$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143899.roa File: AS143899.roa (raw, json) Hash identifier: ZvBVR4F/7H/RHUJ9wlS+tbdxGzld4eN00Sle8Z8LLT4= Subject key identifier: 6C:9A:8F:9D:16:7F:95:BC:3E:87:E4:3B:5D:E7:0B:20:47:D6:24:5F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3BEA18A86185D416F9336BBFFC97F94A11F6F8BC Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143899.roa Signing time: Wed 04 Mar 2026 06:13:28 +0000 ROA not before: Wed 04 Mar 2026 06:08:28 +0000 ROA not after: Wed 03 Mar 2027 06:13:28 +0000 asID: 143899 IP address blocks: 240a:a4e1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:ea:18:a8:61:85:d4:16:f9:33:6b:bf:fc:97:f9:4a:11:f6:f8:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:28 2026 GMT Not After : Mar 3 06:13:28 2027 GMT Subject: CN=6C9A8F9D167F95BC3E87E43B5DE70B2047D6245F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:40:ce:81:52:dc:18:89:df:11:b2:64:a5:8f: 1f:55:cd:7a:8a:18:19:c9:63:6d:d1:94:cf:f2:07: 21:e5:6b:88:51:5f:6b:8c:60:3b:d4:01:39:4c:c5: 5f:10:ec:47:b9:4f:8d:e2:83:a6:9a:fb:b8:7b:ff: 90:8e:19:02:b7:42:12:34:ef:2e:d7:70:1f:1d:eb: 02:f7:36:3f:05:94:a5:86:29:e8:ba:5d:e2:fd:82: b7:c1:86:72:a2:96:07:68:a7:fa:06:90:b0:6d:a4: 6f:83:ac:60:84:57:8f:c2:86:d8:39:7b:31:b7:65: a3:29:a5:85:00:e5:63:63:c5:bc:c0:bd:3d:57:ab: 89:29:df:68:5a:8e:37:41:91:54:19:fb:7f:db:11: 67:1e:b1:1d:60:94:3b:32:09:d4:a4:51:46:cf:e5: 28:8d:d8:d9:08:43:d1:3f:d8:aa:31:21:00:94:3d: 03:cb:2b:0b:2e:1a:51:39:3b:48:d3:5e:49:d4:88: 45:78:6f:c5:f5:f2:4c:db:ab:a9:77:74:d3:bb:4b: 30:c3:9d:1f:3b:36:90:de:b3:c1:37:a9:16:04:a1: 92:22:3e:5f:de:13:de:28:52:8e:c4:2e:b5:40:87: fd:6e:c8:60:81:dc:94:07:46:38:e5:08:c3:97:49: c9:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:9A:8F:9D:16:7F:95:BC:3E:87:E4:3B:5D:E7:0B:20:47:D6:24:5F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143899.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4e1::/32 Signature Algorithm: sha256WithRSAEncryption 24:61:be:ea:a1:53:a0:60:04:46:31:17:0e:89:f3:83:00:16: d5:20:96:30:e1:c6:81:da:5a:47:44:78:25:d8:46:9f:fc:a7: 4a:76:14:0a:0a:a8:93:c7:38:14:5f:7e:58:11:4c:41:04:ca: 63:d2:b1:1b:71:17:05:8b:d1:b0:1f:a2:da:2c:ee:ad:4e:8a: a9:fb:38:51:e9:0e:e7:82:02:21:a3:26:a6:a2:8f:62:8a:b2: 9a:93:5b:d9:d0:56:54:af:cc:df:e5:df:10:32:51:43:56:c5: 22:89:10:7e:94:2c:8d:b4:35:50:a6:de:e5:8f:4e:88:28:9b: e5:aa:34:ab:ad:7a:2e:70:eb:10:d1:7a:47:5f:0e:d5:38:f5: c6:45:13:68:94:6f:23:11:f7:fc:c7:e3:d1:81:1b:26:33:78: 40:c9:ee:71:52:41:86:b6:ea:a4:a5:8c:0b:5f:a5:83:d7:ba: 6e:07:db:88:f9:5e:18:3b:62:32:e0:a4:fe:af:d7:7d:72:d3: e8:c5:98:f9:5a:9e:2f:97:b4:4f:b5:1b:1f:75:c8:da:33:56: a8:11:e8:2b:a6:1a:da:10:12:34:5b:a6:e3:37:52:6a:d9:01: 30:e0:94:21:fa:65:38:7b:58:7e:38:3c:fc:34:6b:98:5f:53: ec:3c:2d:39 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUO+oYqGGF1Bb5M2u//Jf5ShH2+LwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgyOFoX DTI3MDMwMzA2MTMyOFowMzExMC8GA1UEAxMoNkM5QThGOUQxNjdGOTVCQzNFODdF NDNCNURFNzBCMjA0N0Q2MjQ1RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMFAzoFS3BiJ3xGyZKWPH1XNeooYGcljbdGUz/IHIeVriFFfa4xgO9QBOUzF XxDsR7lPjeKDppr7uHv/kI4ZArdCEjTvLtdwHx3rAvc2PwWUpYYp6Lpd4v2Ct8GG cqKWB2in+gaQsG2kb4OsYIRXj8KG2Dl7MbdloymlhQDlY2PFvMC9PVeriSnfaFqO N0GRVBn7f9sRZx6xHWCUOzIJ1KRRRs/lKI3Y2QhD0T/YqjEhAJQ9A8srCy4aUTk7 SNNeSdSIRXhvxfXyTNurqXd007tLMMOdHzs2kN6zwTepFgShkiI+X94T3ihSjsQu tUCH/W7IYIHclAdGOOUIw5dJyW0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRsmo+d Fn+VvD6H5Dtd5wsgR9YkXzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzg5OS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pOEwDQYJKoZIhvcNAQELBQADggEBACRhvuqhU6BgBEYxFw6J84MAFtUgljDhxoHa WkdEeCXYRp/8p0p2FAoKqJPHOBRfflgRTEEEymPSsRtxFwWL0bAfotos7q1Oiqn7 OFHpDueCAiGjJqaij2KKspqTW9nQVlSvzN/l3xAyUUNWxSKJEH6ULI20NVCm3uWP Togom+WqNKutei5w6xDRekdfDtU49cZFE2iUbyMR9/zH49GBGyYzeEDJ7nFSQYa2 6qSljAtfpYPXum4H24j5Xhg7YjLgpP6v131y0+jFmPlani+XtE+1Gx91yNozVqgR 6CumGtoQEjRbpuM3UmrZATDglCH6ZTh7WH44PPw0a5hfU+w8LTk= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:24 2026 by rpki-client