$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143499.roa File: AS143499.roa (raw, json) Hash identifier: OEoBcVwnmqUSkdBFVqhyqlsNF5b1jXsFXNaEzi/TUJw= Subject key identifier: 29:55:72:3D:BE:05:84:F3:9C:D6:0A:B4:5B:20:C6:D9:29:FA:43:B2 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2B22DBCFD100EFE92A0EE32928D7FD074D5D234C Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143499.roa Signing time: Wed 04 Mar 2026 06:06:04 +0000 ROA not before: Wed 04 Mar 2026 06:01:04 +0000 ROA not after: Wed 03 Mar 2027 06:06:04 +0000 asID: 143499 IP address blocks: 240a:a351::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:22:db:cf:d1:00:ef:e9:2a:0e:e3:29:28:d7:fd:07:4d:5d:23:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:01:04 2026 GMT Not After : Mar 3 06:06:04 2027 GMT Subject: CN=2955723DBE0584F39CD60AB45B20C6D929FA43B2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:07:bf:17:ea:df:f1:0e:71:81:b5:d2:df:a6: 72:7d:63:d3:47:1f:4c:3b:7e:36:9b:fd:9f:a6:be: 17:b8:b0:f7:82:e4:98:fc:e8:2b:96:61:9d:17:d3: f1:10:53:b0:2a:57:d2:f8:4b:74:e9:f3:5e:74:09: 5f:dd:ef:44:a5:cd:35:f1:cf:2f:b1:fb:67:4d:a1: a5:93:2a:25:a2:f1:6f:86:79:ea:c8:2f:6a:99:31: ef:5d:91:9f:06:67:07:da:26:0e:6c:6d:ac:75:7b: fd:4e:a9:e3:b6:e7:07:af:fa:7b:03:53:76:ee:5c: 01:71:ff:19:e3:ff:7f:9a:a5:0a:a0:94:74:90:ce: 45:fb:25:2c:1b:a5:36:d5:d8:0a:30:c1:5c:a8:f8: f9:21:ac:de:00:eb:50:7c:d1:da:11:d2:cb:de:2f: 24:22:09:bb:08:ae:7c:9b:e5:2a:72:10:de:8c:40: 2e:2b:c6:e8:a7:59:15:f7:96:b6:3f:48:f5:aa:9d: 3f:c8:1b:6f:0f:b7:96:36:33:69:da:22:da:fe:55: eb:5e:63:40:a3:13:c8:2a:94:69:10:26:a0:e1:07: 1b:36:75:96:9f:ed:e5:ef:3c:f7:3a:6f:ae:df:82: 78:d3:b8:87:00:5f:40:96:7f:34:b5:4d:68:db:34: d0:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:55:72:3D:BE:05:84:F3:9C:D6:0A:B4:5B:20:C6:D9:29:FA:43:B2 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143499.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a351::/32 Signature Algorithm: sha256WithRSAEncryption 3c:90:e5:cb:dc:ee:1d:51:48:3f:80:37:5a:11:75:df:53:57: 3e:b0:a4:35:d1:32:1b:20:89:52:16:4a:cc:f3:40:04:a2:d0: c3:d8:be:cd:f7:65:54:bd:6e:43:a8:00:a5:92:46:28:f6:bc: cb:9b:f7:ae:5d:19:fe:6e:be:07:e0:89:8f:bc:18:ef:45:2b: 33:00:84:22:09:51:6c:c5:b2:24:30:0c:61:28:c4:89:8f:24: 10:cf:a8:6a:5c:bd:1c:61:2e:15:40:bd:17:74:ef:4b:cc:3f: 84:ca:f3:31:26:b4:c6:1a:c7:da:53:34:0e:3d:51:51:22:99: e8:c5:58:61:90:2e:87:c8:75:82:7c:ed:66:7d:d3:fa:f0:ef: f6:64:30:d3:2c:53:d1:a9:a4:e9:d9:20:95:99:cb:6b:2a:24: ed:1a:7c:4d:10:6b:25:7d:f5:65:c7:1d:61:a8:03:ed:bd:33: bf:57:93:76:bc:4f:24:3d:3e:71:88:4c:c1:d1:b9:a4:ab:60: e3:e8:fc:04:5c:6a:45:68:a5:de:75:8e:4b:aa:05:35:3d:4f: ae:e5:f7:83:62:1a:f8:89:08:5f:a1:5b:40:81:23:c9:6c:91: b6:29:60:98:1d:b3:a0:3b:8b:79:60:03:2f:e9:7d:e1:99:b1: a0:70:b6:3e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUKyLbz9EA7+kqDuMpKNf9B01dI0wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDEwNFoX DTI3MDMwMzA2MDYwNFowMzExMC8GA1UEAxMoMjk1NTcyM0RCRTA1ODRGMzlDRDYw QUI0NUIyMEM2RDkyOUZBNDNCMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALwHvxfq3/EOcYG10t+mcn1j00cfTDt+Npv9n6a+F7iw94LkmPzoK5ZhnRfT 8RBTsCpX0vhLdOnzXnQJX93vRKXNNfHPL7H7Z02hpZMqJaLxb4Z56sgvapkx712R nwZnB9omDmxtrHV7/U6p47bnB6/6ewNTdu5cAXH/GeP/f5qlCqCUdJDORfslLBul NtXYCjDBXKj4+SGs3gDrUHzR2hHSy94vJCIJuwiufJvlKnIQ3oxALivG6KdZFfeW tj9I9aqdP8gbbw+3ljYzadoi2v5V615jQKMTyCqUaRAmoOEHGzZ1lp/t5e889zpv rt+CeNO4hwBfQJZ/NLVNaNs00E0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQpVXI9 vgWE85zWCrRbIMbZKfpDsjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzQ5OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK o1EwDQYJKoZIhvcNAQELBQADggEBADyQ5cvc7h1RSD+AN1oRdd9TVz6wpDXRMhsg iVIWSszzQASi0MPYvs33ZVS9bkOoAKWSRij2vMub965dGf5uvgfgiY+8GO9FKzMA hCIJUWzFsiQwDGEoxImPJBDPqGpcvRxhLhVAvRd070vMP4TK8zEmtMYax9pTNA49 UVEimejFWGGQLofIdYJ87WZ90/rw7/ZkMNMsU9GppOnZIJWZy2sqJO0afE0QayV9 9WXHHWGoA+29M79Xk3a8TyQ9PnGITMHRuaSrYOPo/ARcakVopd51jkuqBTU9T67l 94NiGviJCF+hW0CBI8lskbYpYJgds6A7i3lgAy/pfeGZsaBwtj4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:51 2026 by rpki-client