$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143855.roa File: AS143855.roa (raw, json) Hash identifier: Ei6KiltzcMPxzeZFUMHvsDGz17Z4Aa2YU4aXfmG5/Bw= Subject key identifier: A1:35:BE:9B:4B:50:CA:FF:44:96:83:FB:7A:1B:CF:D6:86:7B:62:36 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 16583854971895E301CDCC4E17ED89B16277F766 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143855.roa Signing time: Wed 04 Mar 2026 06:14:27 +0000 ROA not before: Wed 04 Mar 2026 06:09:27 +0000 ROA not after: Wed 03 Mar 2027 06:14:27 +0000 asID: 143855 IP address blocks: 240a:a4b5::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:58:38:54:97:18:95:e3:01:cd:cc:4e:17:ed:89:b1:62:77:f7:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:27 2026 GMT Not After : Mar 3 06:14:27 2027 GMT Subject: CN=A135BE9B4B50CAFF449683FB7A1BCFD6867B6236 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:cd:97:d4:22:4c:d8:60:42:46:e8:c8:8c:64: 25:be:e0:6c:91:a9:a3:60:4a:90:f4:ef:25:a3:14: 11:7f:b2:e5:43:f0:30:36:b3:63:6b:f4:3a:7c:ed: 7f:a8:f8:09:c9:f6:13:ac:80:79:a7:ec:87:62:94: 54:ed:49:59:03:6d:aa:76:ea:b3:12:c2:c4:65:e9: a3:04:56:2b:c0:93:87:5e:14:f1:b8:97:61:e4:97: 84:45:cf:86:0b:e4:bf:1f:f8:49:21:df:34:03:e1: d5:3c:eb:69:8a:e2:37:60:41:a3:42:43:55:27:20: 87:63:4f:dd:b5:e9:26:21:95:4c:b7:1c:58:1e:a0: aa:7f:61:1f:9d:3b:da:90:c4:b7:7a:2b:1e:3b:f0: 77:b5:51:4c:d0:72:cc:22:0b:4a:17:31:1b:bd:6a: d8:c7:45:1a:25:fb:72:03:09:85:cd:0f:f4:d3:0a: f9:40:d3:f8:2e:1b:1c:70:d4:af:1d:3b:87:27:4c: c1:26:88:a9:c9:37:29:fc:33:e9:fa:91:ea:52:47: 99:a7:d8:0f:c6:a9:df:8d:06:8e:d8:b2:5e:51:2f: 98:4e:71:dd:63:4e:56:67:90:d1:bd:87:ee:91:f2: 1b:b0:f4:a1:32:68:00:e8:60:53:96:6a:54:fe:3e: 63:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:35:BE:9B:4B:50:CA:FF:44:96:83:FB:7A:1B:CF:D6:86:7B:62:36 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143855.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4b5::/32 Signature Algorithm: sha256WithRSAEncryption a2:74:b0:f9:f9:16:b7:87:15:6b:9b:af:9a:64:6d:4c:29:1d: 60:d0:d8:ba:e7:7e:8b:2d:1c:95:e9:d7:c1:3b:c8:67:6f:ee: 7a:6d:3a:6a:2c:66:76:2a:27:cd:88:7c:4e:6b:71:3c:df:a9: a4:7c:70:85:7c:71:7c:6c:df:0d:97:86:a5:aa:cd:7b:b6:d2: ca:31:21:29:2e:ed:bc:d1:5f:24:98:56:e8:16:5f:e0:3e:64: 67:ca:7a:f2:42:22:57:8f:56:0f:d8:3b:11:02:ac:b9:26:32: 48:fa:5f:e8:f0:1a:90:b8:28:62:f6:7d:9c:4a:ac:20:4e:15: 02:c5:20:94:9e:5e:e0:e2:bd:80:ba:9a:fb:9c:d9:21:2d:d6: 8a:5d:7d:8e:55:d4:3b:6e:5c:53:84:10:35:84:0f:28:16:ae: 75:50:7f:a4:d9:76:99:6c:01:a9:1c:1d:25:30:8f:02:45:24: bf:81:8e:83:aa:82:8e:76:75:44:1b:47:03:7b:fb:a3:2e:56: e6:c8:1d:2a:80:31:20:bd:9a:b9:41:e2:65:a9:9a:d0:07:60: 48:08:83:52:d5:36:7a:a5:76:f1:d8:4e:fa:d0:f5:8d:df:50: 88:cd:23:65:01:4b:3d:e8:38:08:b1:9c:75:2e:3a:80:91:3a: b9:2f:03:8f -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUFlg4VJcYleMBzcxOF+2JsWJ392YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkyN1oX DTI3MDMwMzA2MTQyN1owMzExMC8GA1UEAxMoQTEzNUJFOUI0QjUwQ0FGRjQ0OTY4 M0ZCN0ExQkNGRDY4NjdCNjIzNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALDNl9QiTNhgQkboyIxkJb7gbJGpo2BKkPTvJaMUEX+y5UPwMDazY2v0Onzt f6j4Ccn2E6yAeafsh2KUVO1JWQNtqnbqsxLCxGXpowRWK8CTh14U8biXYeSXhEXP hgvkvx/4SSHfNAPh1TzraYriN2BBo0JDVScgh2NP3bXpJiGVTLccWB6gqn9hH507 2pDEt3orHjvwd7VRTNByzCILShcxG71q2MdFGiX7cgMJhc0P9NMK+UDT+C4bHHDU rx07hydMwSaIqck3Kfwz6fqR6lJHmafYD8ap340GjtiyXlEvmE5x3WNOVmeQ0b2H 7pHyG7D0oTJoAOhgU5ZqVP4+Y/8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBShNb6b S1DK/0SWg/t6G8/WhntiNjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzg1NS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pLUwDQYJKoZIhvcNAQELBQADggEBAKJ0sPn5FreHFWubr5pkbUwpHWDQ2Lrnfost HJXp18E7yGdv7nptOmosZnYqJ82IfE5rcTzfqaR8cIV8cXxs3w2XhqWqzXu20sox ISku7bzRXySYVugWX+A+ZGfKevJCIlePVg/YOxECrLkmMkj6X+jwGpC4KGL2fZxK rCBOFQLFIJSeXuDivYC6mvuc2SEt1opdfY5V1DtuXFOEEDWEDygWrnVQf6TZdpls AakcHSUwjwJFJL+BjoOqgo52dUQbRwN7+6MuVubIHSqAMSC9mrlB4mWpmtAHYEgI g1LVNnqldvHYTvrQ9Y3fUIjNI2UBSz3oOAixnHUuOoCROrkvA48= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:14 2026 by rpki-client