$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143891.roa File: AS143891.roa (raw, json) Hash identifier: cHceeXdzC9w2M4F20zUHb9qGQByYng4ATl5HvB0BdAA= Subject key identifier: FF:2B:C0:0E:48:B7:E2:49:BB:6D:9B:4D:62:8E:4F:12:98:FB:6B:99 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 187E0D5EB7FA698CDBEF46E26408FDAE33CB5DB9 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143891.roa Signing time: Wed 04 Mar 2026 06:13:50 +0000 ROA not before: Wed 04 Mar 2026 06:08:50 +0000 ROA not after: Wed 03 Mar 2027 06:13:50 +0000 asID: 143891 IP address blocks: 240a:a4d9::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:7e:0d:5e:b7:fa:69:8c:db:ef:46:e2:64:08:fd:ae:33:cb:5d:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:50 2026 GMT Not After : Mar 3 06:13:50 2027 GMT Subject: CN=FF2BC00E48B7E249BB6D9B4D628E4F1298FB6B99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:d1:b1:4e:c6:1f:0e:14:a7:82:e9:33:f2:7c: f4:26:13:f3:42:ae:42:3e:32:93:c3:df:45:d1:c2: 62:43:e5:ce:51:7a:65:22:74:f4:43:53:81:e9:48: e3:d5:cb:68:f7:34:7e:a0:63:fb:2b:a4:df:25:52: 67:af:84:54:30:0e:d8:b7:31:cf:c7:96:8a:a4:10: 61:70:04:7a:94:76:61:93:07:01:da:91:c4:3e:b7: c9:78:51:ff:84:0e:dc:81:14:93:c1:c5:0d:41:77: 04:1c:01:f9:7f:9f:d5:e3:2f:bf:33:cf:ce:1d:d8: b7:57:8a:29:d5:9f:d9:90:a3:f3:8a:6f:31:b0:7d: cc:99:b4:30:05:fd:18:90:d5:45:4b:89:28:65:1f: 45:78:b4:88:70:23:9c:03:9f:32:50:e0:81:38:b4: b3:20:cf:2a:fb:c0:fe:e4:cc:22:6f:2f:b8:cb:27: 6a:6a:34:e6:45:f5:39:5a:b1:98:af:a8:4f:e7:7e: 04:80:3a:9b:dd:0e:e9:90:e5:32:92:1e:6c:cb:61: dc:26:78:dc:53:73:1f:5a:91:9d:20:9d:6e:29:2e: 9e:65:f2:5b:f7:69:5a:2d:34:d7:26:32:fe:80:d7: 93:dc:9b:16:a5:f3:1f:1e:a4:83:f8:c9:b6:b7:f1: b7:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:2B:C0:0E:48:B7:E2:49:BB:6D:9B:4D:62:8E:4F:12:98:FB:6B:99 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143891.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4d9::/32 Signature Algorithm: sha256WithRSAEncryption b0:e9:c1:70:52:68:7a:18:ff:1b:3c:02:26:80:7c:46:5b:e3: 22:0d:43:90:8b:88:cc:4a:f5:6a:c2:bb:34:94:73:d4:2c:1e: 88:bd:58:3d:4a:fd:2f:17:36:cb:b4:00:bd:3d:f8:7b:75:75: 0b:ac:4b:cd:7f:b0:b2:ab:83:66:5e:02:72:18:44:55:f8:13: 7c:c9:d1:60:13:a6:cb:2e:b4:79:c8:4f:93:48:21:6f:34:bb: ff:08:de:84:0b:cb:a9:38:1b:70:01:8a:c0:58:4e:ee:86:2a: 2e:ab:c4:39:da:23:4a:76:d0:5f:24:8a:cb:f8:32:2a:6e:e6: c5:d5:f6:57:39:71:49:c2:a7:1e:64:e5:36:ca:c1:60:4d:6d: 65:a3:70:5b:85:3d:49:f2:0e:30:42:73:83:1b:6d:96:8c:03: f6:a6:38:f8:00:7b:7f:b2:c8:a6:7b:cf:01:35:62:94:fb:4a: 44:e4:42:5a:da:ad:95:04:cc:48:56:7b:ca:fe:ec:6c:ac:d1: b1:26:7a:ba:91:62:3a:2b:fe:70:ba:66:3f:f2:64:ca:a6:37: 7e:c3:ad:85:95:03:78:92:85:a1:f2:96:ba:14:b3:0d:d7:f2: 21:0b:90:7a:23:9a:af:d2:25:86:df:14:1a:02:80:de:3d:20: d2:9c:d5:03 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUGH4NXrf6aYzb70biZAj9rjPLXbkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDg1MFoX DTI3MDMwMzA2MTM1MFowMzExMC8GA1UEAxMoRkYyQkMwMEU0OEI3RTI0OUJCNkQ5 QjRENjI4RTRGMTI5OEZCNkI5OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO/RsU7GHw4Up4LpM/J89CYT80KuQj4yk8PfRdHCYkPlzlF6ZSJ09ENTgelI 49XLaPc0fqBj+yuk3yVSZ6+EVDAO2Lcxz8eWiqQQYXAEepR2YZMHAdqRxD63yXhR /4QO3IEUk8HFDUF3BBwB+X+f1eMvvzPPzh3Yt1eKKdWf2ZCj84pvMbB9zJm0MAX9 GJDVRUuJKGUfRXi0iHAjnAOfMlDggTi0syDPKvvA/uTMIm8vuMsnamo05kX1OVqx mK+oT+d+BIA6m90O6ZDlMpIebMth3CZ43FNzH1qRnSCdbikunmXyW/dpWi001yYy /oDXk9ybFqXzHx6kg/jJtrfxt0cCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBT/K8AO SLfiSbttm01ijk8SmPtrmTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzg5MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pNkwDQYJKoZIhvcNAQELBQADggEBALDpwXBSaHoY/xs8AiaAfEZb4yINQ5CLiMxK 9WrCuzSUc9QsHoi9WD1K/S8XNsu0AL09+Ht1dQusS81/sLKrg2ZeAnIYRFX4E3zJ 0WATpssutHnIT5NIIW80u/8I3oQLy6k4G3ABisBYTu6GKi6rxDnaI0p20F8kisv4 Mipu5sXV9lc5cUnCpx5k5TbKwWBNbWWjcFuFPUnyDjBCc4MbbZaMA/amOPgAe3+y yKZ7zwE1YpT7SkTkQlrarZUEzEhWe8r+7Gys0bEmerqRYjor/nC6Zj/yZMqmN37D rYWVA3iShaHylroUsw3X8iELkHojmq/SJYbfFBoCgN49INKc1QM= -----END CERTIFICATE-----Generated at Sat Mar 28 13:18:14 2026 by rpki-client