$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143923.roa File: AS143923.roa (raw, json) Hash identifier: 1gUpH4KwUd+CcBe5I88L1oXY+g2BIoDJt/B2uSBLqkA= Subject key identifier: 51:7D:BE:EC:CD:1A:96:C1:1F:7E:E4:22:50:43:5A:CD:5C:4E:AB:79 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2C66B8B46927FCCEF7DFEFAB0F120AC41A572A1A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143923.roa Signing time: Wed 04 Mar 2026 06:15:10 +0000 ROA not before: Wed 04 Mar 2026 06:10:10 +0000 ROA not after: Wed 03 Mar 2027 06:15:10 +0000 asID: 143923 IP address blocks: 240a:a4f9::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:66:b8:b4:69:27:fc:ce:f7:df:ef:ab:0f:12:0a:c4:1a:57:2a:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:10 2026 GMT Not After : Mar 3 06:15:10 2027 GMT Subject: CN=517DBEECCD1A96C11F7EE42250435ACD5C4EAB79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:b8:24:ff:eb:76:c8:72:25:95:6b:25:13:0a: 53:52:82:ee:10:bb:15:ed:ed:3b:36:87:ad:cc:d6: 84:d5:9d:26:54:ae:b8:f6:24:9e:a2:e8:98:4b:01: 67:30:5d:1b:00:d0:ef:ba:e9:0c:3c:67:65:bd:8e: df:70:eb:4c:e0:c5:b2:a0:f9:c8:59:08:c6:ac:37: df:3d:c1:07:b1:bb:2a:71:5a:5b:af:9e:a3:8d:0b: f2:2c:db:6d:ab:82:f3:1b:bf:7d:4e:67:ed:73:82: b1:f6:86:2a:44:ae:cf:7f:8d:bd:41:1b:f6:30:1d: a6:0c:6a:1d:f0:41:2d:49:4a:b6:b2:32:34:25:b9: 91:85:ff:1d:e4:e5:43:ea:71:9b:35:1b:a5:0f:f5: f4:9a:80:95:7d:fb:9d:19:ee:54:57:42:db:a7:41: f8:8c:e7:97:14:1b:c8:60:65:5f:a7:1a:cc:30:d2: 94:9e:f4:63:45:7a:66:1f:78:6b:9c:9c:22:ab:d0: aa:20:dd:9b:8e:7c:aa:0f:25:bd:3f:8c:b6:02:1a: bc:b7:10:40:3c:86:6a:f4:56:ec:e2:c9:02:9a:ac: e6:08:42:ba:a7:a3:13:bb:b6:5e:e4:33:1a:06:61: 63:29:e6:3a:df:ac:07:ac:e6:f5:31:a8:90:93:cf: d1:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:7D:BE:EC:CD:1A:96:C1:1F:7E:E4:22:50:43:5A:CD:5C:4E:AB:79 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143923.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a4f9::/32 Signature Algorithm: sha256WithRSAEncryption 4a:10:9f:e1:ed:02:03:69:7c:87:4a:fd:da:70:87:81:a6:f7: e5:6a:07:51:d2:c2:9e:ad:b0:d6:ca:89:0d:12:18:b7:2b:b7: 7a:f6:6a:95:7f:0a:19:f6:85:f9:08:51:94:03:92:85:cb:ed: 3e:b7:a6:ca:52:52:c8:be:b3:a1:b4:fa:f2:1b:ff:94:e3:06: 66:cd:f1:87:a1:5d:4d:29:7c:fd:3d:d4:ea:83:16:17:98:b0: 2f:06:74:8a:8f:9a:71:a5:de:f8:7d:68:1b:cb:f9:f5:e8:70: 59:78:48:dd:be:0f:d9:b5:20:26:56:12:8b:3d:a0:41:f5:dd: 6b:2a:4e:21:d5:72:a4:11:ae:28:8f:6d:03:ec:32:9b:12:6c: e6:dd:49:28:66:ea:3f:a6:7f:22:79:4a:f7:14:66:52:a5:63: d8:c1:ef:71:a1:e6:99:02:21:2f:62:43:ce:d0:a1:19:54:44: 0f:a8:b8:f5:5d:d1:73:74:b9:67:d5:5b:4d:1f:b8:d2:c4:22: 00:e7:c2:c8:b4:0f:93:0f:07:b1:5e:b9:5c:58:50:78:1c:9c: 9c:4c:b6:c6:58:de:fa:40:89:cc:42:49:c6:ef:5e:e6:5b:3c: 12:9a:80:7d:5e:89:77:74:ea:34:a4:db:7e:83:92:b0:2e:5d: 8e:73:67:3d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULGa4tGkn/M733++rDxIKxBpXKhowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTAxMFoX DTI3MDMwMzA2MTUxMFowMzExMC8GA1UEAxMoNTE3REJFRUNDRDFBOTZDMTFGN0VF NDIyNTA0MzVBQ0Q1QzRFQUI3OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN64JP/rdshyJZVrJRMKU1KC7hC7Fe3tOzaHrczWhNWdJlSuuPYknqLomEsB ZzBdGwDQ77rpDDxnZb2O33DrTODFsqD5yFkIxqw33z3BB7G7KnFaW6+eo40L8izb bauC8xu/fU5n7XOCsfaGKkSuz3+NvUEb9jAdpgxqHfBBLUlKtrIyNCW5kYX/HeTl Q+pxmzUbpQ/19JqAlX37nRnuVFdC26dB+IznlxQbyGBlX6cazDDSlJ70Y0V6Zh94 a5ycIqvQqiDdm458qg8lvT+MtgIavLcQQDyGavRW7OLJApqs5ghCuqejE7u2XuQz GgZhYynmOt+sB6zm9TGokJPP0QkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRRfb7s zRqWwR9+5CJQQ1rNXE6reTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzkyMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pPkwDQYJKoZIhvcNAQELBQADggEBAEoQn+HtAgNpfIdK/dpwh4Gm9+VqB1HSwp6t sNbKiQ0SGLcrt3r2apV/Chn2hfkIUZQDkoXL7T63pspSUsi+s6G0+vIb/5TjBmbN 8YehXU0pfP091OqDFheYsC8GdIqPmnGl3vh9aBvL+fXocFl4SN2+D9m1ICZWEos9 oEH13WsqTiHVcqQRriiPbQPsMpsSbObdSShm6j+mfyJ5SvcUZlKlY9jB73Gh5pkC IS9iQ87QoRlURA+ouPVd0XN0uWfVW00fuNLEIgDnwsi0D5MPB7FeuVxYUHgcnJxM tsZY3vpAicxCScbvXuZbPBKagH1eiXd06jSk236DkrAuXY5zZz0= -----END CERTIFICATE-----Generated at Sat Mar 28 11:45:07 2026 by rpki-client