$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143491.roa File: AS143491.roa (raw, json) Hash identifier: wHGhxWP2vBItoUH25SCJqyDA5N0GbOXb1C1fHauQEQ4= Subject key identifier: F1:FC:39:16:0C:C2:3D:7B:83:0A:F2:6F:FC:DF:E0:24:25:68:61:ED Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 55F380AC1D027E252F46B9BDC3D3E2C1217AD61C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143491.roa Signing time: Wed 04 Mar 2026 06:05:53 +0000 ROA not before: Wed 04 Mar 2026 06:00:53 +0000 ROA not after: Wed 03 Mar 2027 06:05:53 +0000 asID: 143491 IP address blocks: 240a:a349::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:f3:80:ac:1d:02:7e:25:2f:46:b9:bd:c3:d3:e2:c1:21:7a:d6:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:00:53 2026 GMT Not After : Mar 3 06:05:53 2027 GMT Subject: CN=F1FC39160CC23D7B830AF26FFCDFE024256861ED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:b0:c6:bb:4d:e5:33:df:03:4b:17:eb:88:e5: f1:7b:fe:be:26:56:e9:81:1f:d6:3f:70:ac:5f:dd: a2:76:05:0e:df:41:8f:63:82:8d:6a:44:56:c8:cf: 81:df:f7:ce:06:e2:d5:e3:09:7e:e0:17:71:d4:74: 1f:b1:4c:0f:4e:df:6d:b6:ef:26:c3:81:c8:38:aa: f2:00:00:bd:d0:e1:8e:b4:be:1c:8a:0b:80:eb:cd: 7b:80:0f:0c:e7:62:fa:0e:79:0e:b5:78:4e:d6:de: 57:cb:e4:2a:a4:3b:32:34:9a:0c:e6:cd:1c:bc:27: e2:2b:60:d1:49:b7:6b:16:cc:28:2e:89:95:70:4a: be:6c:34:4f:cd:79:23:a5:6d:09:61:53:d2:d3:f8: ce:a1:25:1e:e9:2c:30:6f:23:62:6a:92:57:f3:07: 48:76:8c:31:74:2e:62:d5:02:5a:10:27:9e:9b:0d: c0:94:4a:0c:95:9c:4d:90:14:de:98:54:cd:ba:a3: 05:34:47:7c:38:ed:20:b1:65:5a:cd:17:57:c9:86: a0:60:3e:de:6e:b0:2e:53:b2:d3:05:2b:95:cd:4d: 0d:50:76:86:cf:a7:85:65:74:91:fc:3e:aa:af:38: ea:3d:40:e2:fa:b4:67:cd:51:a2:c9:b9:07:11:7c: d9:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:FC:39:16:0C:C2:3D:7B:83:0A:F2:6F:FC:DF:E0:24:25:68:61:ED X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143491.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a349::/32 Signature Algorithm: sha256WithRSAEncryption 6f:d6:27:1b:65:f6:62:96:9d:02:d7:75:50:15:a2:61:4c:ac: 6c:94:7e:eb:84:95:b3:57:e9:82:f5:51:99:e9:88:43:35:6e: 7f:5e:e1:64:a7:a5:b8:46:3b:09:e5:44:92:33:f0:77:34:f4: 26:8f:a4:38:2b:fb:f2:f8:92:0b:3f:b3:e3:0a:d8:bc:7a:4c: be:6e:79:e7:e3:81:91:e6:09:1f:6e:30:cd:b8:9f:b8:33:aa: c4:f3:ed:d2:c5:f3:8b:5b:6c:5f:75:d4:43:76:4d:67:84:1a: b2:a9:00:c2:e4:c1:fe:66:40:6e:0b:93:46:01:11:f2:52:09: 68:8c:9a:6d:ee:10:d4:79:bd:0b:fa:ab:a4:05:b0:c7:33:2e: 25:2f:72:22:3a:1c:7f:37:05:2b:d9:56:a7:92:36:8f:2e:66: 80:3a:62:ab:8c:9e:0f:88:ec:90:19:19:58:a8:a4:ee:23:72: 09:53:cf:9f:4f:b1:83:7e:41:53:c4:65:13:9b:6d:7e:b3:78: f5:01:e7:3c:ec:c2:03:50:0c:97:0d:95:99:3e:dc:45:8b:62: b0:20:69:d4:34:14:9b:49:a6:07:57:ba:4f:30:22:d9:b9:66: 2b:7d:b3:c8:e5:75:45:9e:74:83:cb:02:ee:e5:eb:32:bb:b6: a6:d9:cf:72 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVfOArB0CfiUvRrm9w9PiwSF61hwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDA1M1oX DTI3MDMwMzA2MDU1M1owMzExMC8GA1UEAxMoRjFGQzM5MTYwQ0MyM0Q3QjgzMEFG MjZGRkNERkUwMjQyNTY4NjFFRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALqwxrtN5TPfA0sX64jl8Xv+viZW6YEf1j9wrF/donYFDt9Bj2OCjWpEVsjP gd/3zgbi1eMJfuAXcdR0H7FMD07fbbbvJsOByDiq8gAAvdDhjrS+HIoLgOvNe4AP DOdi+g55DrV4TtbeV8vkKqQ7MjSaDObNHLwn4itg0Um3axbMKC6JlXBKvmw0T815 I6VtCWFT0tP4zqElHuksMG8jYmqSV/MHSHaMMXQuYtUCWhAnnpsNwJRKDJWcTZAU 3phUzbqjBTRHfDjtILFlWs0XV8mGoGA+3m6wLlOy0wUrlc1NDVB2hs+nhWV0kfw+ qq846j1A4vq0Z81Rosm5BxF82bkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTx/DkW DMI9e4MK8m/83+AkJWhh7TAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQ5MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o0kwDQYJKoZIhvcNAQELBQADggEBAG/WJxtl9mKWnQLXdVAVomFMrGyUfuuElbNX 6YL1UZnpiEM1bn9e4WSnpbhGOwnlRJIz8Hc09CaPpDgr+/L4kgs/s+MK2Lx6TL5u eefjgZHmCR9uMM24n7gzqsTz7dLF84tbbF911EN2TWeEGrKpAMLkwf5mQG4Lk0YB EfJSCWiMmm3uENR5vQv6q6QFsMczLiUvciI6HH83BSvZVqeSNo8uZoA6YquMng+I 7JAZGViopO4jcglTz59PsYN+QVPEZRObbX6zePUB5zzswgNQDJcNlZk+3EWLYrAg adQ0FJtJpgdXuk8wItm5Zit9s8jldUWedIPLAu7l6zK7tqbZz3I= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:54 2026 by rpki-client