$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143849.roa File: AS143849.roa (raw, json) Hash identifier: GsxR6SZBNf0NMeffHP7Dqo+Xnzpta3gj1ZswdwrepIY= Subject key identifier: C8:A6:DF:FD:90:A8:C4:0F:66:26:A4:5F:BF:CE:66:BF:DB:80:78:3E Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 490D9BA8987B1827F900E9BA7BD62FCA9DF42E Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143849.roa Signing time: Wed 04 Mar 2026 06:15:07 +0000 ROA not before: Wed 04 Mar 2026 06:10:07 +0000 ROA not after: Wed 03 Mar 2027 06:15:07 +0000 asID: 143849 IP address blocks: 240a:a4af::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:0d:9b:a8:98:7b:18:27:f9:00:e9:ba:7b:d6:2f:ca:9d:f4:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:07 2026 GMT Not After : Mar 3 06:15:07 2027 GMT Subject: CN=C8A6DFFD90A8C40F6626A45FBFCE66BFDB80783E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:3e:f8:4f:ed:cb:28:b0:bb:a3:6a:1c:f6:8d: f2:45:67:fa:9b:c8:01:3e:4e:89:3c:e5:60:4d:3b: e6:42:02:7a:07:9b:5e:8d:98:81:53:de:56:78:85: 70:a0:ca:5a:67:15:72:0a:cf:b9:44:55:ee:a2:b2: 85:c0:70:a6:0d:14:9a:7d:05:97:27:a7:9e:56:06: 5b:41:ba:11:fe:0b:04:73:94:c7:c5:cb:0a:ab:b4: a4:16:2a:2c:f9:55:10:f9:a6:ec:62:df:a1:9a:36: 68:83:5a:f7:ec:69:08:ba:5e:ba:a2:bf:f7:a6:29: 1e:d1:1f:8d:e2:d4:65:f6:bc:16:24:c0:b5:23:ee: eb:93:47:fb:d4:1d:9e:9b:2d:16:c4:11:28:49:f4: 09:97:b0:16:28:a8:bc:4d:a2:f4:47:81:85:00:ba: d5:3c:9e:60:fa:d7:0a:14:96:35:55:d6:34:2f:7d: 38:3b:5d:3a:e2:b8:a6:a8:e4:e7:fa:1f:8f:5a:5c: c3:e4:8c:78:0d:9b:de:52:c0:f5:ef:c5:32:ee:02: c9:28:10:22:81:d2:31:49:46:86:88:f7:48:2f:8d: 26:f2:fe:8a:14:66:37:14:32:e8:80:3a:e7:0d:52: 57:82:d7:ea:17:b1:a9:79:c6:72:ff:18:d9:cf:73: 8d:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:A6:DF:FD:90:A8:C4:0F:66:26:A4:5F:BF:CE:66:BF:DB:80:78:3E X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143849.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4af::/32 Signature Algorithm: sha256WithRSAEncryption 6f:00:af:89:f1:93:d5:5f:c7:e7:89:07:70:a8:3f:11:8c:59: ca:01:71:12:29:33:dd:b0:eb:98:90:13:ef:08:78:4d:53:91: 05:64:38:44:7e:aa:7c:17:a5:8f:95:4c:b4:40:16:f7:0c:26: c8:51:49:ff:bb:0b:10:f6:e1:f5:af:95:af:03:d8:e6:45:cc: e7:21:aa:ca:70:8d:1b:a6:e9:1d:97:7e:62:e6:a7:88:40:87: 49:94:7d:fd:06:fa:93:53:da:27:b1:e0:5b:6e:81:24:40:be: 9a:11:0e:ad:88:92:4e:37:1a:05:4d:09:b1:0f:fc:04:88:2f: fc:7a:93:8f:34:18:7c:f3:a4:13:9e:97:2d:a8:fc:bc:cc:46: 7e:d1:13:90:36:08:be:29:43:01:3a:1f:0e:be:17:1d:7d:9c: 1e:82:2a:d1:72:f0:1d:fd:16:8e:ef:fe:be:9d:ad:71:f0:32: a9:a0:3d:c0:16:c1:e4:42:6f:7e:7d:48:1e:e1:40:ca:b3:21: 88:b6:e7:3d:39:6b:73:82:e9:3f:3d:c5:b4:c4:be:94:ed:e9: fc:95:58:c0:70:1d:2d:90:d2:5a:94:c1:af:26:85:8a:3e:36: e8:26:69:b4:0a:e2:ba:d5:b9:b4:57:54:15:db:89:cb:15:68: c7:36:12:54 -----BEGIN CERTIFICATE----- MIIE0TCCA7mgAwIBAgITSQ2bqJh7GCf5AOm6e9Yvyp30LjANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDDAxBOTFFNUQ2MTAwMDExMTAvBgNVBAUTKDA1RkM5QzVCODg1 MDZGN0MwRDNGODYyQzg4OTVCRUQ2N0U5RjhFQkEwHhcNMjYwMzA0MDYxMDA3WhcN MjcwMzAzMDYxNTA3WjAzMTEwLwYDVQQDEyhDOEE2REZGRDkwQThDNDBGNjYyNkE0 NUZCRkNFNjZCRkRCODA3ODNFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArj74T+3LKLC7o2oc9o3yRWf6m8gBPk6JPOVgTTvmQgJ6B5tejZiBU95WeIVw oMpaZxVyCs+5RFXuorKFwHCmDRSafQWXJ6eeVgZbQboR/gsEc5THxcsKq7SkFios +VUQ+absYt+hmjZog1r37GkIul66or/3pike0R+N4tRl9rwWJMC1I+7rk0f71B2e my0WxBEoSfQJl7AWKKi8TaL0R4GFALrVPJ5g+tcKFJY1VdY0L304O1064rimqOTn +h+PWlzD5Ix4DZveUsD178Uy7gLJKBAigdIxSUaGiPdIL40m8v6KFGY3FDLogDrn DVJXgtfqF7GpecZy/xjZz3ON7QIDAQABo4IBxTCCAcEwHQYDVR0OBBYEFMim3/2Q qMQPZiakX7/OZr/bgHg+MB8GA1UdIwQYMBaAFAX8nFuIUG98DT+GLIiVvtZ+n466 MA4GA1UdDwEB/wQEAwIHgDBjBgNVHR8EXDBaMFigVqBUhlJyc3luYzovL3Jwa2ku Y2VybmV0Lm5ldC9yZXBvL2Nlcm5ldC8wLzA1RkM5QzVCODg1MDZGN0MwRDNGODYy Qzg4OTVCRUQ2N0U5RjhFQkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcw AoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2 NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0JmeWNXNGhRYjN3TlA0WXNpSlctMW42Zmpy by5jZXIwTgYIKwYBBQUHAQsEQjBAMD4GCCsGAQUFBzALhjJyc3luYzovL3Jwa2ku Y2VybmV0Lm5ldC9yZXBvL2Nlcm5ldC8wL0FTMTQzODQ5LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAqk rzANBgkqhkiG9w0BAQsFAAOCAQEAbwCvifGT1V/H54kHcKg/EYxZygFxEikz3bDr mJAT7wh4TVORBWQ4RH6qfBelj5VMtEAW9wwmyFFJ/7sLEPbh9a+VrwPY5kXM5yGq ynCNG6bpHZd+YuaniECHSZR9/Qb6k1PaJ7HgW26BJEC+mhEOrYiSTjcaBU0JsQ/8 BIgv/HqTjzQYfPOkE56XLaj8vMxGftETkDYIvilDATofDr4XHX2cHoIq0XLwHf0W ju/+vp2tcfAyqaA9wBbB5EJvfn1IHuFAyrMhiLbnPTlrc4LpPz3FtMS+lO3p/JVY wHAdLZDSWpTBryaFij426CZptAriutW5tFdUFduJyxVoxzYSVA== -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:15 2026 by rpki-client