$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143915.roa File: AS143915.roa (raw, json) Hash identifier: pIcUVboJb9XCqPm/bXq7JmU3cmHx33NbG5hRIW+9PZw= Subject key identifier: 0C:C6:4A:8F:3A:73:35:41:27:89:6F:24:67:F2:A3:8B:6C:E4:D1:59 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 570E34682DC826897F0AE0AAB7414DAFCB8C7122 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143915.roa Signing time: Wed 04 Mar 2026 06:14:03 +0000 ROA not before: Wed 04 Mar 2026 06:09:03 +0000 ROA not after: Wed 03 Mar 2027 06:14:03 +0000 asID: 143915 IP address blocks: 240a:a4f1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:0e:34:68:2d:c8:26:89:7f:0a:e0:aa:b7:41:4d:af:cb:8c:71:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:03 2026 GMT Not After : Mar 3 06:14:03 2027 GMT Subject: CN=0CC64A8F3A73354127896F2467F2A38B6CE4D159 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:bb:bd:1a:1b:a9:bd:15:40:82:ea:15:f5:8e: c4:f2:da:47:3c:48:c7:1c:ce:ef:f0:b4:6f:d0:f8: 43:60:38:a4:b0:0f:cd:fa:6f:05:03:b4:13:fc:32: 23:a7:f5:b0:79:fe:f5:0f:67:db:b2:92:ac:c9:ca: ee:47:0d:f1:9a:d7:82:8a:9b:29:5d:99:47:d2:c6: 7d:a8:15:8a:de:62:44:87:4d:95:32:ed:e1:65:50: 3d:f2:7f:ac:dc:00:09:a6:23:5a:47:58:46:ee:bf: 38:0b:ed:e9:d9:32:d3:3e:e8:d4:10:7d:1c:1d:ce: cf:f6:40:b8:26:b6:3f:74:df:a9:3e:46:b7:e5:ec: 4c:8d:43:9a:d1:74:85:23:cf:be:cc:ad:d8:bc:df: cf:5b:a7:67:6e:ee:be:19:aa:62:b8:e9:f4:fc:74: 79:7e:4e:a3:c2:9c:71:bc:bc:50:59:30:af:55:a5: d0:25:a7:07:e7:cb:c8:75:87:0c:30:61:9b:24:4a: 65:7e:57:0d:32:d5:2c:27:f2:a6:2a:35:1a:5d:14: d2:0c:d8:34:4b:45:55:55:20:5c:d0:1a:e5:b3:bf: b4:15:4a:fa:45:5f:61:18:3d:47:1c:cb:fa:04:33: 06:d7:99:21:79:9b:68:04:92:4f:33:a7:1c:cd:90: 15:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:C6:4A:8F:3A:73:35:41:27:89:6F:24:67:F2:A3:8B:6C:E4:D1:59 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143915.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4f1::/32 Signature Algorithm: sha256WithRSAEncryption 9e:e8:5a:8d:fb:1c:7c:80:07:28:6a:6d:98:a1:e8:62:61:bc: 57:9a:df:68:59:61:a6:d5:70:93:53:a9:fb:fe:e6:3b:26:42: 51:a5:4d:8f:fc:1b:16:2d:91:79:5b:3f:ac:de:f6:0b:1e:0a: da:64:b7:01:63:7e:fd:77:45:6f:e1:b3:89:ba:6a:f7:73:c9: 6b:f2:92:b7:82:cc:b4:56:aa:1c:eb:d0:ed:7b:88:b5:d2:49: b5:a4:de:05:48:ac:31:bd:b9:b1:f1:3a:d3:35:fc:85:4c:cd: e3:69:81:c1:cc:01:21:f2:a8:ba:89:aa:4b:d9:48:4e:0e:56: 7e:7e:54:b0:bc:30:82:49:c2:79:8b:78:58:46:42:6b:2f:18: 97:f6:3b:50:b1:1e:40:81:3f:45:0e:82:65:0a:cb:66:a9:89: f7:16:48:85:49:63:77:76:20:e0:e1:99:16:c5:ba:b2:7c:ef: 87:dc:3a:26:bf:22:f0:1c:e1:f5:d5:f7:85:05:19:b6:6f:ad: 8a:31:7f:64:8a:b1:b1:55:d9:7d:2b:c4:dc:38:de:0f:bd:01: 6a:5e:c2:b0:73:20:9e:45:62:3c:1a:24:c1:f9:a1:c1:06:c6: ca:6b:7d:94:90:14:af:fe:40:d5:4d:72:57:01:9e:1d:d5:80: 7b:7f:1e:05 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUVw40aC3IJol/CuCqt0FNr8uMcSIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkwM1oX DTI3MDMwMzA2MTQwM1owMzExMC8GA1UEAxMoMENDNjRBOEYzQTczMzU0MTI3ODk2 RjI0NjdGMkEzOEI2Q0U0RDE1OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJi7vRobqb0VQILqFfWOxPLaRzxIxxzO7/C0b9D4Q2A4pLAPzfpvBQO0E/wy I6f1sHn+9Q9n27KSrMnK7kcN8ZrXgoqbKV2ZR9LGfagVit5iRIdNlTLt4WVQPfJ/ rNwACaYjWkdYRu6/OAvt6dky0z7o1BB9HB3Oz/ZAuCa2P3TfqT5Gt+XsTI1DmtF0 hSPPvsyt2Lzfz1unZ27uvhmqYrjp9Px0eX5Oo8Kccby8UFkwr1Wl0CWnB+fLyHWH DDBhmyRKZX5XDTLVLCfypio1Gl0U0gzYNEtFVVUgXNAa5bO/tBVK+kVfYRg9RxzL +gQzBteZIXmbaASSTzOnHM2QFVUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQMxkqP OnM1QSeJbyRn8qOLbOTRWTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzkxNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pPEwDQYJKoZIhvcNAQELBQADggEBAJ7oWo37HHyAByhqbZih6GJhvFea32hZYabV cJNTqfv+5jsmQlGlTY/8GxYtkXlbP6ze9gseCtpktwFjfv13RW/hs4m6avdzyWvy kreCzLRWqhzr0O17iLXSSbWk3gVIrDG9ubHxOtM1/IVMzeNpgcHMASHyqLqJqkvZ SE4OVn5+VLC8MIJJwnmLeFhGQmsvGJf2O1CxHkCBP0UOgmUKy2apifcWSIVJY3d2 IODhmRbFurJ874fcOia/IvAc4fXV94UFGbZvrYoxf2SKsbFV2X0rxNw43g+9AWpe wrBzIJ5FYjwaJMH5ocEGxsprfZSQFK/+QNVNclcBnh3VgHt/HgU= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:14 2026 by rpki-client