$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143893.roa File: AS143893.roa (raw, json) Hash identifier: w784z/s1XiZFSkL4QMkOeCjJy5tlD4CeFWFxc2H2OCY= Subject key identifier: 10:CF:AC:B4:9F:C1:02:B3:6D:B3:74:04:F0:99:E8:47:E3:2C:97:55 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 05BD1D9AC082DB373B19B11047363E1A1DBEDE75 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143893.roa Signing time: Wed 04 Mar 2026 06:15:49 +0000 ROA not before: Wed 04 Mar 2026 06:10:49 +0000 ROA not after: Wed 03 Mar 2027 06:15:49 +0000 asID: 143893 IP address blocks: 240a:a4db::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:bd:1d:9a:c0:82:db:37:3b:19:b1:10:47:36:3e:1a:1d:be:de:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:49 2026 GMT Not After : Mar 3 06:15:49 2027 GMT Subject: CN=10CFACB49FC102B36DB37404F099E847E32C9755 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:ab:39:13:21:70:3a:18:f7:96:3a:3c:f6:25: c6:7b:31:bf:91:3a:d0:5b:dc:2e:45:1f:24:c9:60: bd:ed:30:84:ae:8b:6f:46:13:ea:65:3f:bd:15:47: 3a:26:bd:b5:65:d7:56:85:86:5b:d5:ea:86:ba:27: 6b:02:af:0e:9b:0b:0d:fb:cc:28:13:7e:21:1b:26: d4:fc:f9:48:03:1f:8b:f1:4f:c2:4e:23:73:9a:00: de:52:43:fd:1a:c4:e5:8a:c3:fd:4b:34:68:29:7b: 3f:2b:73:d9:9a:89:db:aa:3f:f4:b9:ea:57:ee:49: 85:55:3d:af:33:41:5a:8e:8c:d6:f8:aa:6b:24:f9: 4c:a2:a1:0b:1b:70:0e:06:97:f4:0f:88:91:60:4f: 4a:b3:c2:d7:31:99:fb:20:a2:85:ab:8f:22:6a:9d: cb:b2:0b:e0:d6:76:4c:f5:9d:f4:3f:78:19:bb:3a: ce:55:c9:35:de:87:8e:ec:02:6f:b7:82:69:6e:c8: 0a:55:c8:88:53:33:26:f8:ec:03:09:98:28:50:88: fc:4f:04:31:c3:02:9f:9d:1d:65:86:49:13:d8:03: 0b:a9:d6:d8:56:d1:bf:48:01:00:a8:8e:05:c0:56: 95:b2:bf:5b:2d:d4:19:0f:57:7c:86:52:89:c0:74: 5a:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:CF:AC:B4:9F:C1:02:B3:6D:B3:74:04:F0:99:E8:47:E3:2C:97:55 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143893.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4db::/32 Signature Algorithm: sha256WithRSAEncryption af:9f:6c:a5:91:f9:cd:17:93:c6:e4:bf:ad:ba:d4:fc:df:ef: d8:d3:32:44:5c:fb:3b:5f:31:52:cc:62:0e:93:23:3a:16:f4: c5:7f:e2:57:d4:6a:68:02:cc:8d:cc:94:5a:35:f8:66:73:ea: c2:9e:66:4f:48:64:1a:a2:d7:3c:29:16:73:2a:9d:01:7a:93: 5a:08:0a:15:df:e3:d1:44:bd:3d:8d:4b:79:9a:6c:8f:61:6b: a3:67:0c:95:4e:29:d8:82:a4:ff:31:8d:71:70:e3:0e:b9:b7: ce:46:4a:ca:7b:b4:8b:4c:4a:75:d4:b6:52:92:fb:a7:fe:f8: 42:0f:2b:e3:2b:93:18:1e:7f:80:89:f6:9c:48:f5:4f:a9:a6: 1e:07:e8:c2:a1:bc:80:3a:83:f4:14:eb:b8:e8:4e:29:98:d9: 03:6f:cb:6c:39:a0:bf:06:c8:fc:14:37:5a:ee:36:4a:c2:20: 29:ad:a7:3c:d1:d1:77:4a:3e:6b:48:aa:2b:af:29:e4:88:62: 92:d6:74:75:0c:96:85:50:fc:2e:6b:5e:db:f0:15:e6:24:22: de:72:04:44:78:14:9a:6d:35:e8:9e:df:cf:29:ac:cd:70:8d: b8:de:5c:45:cc:e9:4e:a7:ca:39:75:8d:a3:b8:ab:67:2d:a5: f5:11:59:9a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBb0dmsCC2zc7GbEQRzY+Gh2+3nUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTA0OVoX DTI3MDMwMzA2MTU0OVowMzExMC8GA1UEAxMoMTBDRkFDQjQ5RkMxMDJCMzZEQjM3 NDA0RjA5OUU4NDdFMzJDOTc1NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIqrORMhcDoY95Y6PPYlxnsxv5E60FvcLkUfJMlgve0whK6Lb0YT6mU/vRVH Oia9tWXXVoWGW9XqhronawKvDpsLDfvMKBN+IRsm1Pz5SAMfi/FPwk4jc5oA3lJD /RrE5YrD/Us0aCl7Pytz2ZqJ26o/9LnqV+5JhVU9rzNBWo6M1viqayT5TKKhCxtw DgaX9A+IkWBPSrPC1zGZ+yCihauPImqdy7IL4NZ2TPWd9D94Gbs6zlXJNd6HjuwC b7eCaW7IClXIiFMzJvjsAwmYKFCI/E8EMcMCn50dZYZJE9gDC6nW2FbRv0gBAKiO BcBWlbK/Wy3UGQ9XfIZSicB0Wj8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQQz6y0 n8ECs22zdATwmehH4yyXVTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzg5My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pNswDQYJKoZIhvcNAQELBQADggEBAK+fbKWR+c0Xk8bkv6261Pzf79jTMkRc+ztf MVLMYg6TIzoW9MV/4lfUamgCzI3MlFo1+GZz6sKeZk9IZBqi1zwpFnMqnQF6k1oI ChXf49FEvT2NS3mabI9ha6NnDJVOKdiCpP8xjXFw4w65t85GSsp7tItMSnXUtlKS +6f++EIPK+Mrkxgef4CJ9pxI9U+pph4H6MKhvIA6g/QU67joTimY2QNvy2w5oL8G yPwUN1ruNkrCICmtpzzR0XdKPmtIqiuvKeSIYpLWdHUMloVQ/C5rXtvwFeYkIt5y BER4FJptNeie388prM1wjbjeXEXM6U6nyjl1jaO4q2ctpfURWZo= -----END CERTIFICATE-----Generated at Sat Mar 28 11:46:15 2026 by rpki-client