$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143916.roa File: AS143916.roa (raw, json) Hash identifier: 6Uq+kDR4mbJeo2woi/mBoo+Tezq5hZqE4C/9UImqae8= Subject key identifier: E5:6D:9D:1F:A1:39:D6:C5:C0:2C:1F:88:66:9C:8E:07:DA:2D:85:32 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 756EF4DB4630B64749C3CD34BCAA59AEFE55E2A1 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143916.roa Signing time: Wed 04 Mar 2026 06:13:10 +0000 ROA not before: Wed 04 Mar 2026 06:08:10 +0000 ROA not after: Wed 03 Mar 2027 06:13:10 +0000 asID: 143916 IP address blocks: 240a:a4f2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:6e:f4:db:46:30:b6:47:49:c3:cd:34:bc:aa:59:ae:fe:55:e2:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:10 2026 GMT Not After : Mar 3 06:13:10 2027 GMT Subject: CN=E56D9D1FA139D6C5C02C1F88669C8E07DA2D8532 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:06:9d:0b:1a:ea:59:d2:4b:0c:bf:0b:98:5a: 8b:e2:2b:5c:c5:fa:7f:db:da:9f:10:55:9d:7f:c4: 58:bb:55:c3:8f:db:44:c4:68:90:aa:12:4f:3d:ac: 75:a6:f5:fc:f0:c4:b3:38:08:49:5e:b6:10:d3:c5: ec:8d:c8:28:72:f2:a1:32:87:b8:2d:d3:83:7c:6d: e1:08:28:1f:c7:39:b0:44:8a:e8:6c:a6:9e:d6:a9: f2:0b:90:e6:10:dc:17:f1:97:fe:0c:2c:4e:d2:e0: e5:b7:dc:d6:a6:5a:37:65:d0:16:39:ac:7d:15:d3: 40:6f:b3:f8:8a:92:5d:31:6b:08:ae:d7:30:65:de: d1:a8:bb:21:37:0e:1a:6d:b3:b2:43:99:47:3e:5d: 8b:b7:4c:e0:fb:a4:65:10:71:8f:fc:03:53:0e:c9: 56:09:35:ab:b1:cb:84:7f:9a:6c:8d:cf:f6:91:e7: 31:67:8a:63:b2:c5:17:67:8d:86:d9:c3:fd:0d:5a: 7e:43:0e:0e:00:7e:e3:5d:ca:9c:f1:af:ee:fd:ae: 2a:36:a0:a2:4d:ab:e3:27:9c:85:3c:2d:89:17:11: 8b:6e:16:fe:45:34:ca:de:77:8d:67:25:24:9a:db: 55:ad:4b:59:1b:81:b4:ca:9c:dc:9a:5a:da:94:8a: 3c:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:6D:9D:1F:A1:39:D6:C5:C0:2C:1F:88:66:9C:8E:07:DA:2D:85:32 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143916.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4f2::/32 Signature Algorithm: sha256WithRSAEncryption 7d:bf:b3:70:a1:7c:ed:2f:5a:72:6c:18:d4:4f:0d:1f:27:eb: e4:0a:62:c7:1f:33:b1:7e:ca:35:ad:61:2d:a9:ab:a3:cf:ea: 57:5a:25:1d:66:78:5c:89:a0:35:82:22:00:40:7e:09:7f:e8: 5f:36:ed:47:c8:fb:af:0f:06:ee:66:f1:ae:6a:86:4b:ee:4a: 03:43:24:a1:6a:a5:89:6e:b3:9e:3f:ea:68:04:b9:cb:2c:23: 3c:6b:ec:d6:27:fb:a0:5c:b2:be:e5:2b:17:c3:cd:3b:42:9a: 85:d3:76:f7:65:20:2b:dd:22:15:bc:68:a4:ea:b8:d5:f0:fe: a6:ce:61:15:b4:31:b0:91:5b:f4:3f:3e:c2:3a:cd:9a:93:52: f6:03:07:43:b0:77:7c:06:56:c2:30:81:bd:08:b4:7d:c5:09: 26:38:19:a8:9b:31:37:df:e6:fa:7a:42:48:d1:72:64:5d:2f: 06:85:2b:5a:2b:42:c2:8e:9e:05:95:04:01:7f:34:ef:03:a0: 3c:3c:c5:7e:6e:3d:4f:d5:9b:a2:d4:0d:f8:6f:da:17:fc:68: a7:7e:f6:bb:5e:86:0f:71:58:ba:89:64:10:a9:d9:2f:e9:fc: c5:23:08:14:18:5b:11:51:e6:45:ff:52:6c:54:e2:46:4b:5f: f4:9c:a8:7c -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUdW7020YwtkdJw800vKpZrv5V4qEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgxMFoX DTI3MDMwMzA2MTMxMFowMzExMC8GA1UEAxMoRTU2RDlEMUZBMTM5RDZDNUMwMkMx Rjg4NjY5QzhFMDdEQTJEODUzMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN0GnQsa6lnSSwy/C5hai+IrXMX6f9vanxBVnX/EWLtVw4/bRMRokKoSTz2s dab1/PDEszgISV62ENPF7I3IKHLyoTKHuC3Tg3xt4QgoH8c5sESK6Gymntap8guQ 5hDcF/GX/gwsTtLg5bfc1qZaN2XQFjmsfRXTQG+z+IqSXTFrCK7XMGXe0ai7ITcO Gm2zskOZRz5di7dM4PukZRBxj/wDUw7JVgk1q7HLhH+abI3P9pHnMWeKY7LFF2eN htnD/Q1afkMODgB+413KnPGv7v2uKjagok2r4yechTwtiRcRi24W/kU0yt53jWcl JJrbVa1LWRuBtMqc3Jpa2pSKPMsCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTlbZ0f oTnWxcAsH4hmnI4H2i2FMjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzkxNi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pPIwDQYJKoZIhvcNAQELBQADggEBAH2/s3ChfO0vWnJsGNRPDR8n6+QKYscfM7F+ yjWtYS2pq6PP6ldaJR1meFyJoDWCIgBAfgl/6F827UfI+68PBu5m8a5qhkvuSgND JKFqpYlus54/6mgEucssIzxr7NYn+6Bcsr7lKxfDzTtCmoXTdvdlICvdIhW8aKTq uNXw/qbOYRW0MbCRW/Q/PsI6zZqTUvYDB0Owd3wGVsIwgb0ItH3FCSY4GaibMTff 5vp6QkjRcmRdLwaFK1orQsKOngWVBAF/NO8DoDw8xX5uPU/Vm6LUDfhv2hf8aKd+ 9rtehg9xWLqJZBCp2S/p/MUjCBQYWxFR5kX/UmxU4kZLX/ScqHw= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:57 2026 by rpki-client