0:BA:0C:50:F5:C5:59:9B:60:35 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2CFA2C74BA4E87CF9A8F442CC493952FB85728E9 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143090.roa Signing time: Wed 04 Mar 2026 06:06:25 +0000 ROA not before: Wed 04 Mar 2026 06:01:25 +0000 ROA not after: Wed 03 Mar 2027 06:06:25 +0000 asID: 143090 IP address blocks: 240a:a1b8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:fa:2c:74:ba:4e:87:cf:9a:8f:44:2c:c4:93:95:2f:b8:57:28:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:25 2026 GMT Not After : Mar 3 06:06:25 2027 GMT Subject: CN=5E3C501956AA994E04FDA0BA0C50F5C5599B6035 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:59:6b:40:34:11:68:ea:b5:ca:ba:d0:03:da: 49:77:a6:f5:34:ba:11:3a:6a:fd:aa:34:c8:b8:48: 90:34:1e:75:df:f8:74:c1:02:89:10:77:6a:0f:c4: c0:0d:80:3e:52:81:29:e8:b5:30:fd:e9:e9:1b:3d: 0a:82:44:98:18:0a:eb:d6:11:1a:5e:c7:19:b6:2c: 72:eb:fa:51:e9:87:2a:4c:2c:96:3b:f5:f9:73:72: af:31:2e:1c:55:30:cd:c2:12:67:74:62:81:fe:80: 75:9c:35:ce:e4:24:74:3e:7e:e9:e7:e2:e6:d5:5b: ab:42:69:8e:76:2a:24:66:0b:4a:3e:fd:9a:b3:2b: 9c:56:b9:4a:6b:f6:dc:51:8b:89:e1:be:8f:f0:54: 0a:0c:9b:0b:8e:10:b8:22:77:09:88:43:ff:0e:a9: 76:d8:76:72:7d:91:d2:d5:eb:27:06:12:26:ec:be: 0c:96:bc:c5:a7:20:ca:16:58:9e:c6:e6:33:4a:1d: ca:c6:30:5b:c3:ee:17:ea:c8:0e:1c:42:98:c6:11: 32:24:86:c4:34:b2:ae:92:3c:16:e4:40:4a:f0:e7: 6f:18:34:72:bf:5a:d4:3c:b3:eb:f6:ac:2f:ef:f1: 9b:c5:cc:c8:e1:54:7d:66:9a:9d:32:64:32:52:80: 28:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:3C:50:19:56:AA:99:4E:04:FD:A0:BA:0C:50:F5:C5:59:9B:60:35 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143090.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a1b8::/32 Signature Algorithm: sha256WithRSAEncryption cc:01:1d:9c:bd:c9:1e:60:e0:5a:34:2d:3d:6c:54:e7:20:a4: 2e:5f:9b:e2:48:d9:4f:b1:46:fb:43:c1:f2:d1:8d:8f:4e:04: 60:a1:8d:51:cb:15:d4:12:e5:23:aa:a0:2a:9c:a7:78:42:75: 4f:27:9c:03:d0:3b:79:89:be:1e:3a:94:32:3f:e5:18:cd:e7: 2b:ef:3e:f2:ca:07:9e:6d:db:c3:11:bf:e1:fe:c7:26:9b:e9: a0:ab:17:34:35:94:17:43:43:8b:b1:d1:73:b2:7b:27:4b:d2: 85:4c:71:3f:e9:8b:4c:06:b0:2a:4c:78:03:db:21:2b:ca:41: b5:5a:5c:c6:1a:3d:84:9e:d6:47:2b:af:d5:b7:4c:5e:83:3b: e1:dc:09:f6:9c:f3:7a:84:c3:a9:f5:86:6e:fe:e6:56:05:54: 5a:b8:12:a7:3c:91:b3:60:ff:d2:29:d7:88:43:ed:7e:e1:e1: 7e:06:bd:5c:f3:86:c5:ee:a5:a3:9b:53:1d:96:3d:06:d1:9e: cf:ac:62:e3:e1:fd:82:95:63:af:98:9e:34:82:a7:29:df:04: be:97:13:6f:b4:9a:17:88:e1:45:71:3f:9d:64:59:ef:69:4f: 3c:04:7c:86:23:50:30:2a:92:4c:dc:4e:74:a6:d6:09:af:93: 7f:3c:8b:9c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULPosdLpOh8+aj0QsxJOVL7hXKOkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEyNVoX DTI3MDMwMzA2MDYyNVowMzExMC8GA1UEAxMoNUUzQzUwMTk1NkFBOTk0RTA0RkRB MEJBMEM1MEY1QzU1OTlCNjAzNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALxZa0A0EWjqtcq60APaSXem9TS6ETpq/ao0yLhIkDQedd/4dMECiRB3ag/E wA2APlKBKei1MP3p6Rs9CoJEmBgK69YRGl7HGbYscuv6UemHKkwsljv1+XNyrzEu HFUwzcISZ3Rigf6AdZw1zuQkdD5+6efi5tVbq0JpjnYqJGYLSj79mrMrnFa5Smv2 3FGLieG+j/BUCgybC44QuCJ3CYhD/w6pdth2cn2R0tXrJwYSJuy+DJa8xacgyhZY nsbmM0odysYwW8PuF+rIDhxCmMYRMiSGxDSyrpI8FuRASvDnbxg0cr9a1Dyz6/as L+/xm8XMyOFUfWaanTJkMlKAKMsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRePFAZ VqqZTgT9oLoMUPXFWZtgNTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzA5MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK obgwDQYJKoZIhvcNAQELBQADggEBAMwBHZy9yR5g4Fo0LT1sVOcgpC5fm+JI2U+x RvtDwfLRjY9OBGChjVHLFdQS5SOqoCqcp3hCdU8nnAPQO3mJvh46lDI/5RjN5yvv PvLKB55t28MRv+H+xyab6aCrFzQ1lBdDQ4ux0XOyeydL0oVMcT/pi0wGsCpMeAPb ISvKQbVaXMYaPYSe1kcrr9W3TF6DO+HcCfac83qEw6n1hm7+5lYFVFq4Eqc8kbNg /9Ip14hD7X7h4X4GvVzzhsXupaObUx2WPQbRns+sYuPh/YKVY6+YnjSCpynfBL6X E2+0mheI4UVxP51kWe9pTzwEfIYjUDAqkkzcTnSm1gmvk388i5w= -----END CERTIFICATE-----Generated at Sat Mar 28 13:15:20 2026 by rpki-client