$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143918.roa File: AS143918.roa (raw, json) Hash identifier: gD+xk9L74gT5VG08BgHiwERA5yoFhan/h4cio3SUccQ= Subject key identifier: 32:2A:54:62:34:40:A6:15:B3:B1:F6:13:D5:5E:A0:FC:95:F6:D1:89 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5D5AF6335F21B79B0229D652B8C531F57E15AC9A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143918.roa Signing time: Wed 04 Mar 2026 06:13:12 +0000 ROA not before: Wed 04 Mar 2026 06:08:12 +0000 ROA not after: Wed 03 Mar 2027 06:13:12 +0000 asID: 143918 IP address blocks: 240a:a4f4::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:5a:f6:33:5f:21:b7:9b:02:29:d6:52:b8:c5:31:f5:7e:15:ac:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:08:12 2026 GMT Not After : Mar 3 06:13:12 2027 GMT Subject: CN=322A54623440A615B3B1F613D55EA0FC95F6D189 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:f9:07:8e:46:16:cb:69:60:11:c6:be:fb:19: 61:e4:54:6f:07:c4:5f:d1:e0:b9:c8:9a:74:34:6a: 00:76:11:fc:1e:8b:9e:63:3d:9e:2b:15:e7:65:2a: e0:db:54:40:e4:05:48:e8:e8:db:eb:06:61:54:9d: 52:a9:27:36:0f:af:64:4a:cb:c6:ef:ce:27:a1:e8: f3:18:aa:d6:71:40:94:f5:ca:ef:82:26:af:ad:48: 64:1b:a5:b9:ad:d3:18:f4:33:08:67:46:47:10:93: b6:fc:3d:6b:5d:73:0f:80:2e:96:8c:a7:80:03:ea: 00:52:d5:c5:37:51:db:79:7e:e9:04:d0:ed:57:01: 1f:77:4d:6d:72:12:7a:84:16:ae:24:f9:17:78:06: 84:0c:34:17:0f:9c:7f:dd:7f:da:25:b4:e5:85:96: a4:39:e9:98:79:f6:e8:ca:68:28:01:88:36:87:af: 07:d8:a0:9b:aa:9b:5b:bd:8d:d0:e8:ed:f2:4b:95: a0:86:7d:54:67:75:f1:18:f0:86:b7:1d:0a:73:e1: 4a:6c:85:4a:05:b4:18:24:4f:a9:7c:e9:8c:03:0b: 34:de:e4:34:31:03:d8:7e:20:87:a0:e8:8a:9a:0e: 17:64:e5:b5:bc:e0:7b:01:5c:98:60:f8:f4:97:ce: b9:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:2A:54:62:34:40:A6:15:B3:B1:F6:13:D5:5E:A0:FC:95:F6:D1:89 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143918.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4f4::/32 Signature Algorithm: sha256WithRSAEncryption 29:6c:ed:93:76:13:40:a3:0a:b9:67:9a:ed:ee:98:1f:17:8e: 01:70:55:70:a3:58:b5:5a:eb:f7:ac:16:9a:f7:2f:0c:48:f6: 8f:7d:95:cf:79:21:b3:1c:cd:9b:26:57:11:52:c9:ec:8f:fc: 42:fc:81:8d:6d:9a:4c:70:d1:3e:29:2f:3d:92:c0:21:e2:49: ce:bc:7e:d5:1e:8b:aa:76:41:0a:8b:69:43:dc:db:44:34:18: 37:8c:6a:c6:a4:2d:84:0d:71:a2:22:7f:2a:49:0a:75:a4:97: 89:ce:e2:33:18:65:d1:02:2d:5e:34:a9:2a:27:b5:e2:fe:f0: 8a:bb:a7:2c:44:69:55:22:5e:f2:53:f0:9d:ac:4e:55:67:06: cc:ac:a2:68:79:fa:68:ab:a6:b6:6a:fa:b9:dc:94:c8:21:b3: f7:dd:fe:96:c0:80:1b:c1:8b:72:68:87:f0:5c:a6:eb:6e:58: e5:76:63:97:b5:90:f8:07:e2:d5:bf:0d:c9:5d:65:82:6d:7e: 2c:08:4c:ff:b2:6e:2a:4d:07:66:80:62:9f:94:4a:3e:f2:20: e7:73:35:56:6c:c9:bb:6f:dc:00:bd:4f:af:a5:7a:9d:05:27: f9:7b:c8:cc:31:c4:0c:35:c1:b1:87:1f:b6:79:7d:60:d4:58: d6:91:72:c4 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUXVr2M18ht5sCKdZSuMUx9X4VrJowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDgxMloX DTI3MDMwMzA2MTMxMlowMzExMC8GA1UEAxMoMzIyQTU0NjIzNDQwQTYxNUIzQjFG NjEzRDU1RUEwRkM5NUY2RDE4OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIr5B45GFstpYBHGvvsZYeRUbwfEX9HguciadDRqAHYR/B6LnmM9nisV52Uq 4NtUQOQFSOjo2+sGYVSdUqknNg+vZErLxu/OJ6Ho8xiq1nFAlPXK74Imr61IZBul ua3TGPQzCGdGRxCTtvw9a11zD4AuloyngAPqAFLVxTdR23l+6QTQ7VcBH3dNbXIS eoQWriT5F3gGhAw0Fw+cf91/2iW05YWWpDnpmHn26MpoKAGINoevB9igm6qbW72N 0Ojt8kuVoIZ9VGd18RjwhrcdCnPhSmyFSgW0GCRPqXzpjAMLNN7kNDED2H4gh6Do ipoOF2TltbzgewFcmGD49JfOuTECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBQyKlRi NECmFbOx9hPVXqD8lfbRiTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzkxOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pPQwDQYJKoZIhvcNAQELBQADggEBACls7ZN2E0CjCrlnmu3umB8XjgFwVXCjWLVa 6/esFpr3LwxI9o99lc95IbMczZsmVxFSyeyP/EL8gY1tmkxw0T4pLz2SwCHiSc68 ftUei6p2QQqLaUPc20Q0GDeMasakLYQNcaIifypJCnWkl4nO4jMYZdECLV40qSon teL+8Iq7pyxEaVUiXvJT8J2sTlVnBsysomh5+mirprZq+rnclMghs/fd/pbAgBvB i3Joh/BcputuWOV2Y5e1kPgH4tW/DcldZYJtfiwITP+ybipNB2aAYp+USj7yIOdz NVZsybtv3AC9T6+lep0FJ/l7yMwxxAw1wbGHH7Z5fWDUWNaRcsQ= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:57 2026 by rpki-client