$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143935.roa File: AS143935.roa (raw, json) Hash identifier: L4sH7tbCe5elh9GpNQBHFi/NIUiEG0/4RKcguAmBaog= Subject key identifier: 45:E3:A3:09:4B:D9:8A:4E:B8:29:17:15:D8:ED:51:3E:72:67:DA:AE Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1CEF1D5F66B6DF6C20B020C5F3524C6514A02447 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143935.roa Signing time: Wed 04 Mar 2026 06:15:40 +0000 ROA not before: Wed 04 Mar 2026 06:10:40 +0000 ROA not after: Wed 03 Mar 2027 06:15:40 +0000 asID: 143935 IP address blocks: 240a:a505::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:ef:1d:5f:66:b6:df:6c:20:b0:20:c5:f3:52:4c:65:14:a0:24:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:10:40 2026 GMT Not After : Mar 3 06:15:40 2027 GMT Subject: CN=45E3A3094BD98A4EB8291715D8ED513E7267DAAE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:51:5f:db:d3:b4:4f:df:d9:47:85:38:4e:5d: 1e:ae:3b:18:bc:d5:de:0b:62:8f:25:ef:e7:71:44: d9:57:7b:14:f6:fb:09:57:ac:29:7a:da:c7:a3:c4: 09:7a:ad:74:94:ee:10:e0:15:30:f6:36:cf:23:0d: a8:ec:37:e9:41:d1:16:c5:77:3e:ca:5d:1d:8c:ed: 28:dc:d4:c4:8c:b9:e7:af:ab:b8:3b:01:5d:56:ea: 37:6e:43:1c:76:37:8a:20:53:ef:62:b5:07:24:5b: 90:0f:b7:5a:44:4e:4c:4d:5d:a7:9d:01:c5:41:e8: 60:7a:ad:1c:68:dd:8e:28:87:6a:d9:91:c1:e6:84: b2:38:bd:87:39:33:0c:1e:e3:04:82:b9:ef:b7:e7: 98:d2:6b:9a:b9:7a:71:08:c2:53:28:3d:bf:62:4f: 95:4b:99:f9:43:81:24:95:2e:87:ec:38:a0:10:5b: 69:88:f5:36:a4:c6:f3:b2:11:c9:1b:c3:c0:ac:b7: f2:85:59:75:8b:f8:fd:53:9b:9e:36:0b:70:58:c5: 09:0e:db:ed:3c:47:da:4f:15:f1:e7:de:26:96:83: 2d:83:dc:24:91:6b:29:cb:4e:52:a8:66:c8:48:63: 5b:70:a5:01:e4:34:0b:af:3d:fa:18:8c:e1:6d:b2: d2:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:E3:A3:09:4B:D9:8A:4E:B8:29:17:15:D8:ED:51:3E:72:67:DA:AE X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143935.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a505::/32 Signature Algorithm: sha256WithRSAEncryption d4:7c:42:7c:75:66:ac:11:f9:21:ba:f5:ac:25:ef:f6:f8:26: a8:31:f3:8a:5a:60:4f:e7:99:c9:68:7c:38:d7:ff:e5:9c:79: 0c:aa:91:df:52:93:b4:53:56:fd:19:66:33:b6:6e:e9:32:49: eb:40:95:83:9e:5f:21:cb:2b:60:b5:82:e7:91:ba:16:e5:86: 65:50:a7:f2:0b:41:ba:bb:d4:31:24:39:ee:0c:0e:42:a7:48: 94:aa:92:01:10:41:4f:7b:cb:a9:15:86:93:80:f9:a4:c5:88: 16:b0:ad:70:8f:f7:fc:86:44:80:e9:9b:55:74:9f:47:0a:ae: ba:f0:45:7a:f5:e4:6d:cb:32:46:b5:ac:03:b0:c9:d3:ec:cc: d9:3e:e6:f2:25:5d:d3:4f:2f:32:6d:ca:a9:9f:da:eb:eb:5a: e5:85:68:6c:32:37:58:33:9d:66:76:66:52:1f:e6:ab:82:04: e4:b6:32:58:6b:14:68:e3:c9:17:1b:ec:76:3d:ec:23:0d:ce: c2:de:60:dd:99:02:5c:a7:42:30:ce:eb:50:26:2b:3e:82:a7: c8:92:80:7c:3e:2f:14:3a:54:3f:06:3c:1a:d4:9f:5e:70:a3: 0d:6e:92:a2:4a:55:dd:f1:70:aa:58:89:e7:13:df:a3:f4:4b: 70:74:6f:60 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUHO8dX2a232wgsCDF81JMZRSgJEcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MTA0MFoX DTI3MDMwMzA2MTU0MFowMzExMC8GA1UEAxMoNDVFM0EzMDk0QkQ5OEE0RUI4Mjkx NzE1RDhFRDUxM0U3MjY3REFBRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMlRX9vTtE/f2UeFOE5dHq47GLzV3gtijyXv53FE2Vd7FPb7CVesKXrax6PE CXqtdJTuEOAVMPY2zyMNqOw36UHRFsV3PspdHYztKNzUxIy556+ruDsBXVbqN25D HHY3iiBT72K1ByRbkA+3WkROTE1dp50BxUHoYHqtHGjdjiiHatmRweaEsji9hzkz DB7jBIK577fnmNJrmrl6cQjCUyg9v2JPlUuZ+UOBJJUuh+w4oBBbaYj1NqTG87IR yRvDwKy38oVZdYv4/VObnjYLcFjFCQ7b7TxH2k8V8efeJpaDLYPcJJFrKctOUqhm yEhjW3ClAeQ0C689+hiM4W2y0uUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRF46MJ S9mKTrgpFxXY7VE+cmfarjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzkzNS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pQUwDQYJKoZIhvcNAQELBQADggEBANR8Qnx1ZqwR+SG69awl7/b4Jqgx84paYE/n mclofDjX/+WceQyqkd9Sk7RTVv0ZZjO2bukySetAlYOeXyHLK2C1gueRuhblhmVQ p/ILQbq71DEkOe4MDkKnSJSqkgEQQU97y6kVhpOA+aTFiBawrXCP9/yGRIDpm1V0 n0cKrrrwRXr15G3LMka1rAOwydPszNk+5vIlXdNPLzJtyqmf2uvrWuWFaGwyN1gz nWZ2ZlIf5quCBOS2MlhrFGjjyRcb7HY97CMNzsLeYN2ZAlynQjDO61AmKz6Cp8iS gHw+LxQ6VD8GPBrUn15wow1ukqJKVd3xcKpYiecT36P0S3B0b2A= -----END CERTIFICATE-----Generated at Sat Mar 28 11:41:56 2026 by rpki-client