$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143912.roa File: AS143912.roa (raw, json) Hash identifier: c1HZ1BG9w3R+AWLrNrfiljxfLa71GO6qdfyKNlEcw7Y= Subject key identifier: 73:13:44:07:89:6A:A5:BC:31:95:86:23:3B:30:81:2C:7C:8C:76:3F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3CA2C2872770977A5AFADA44ED4DC9B0767585E1 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143912.roa Signing time: Wed 04 Mar 2026 06:13:54 +0000 ROA not before: Wed 04 Mar 2026 06:08:54 +0000 ROA not after: Wed 03 Mar 2027 06:13:54 +0000 asID: 143912 IP address blocks: 240a:a4ee::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:a2:c2:87:27:70:97:7a:5a:fa:da:44:ed:4d:c9:b0:76:75:85:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:54 2026 GMT Not After : Mar 3 06:13:54 2027 GMT Subject: CN=73134407896AA5BC319586233B30812C7C8C763F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:61:53:aa:26:d1:01:87:2c:01:71:c3:6b:1a: 45:a1:ce:d9:30:69:e5:53:21:26:af:b3:92:c0:f4: 9a:58:83:db:77:a1:21:ad:0a:dc:b8:55:9f:a7:fd: fc:58:55:c8:d3:c3:cf:a0:54:35:3a:4d:92:7e:58: b8:f9:0b:ef:37:53:c6:c3:87:71:d0:3c:7f:23:6f: 4d:06:f9:6a:63:bb:ee:da:8a:ef:d8:bf:e3:f2:45: 6e:95:f9:0f:ad:ed:30:18:2a:c7:ee:69:84:06:62: e9:c5:27:2d:64:30:06:77:46:b1:77:20:e8:8b:35: 32:da:a8:ab:21:72:07:68:c6:bf:09:c0:af:48:d0: fe:81:f4:34:d3:86:5b:1e:2d:86:04:05:78:44:51: e4:d8:68:8a:c2:ec:1a:e2:55:fd:51:e5:af:46:40: 19:b0:e1:c9:12:65:78:de:02:7f:df:d1:21:19:33: 48:4a:64:dd:99:a0:f7:8b:2e:1d:78:93:c7:b7:d4: d5:2f:bd:67:1c:b0:06:4b:5b:ac:a2:e9:48:7e:66: 86:1c:27:4b:75:55:2c:42:6a:13:3a:24:ed:c1:67: a1:17:d8:9a:8a:22:e5:28:e4:2b:1a:65:c6:75:01: 8a:f3:2d:ae:3a:1a:26:ad:53:e2:63:9b:05:e6:a3: e8:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:13:44:07:89:6A:A5:BC:31:95:86:23:3B:30:81:2C:7C:8C:76:3F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143912.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4ee::/32 Signature Algorithm: sha256WithRSAEncryption 6d:12:13:1f:a3:dc:5e:72:71:a0:a0:ec:bb:31:36:a5:71:22: f9:6b:f6:08:db:cf:40:fb:6b:5e:3d:75:ea:14:6a:e4:52:23: a5:f9:6c:8f:49:fb:ad:03:0f:c0:6f:5a:da:a5:88:7a:de:51: f8:c0:8d:43:ee:8e:84:6d:12:7e:4c:9a:26:09:23:c0:60:48: 0c:cf:4c:6f:f6:eb:17:35:3a:70:a3:4d:56:6c:89:80:e4:94: 23:d9:99:e3:88:9b:6e:68:8d:d8:35:b7:29:50:eb:ef:13:b1: f6:cc:df:c0:42:e7:06:4b:c1:6f:02:10:65:87:cd:61:9a:89: 3a:b0:21:a0:9b:0a:2f:e1:e6:eb:e3:e5:e9:88:d2:3a:b6:fb: 71:bc:82:d7:5f:23:14:f7:c4:fe:da:8f:fb:98:60:ba:3b:9f: d1:0c:01:7a:40:17:e8:9e:c7:42:a0:2b:1c:9a:9f:b2:6f:3d: a8:ff:eb:f2:17:b9:d5:05:34:19:33:c1:b6:33:99:79:6e:51: 56:be:54:73:88:7e:c4:6e:f4:2c:6e:a1:16:86:48:01:8a:e3: ef:bc:4c:df:2b:f4:a0:c5:8b:8b:4d:38:7a:65:9c:2b:4e:d6: d1:53:8d:76:a7:20:b1:22:c8:c8:0e:c5:34:b2:8b:3e:79:5c: 97:ac:9f:72 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPKLChydwl3pa+tpE7U3JsHZ1heEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDg1NFoX DTI3MDMwMzA2MTM1NFowMzExMC8GA1UEAxMoNzMxMzQ0MDc4OTZBQTVCQzMxOTU4 NjIzM0IzMDgxMkM3QzhDNzYzRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMphU6om0QGHLAFxw2saRaHO2TBp5VMhJq+zksD0mliD23ehIa0K3LhVn6f9 /FhVyNPDz6BUNTpNkn5YuPkL7zdTxsOHcdA8fyNvTQb5amO77tqK79i/4/JFbpX5 D63tMBgqx+5phAZi6cUnLWQwBndGsXcg6Is1MtqoqyFyB2jGvwnAr0jQ/oH0NNOG Wx4thgQFeERR5NhoisLsGuJV/VHlr0ZAGbDhyRJleN4Cf9/RIRkzSEpk3Zmg94su HXiTx7fU1S+9ZxywBktbrKLpSH5mhhwnS3VVLEJqEzok7cFnoRfYmooi5SjkKxpl xnUBivMtrjoaJq1T4mObBeaj6DkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRzE0QH iWqlvDGVhiM7MIEsfIx2PzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzkxMi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pO4wDQYJKoZIhvcNAQELBQADggEBAG0SEx+j3F5ycaCg7LsxNqVxIvlr9gjbz0D7 a149deoUauRSI6X5bI9J+60DD8BvWtqliHreUfjAjUPujoRtEn5MmiYJI8BgSAzP TG/26xc1OnCjTVZsiYDklCPZmeOIm25ojdg1tylQ6+8TsfbM38BC5wZLwW8CEGWH zWGaiTqwIaCbCi/h5uvj5emI0jq2+3G8gtdfIxT3xP7aj/uYYLo7n9EMAXpAF+ie x0KgKxyan7JvPaj/6/IXudUFNBkzwbYzmXluUVa+VHOIfsRu9CxuoRaGSAGK4++8 TN8r9KDFi4tNOHplnCtO1tFTjXanILEiyMgOxTSyiz55XJesn3I= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:44 2026 by rpki-client