$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143901.roa File: AS143901.roa (raw, json) Hash identifier: xP1Qdioa9f0aprMeo1JQ6KCUb+4b7Z+HoOTmwzbzYwA= Subject key identifier: 12:E3:10:64:BD:D1:1E:07:80:5B:13:4E:BE:1D:3D:67:C6:AC:7C:FB Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 532A3F0E0D93A609B8DA5CE1235DAF722F4697BA Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143901.roa Signing time: Wed 04 Mar 2026 06:14:01 +0000 ROA not before: Wed 04 Mar 2026 06:09:01 +0000 ROA not after: Wed 03 Mar 2027 06:14:01 +0000 asID: 143901 IP address blocks: 240a:a4e3::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:2a:3f:0e:0d:93:a6:09:b8:da:5c:e1:23:5d:af:72:2f:46:97:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:01 2026 GMT Not After : Mar 3 06:14:01 2027 GMT Subject: CN=12E31064BDD11E07805B134EBE1D3D67C6AC7CFB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:53:e0:02:b8:6c:e1:98:9e:5a:fe:fb:39:40: a2:a2:06:80:12:f0:2c:79:16:24:2c:6a:ab:34:6b: eb:a4:55:f0:86:c2:fc:33:2f:37:87:8e:7b:25:5d: 42:23:d2:69:fe:56:c6:93:33:77:be:80:23:31:03: 23:09:45:b4:ed:40:65:fe:40:3b:95:23:76:1c:50: d9:a0:4c:04:09:bc:28:76:c2:5c:ad:5a:0b:68:46: cf:67:3f:a6:e0:46:3f:35:64:56:e1:ca:a9:00:31: b3:38:fb:e8:8b:e2:08:2e:6d:6d:15:f1:b1:77:b1: 0b:49:02:44:ec:34:f1:89:f1:ef:1f:24:e9:9f:ee: dc:48:95:33:22:d6:22:12:69:a8:f6:93:b2:18:80: ba:f1:6b:81:dc:e7:16:3a:28:27:74:1f:c4:e1:dc: d0:62:d6:50:e0:c0:c6:15:9f:5a:b5:c2:20:a5:f2: f9:2b:7d:07:15:13:aa:e4:56:ef:21:fd:bd:15:5b: bf:92:b8:a7:73:f8:bc:43:21:c8:53:c2:e3:9f:23: b0:5a:ca:f7:3c:db:03:89:53:92:c9:68:db:2d:89: 2d:0a:e2:f8:31:39:1e:7e:91:51:77:52:0c:46:f0: 3d:4d:86:70:40:d3:87:04:e9:3a:3d:81:28:15:53: 0c:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:E3:10:64:BD:D1:1E:07:80:5B:13:4E:BE:1D:3D:67:C6:AC:7C:FB X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143901.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4e3::/32 Signature Algorithm: sha256WithRSAEncryption 7b:6b:67:1e:6b:0c:94:e2:f7:b0:4c:8a:82:df:32:14:18:1d: 55:a7:22:fa:24:51:ee:71:d4:87:71:8e:45:38:44:00:15:2c: 93:18:a0:01:b6:9b:34:5a:8e:78:36:54:b0:e0:f8:b9:40:29: 0c:4f:47:d0:00:02:a7:45:ea:c7:20:11:3a:bd:bf:0b:02:85: 0f:65:76:69:b7:2c:ad:73:40:14:48:03:2f:be:08:4e:8d:e1: 3c:34:87:1d:49:85:00:b1:66:b1:22:ba:fb:59:77:3e:05:19: 11:ba:68:78:f1:54:e0:67:94:13:00:f5:dc:e5:21:47:3f:3d: 43:df:76:9c:a7:37:60:f0:3f:b3:fc:24:2d:c3:4f:91:d3:bc: e9:e9:d7:00:8f:8e:15:72:c7:24:41:2c:1e:44:69:82:04:92: fb:ec:11:6e:23:b6:08:7d:e3:2d:e2:54:27:f2:fb:4b:68:31: f7:01:85:43:3e:c9:e0:c3:1e:2d:13:3e:c3:a6:9e:24:16:98: da:8d:38:ac:33:8f:b4:96:00:9d:eb:dc:c6:a0:9d:e7:64:da: 80:d1:b8:2c:de:0d:a3:42:12:ee:9d:90:d1:9e:0f:cb:b5:8c: 31:05:9d:d3:1f:b9:a1:99:a2:13:8e:cb:cb:3e:ea:3a:87:74: ef:0c:23:cd -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUUyo/Dg2Tpgm42lzhI12vci9Gl7owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkwMVoX DTI3MDMwMzA2MTQwMVowMzExMC8GA1UEAxMoMTJFMzEwNjRCREQxMUUwNzgwNUIx MzRFQkUxRDNENjdDNkFDN0NGQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOJT4AK4bOGYnlr++zlAoqIGgBLwLHkWJCxqqzRr66RV8IbC/DMvN4eOeyVd QiPSaf5WxpMzd76AIzEDIwlFtO1AZf5AO5UjdhxQ2aBMBAm8KHbCXK1aC2hGz2c/ puBGPzVkVuHKqQAxszj76IviCC5tbRXxsXexC0kCROw08Ynx7x8k6Z/u3EiVMyLW IhJpqPaTshiAuvFrgdznFjooJ3QfxOHc0GLWUODAxhWfWrXCIKXy+St9BxUTquRW 7yH9vRVbv5K4p3P4vEMhyFPC458jsFrK9zzbA4lTkslo2y2JLQri+DE5Hn6RUXdS DEbwPU2GcEDThwTpOj2BKBVTDDECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQS4xBk vdEeB4BbE06+HT1nxqx8+zAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzkwMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pOMwDQYJKoZIhvcNAQELBQADggEBAHtrZx5rDJTi97BMioLfMhQYHVWnIvokUe5x 1IdxjkU4RAAVLJMYoAG2mzRajng2VLDg+LlAKQxPR9AAAqdF6scgETq9vwsChQ9l dmm3LK1zQBRIAy++CE6N4Tw0hx1JhQCxZrEiuvtZdz4FGRG6aHjxVOBnlBMA9dzl IUc/PUPfdpynN2DwP7P8JC3DT5HTvOnp1wCPjhVyxyRBLB5EaYIEkvvsEW4jtgh9 4y3iVCfy+0toMfcBhUM+yeDDHi0TPsOmniQWmNqNOKwzj7SWAJ3r3Magnedk2oDR uCzeDaNCEu6dkNGeD8u1jDEFndMfuaGZohOOy8s+6jqHdO8MI80= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:03 2026 by rpki-client