$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143841.roa File: AS143841.roa (raw, json) Hash identifier: F6Zi4SXSnEDlJcZRqoUiGv3559ftM5Keott9Eeuhi24= Subject key identifier: FB:56:85:14:19:C7:CD:9B:BD:70:8A:E6:23:38:A9:AD:A5:E5:5A:34 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 77F32FD44BFDEDF68EAAE9D04631EF935C52E7A9 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143841.roa Signing time: Wed 04 Mar 2026 06:15:00 +0000 ROA not before: Wed 04 Mar 2026 06:10:00 +0000 ROA not after: Wed 03 Mar 2027 06:15:00 +0000 asID: 143841 IP address blocks: 240a:a4a7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:f3:2f:d4:4b:fd:ed:f6:8e:aa:e9:d0:46:31:ef:93:5c:52:e7:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:00 2026 GMT Not After : Mar 3 06:15:00 2027 GMT Subject: CN=FB56851419C7CD9BBD708AE62338A9ADA5E55A34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:a9:96:f5:be:59:6b:0a:11:3f:93:2b:38:5e: 4c:f3:31:fd:3a:8b:d0:41:a8:31:a2:df:be:38:2f: 45:09:ec:03:c9:4c:0b:1f:0d:fe:11:c7:b2:97:78: b0:7f:b5:7c:4a:c6:b4:95:a3:0d:a6:95:07:39:b5: 51:ea:85:1e:b4:36:d2:75:14:64:4d:bf:78:d8:97: 8f:aa:f1:4f:c3:6d:d8:37:35:44:bd:a6:0d:28:c4: 1b:24:7a:00:05:f0:55:a8:a5:5c:fa:a7:fd:31:2c: dc:7d:c2:ad:26:33:3e:c7:0d:a4:ef:ee:a3:12:55: fc:f2:cf:19:38:67:a8:ef:ce:bd:18:f6:24:17:90: ba:5a:ce:95:84:d1:fc:83:11:b4:4e:d1:22:3c:2b: e1:c9:bf:b4:92:cb:7d:14:fc:be:50:42:ee:3b:6a: cf:b2:bf:7f:0d:9d:39:54:cd:bb:8d:bb:43:2f:f5: f3:66:bc:9f:c0:a8:7e:58:e0:ce:86:2b:75:5e:69: 3f:26:21:ee:55:fe:de:18:a7:c9:e1:19:2d:b6:c3: 67:99:1a:fa:a8:f5:e1:d7:b4:d0:4e:8f:81:7d:c7: c1:58:f8:05:59:6e:a5:48:7d:b2:ab:54:70:df:62: 59:7b:ba:61:74:44:63:30:50:7f:7b:83:78:24:c4: a4:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:56:85:14:19:C7:CD:9B:BD:70:8A:E6:23:38:A9:AD:A5:E5:5A:34 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143841.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4a7::/32 Signature Algorithm: sha256WithRSAEncryption c4:01:1c:a5:77:0e:df:31:5e:8f:16:b8:f2:55:0d:08:cd:28: be:33:77:7c:c0:6b:a8:1d:8b:83:8d:d8:82:b1:25:a3:57:2e: 22:67:21:bc:46:92:1f:8e:c9:83:ad:d5:28:cd:6a:6c:ba:aa: e4:d0:0e:67:a9:6c:30:bc:7f:da:6e:54:d3:f3:7e:61:71:57: 3f:5c:2a:2f:48:f1:4d:b9:35:cd:1f:af:20:60:c2:0b:fa:fb: 07:e5:58:1f:0b:86:23:e7:da:33:06:ad:4f:18:49:06:0c:c8: df:31:11:c1:15:46:40:22:b0:12:ae:c4:3b:80:cb:2e:e4:a5: ad:9b:4f:a7:3b:7b:cf:e3:b3:c8:25:2b:e9:ef:cd:eb:0f:68: 79:df:c0:78:26:09:79:df:a3:1f:16:4c:31:95:7f:10:b5:37: ea:12:f1:7c:bc:eb:03:66:4c:d2:2f:80:79:83:18:7a:8e:6b: b1:06:b2:1c:6c:e5:b8:5d:8e:8b:7a:f4:e3:93:c9:8f:0a:53: ef:dd:d8:cd:1b:92:b4:8c:ca:36:48:f9:f5:0f:33:85:92:cf: 7f:c5:db:6d:27:bd:41:9a:88:0a:34:04:79:b0:cf:a1:40:a1: 4a:45:66:9b:18:aa:c9:2f:e3:62:dd:b1:47:7f:98:50:4d:56: 7a:f1:54:23 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUd/Mv1Ev97faOqunQRjHvk1xS56kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAwMFoX DTI3MDMwMzA2MTUwMFowMzExMC8GA1UEAxMoRkI1Njg1MTQxOUM3Q0Q5QkJENzA4 QUU2MjMzOEE5QURBNUU1NUEzNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIuplvW+WWsKET+TKzheTPMx/TqL0EGoMaLfvjgvRQnsA8lMCx8N/hHHspd4 sH+1fErGtJWjDaaVBzm1UeqFHrQ20nUUZE2/eNiXj6rxT8Nt2Dc1RL2mDSjEGyR6 AAXwVailXPqn/TEs3H3CrSYzPscNpO/uoxJV/PLPGThnqO/OvRj2JBeQulrOlYTR /IMRtE7RIjwr4cm/tJLLfRT8vlBC7jtqz7K/fw2dOVTNu427Qy/182a8n8Cofljg zoYrdV5pPyYh7lX+3hinyeEZLbbDZ5ka+qj14de00E6PgX3HwVj4BVlupUh9sqtU cN9iWXu6YXREYzBQf3uDeCTEpOECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT7VoUU GcfNm71wiuYjOKmtpeVaNDAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzg0MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pKcwDQYJKoZIhvcNAQELBQADggEBAMQBHKV3Dt8xXo8WuPJVDQjNKL4zd3zAa6gd i4ON2IKxJaNXLiJnIbxGkh+OyYOt1SjNamy6quTQDmepbDC8f9puVNPzfmFxVz9c Ki9I8U25Nc0fryBgwgv6+wflWB8LhiPn2jMGrU8YSQYMyN8xEcEVRkAisBKuxDuA yy7kpa2bT6c7e8/js8glK+nvzesPaHnfwHgmCXnfox8WTDGVfxC1N+oS8Xy86wNm TNIvgHmDGHqOa7EGshxs5bhdjot69OOTyY8KU+/d2M0bkrSMyjZI+fUPM4WSz3/F 220nvUGaiAo0BHmwz6FAoUpFZpsYqskv42LdsUd/mFBNVnrxVCM= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:21 2026 by rpki-client