$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143940.roa File: AS143940.roa (raw, json) Hash identifier: x6HOWw3gNz+GWPBnEjitO3+zg6fHnuMDGBHKEkC2Cw0= Subject key identifier: 85:13:FA:88:69:3B:16:C8:53:5C:B1:BE:12:79:6A:37:AC:DE:69:1A Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3E44E1AA842E568F7692F2908A2E784DE48004C6 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143940.roa Signing time: Wed 04 Mar 2026 06:14:57 +0000 ROA not before: Wed 04 Mar 2026 06:09:57 +0000 ROA not after: Wed 03 Mar 2027 06:14:57 +0000 asID: 143940 IP address blocks: 240a:a50a::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:44:e1:aa:84:2e:56:8f:76:92:f2:90:8a:2e:78:4d:e4:80:04:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:57 2026 GMT Not After : Mar 3 06:14:57 2027 GMT Subject: CN=8513FA88693B16C8535CB1BE12796A37ACDE691A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:d4:a8:c6:81:02:ef:23:3e:dd:71:d6:38:a7: 0f:58:8c:ea:e3:c6:77:99:ed:55:a3:d2:4d:a7:f0: f3:c3:9b:b2:b5:80:1a:00:93:e5:89:23:65:d6:40: b2:12:47:e3:20:4e:57:44:13:0d:a5:52:46:1f:d8: 76:00:00:1f:63:94:73:42:17:43:26:d7:45:ae:08: 07:30:18:ba:d7:fe:9c:cd:5b:55:7b:ec:3d:e3:97: d0:3d:fa:af:10:64:8c:cc:48:11:a0:0c:50:e6:8b: de:45:7e:58:93:35:a3:c3:2f:c8:3d:26:d2:18:a7: 34:a1:45:4b:07:9a:7c:8f:a1:ab:0c:42:9c:e8:1f: 95:8e:b6:e9:2c:71:87:03:66:3b:68:1a:dc:5b:c4: 8d:57:4f:05:f3:73:41:92:7a:77:af:50:72:fd:fe: f6:f5:d7:23:86:87:67:36:55:6f:e9:dc:a9:fa:62: 44:ed:d8:d7:c1:66:0c:87:95:9c:8c:6c:8f:09:0f: 8c:70:23:2f:7c:41:b2:d6:92:fc:3a:f6:1d:9d:6a: 09:92:2f:f9:0f:7d:2f:31:1f:0a:fd:2d:63:b3:03: 47:9a:93:ed:61:d8:29:81:9d:25:e4:93:53:b9:f2: dc:3b:72:fe:a0:a2:f6:1f:08:d6:5d:72:73:73:78: e1:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:13:FA:88:69:3B:16:C8:53:5C:B1:BE:12:79:6A:37:AC:DE:69:1A X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143940.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a50a::/32 Signature Algorithm: sha256WithRSAEncryption 13:33:2e:6e:85:e1:2a:02:19:2a:eb:39:fc:8b:f5:40:6b:86: 6c:91:62:0b:f8:54:7e:fe:3f:48:3b:dd:2e:fe:61:43:cd:6e: 1d:06:13:0b:26:98:bf:5d:fb:d5:e1:a8:bf:ef:7f:74:45:51: 61:18:02:b2:b6:86:51:87:3b:d7:d8:2f:47:ce:ca:75:7e:db: 09:51:56:19:76:41:fc:e0:3c:c4:5d:bc:ce:29:bc:ef:40:94: c0:f0:7f:8e:a2:6f:6d:c8:b6:8d:21:c2:62:ae:a9:87:75:39: f7:38:d9:fe:e9:1c:8d:59:80:50:89:a2:36:ad:30:f0:70:13: f7:9d:fb:c1:17:1b:50:97:99:ef:2b:cd:33:81:d7:50:80:5d: 04:db:61:a7:09:ba:54:1c:99:4e:df:7e:89:4f:a2:5a:fc:cf: ed:ad:2f:e8:da:54:36:f6:d6:32:bb:61:7b:88:0d:c6:8a:b9: 69:0e:85:7e:74:c3:66:7d:a2:c2:42:37:97:17:77:b3:a7:69: 05:fb:c8:30:90:c9:12:81:5b:7c:c7:2c:ea:09:61:29:85:32: ac:64:50:47:e0:e6:c2:e6:ca:e4:6e:dc:3f:67:d6:a8:0e:1f: f4:98:3b:43:32:59:48:f9:11:88:35:ec:37:cc:8b:59:bd:ac: 01:08:a1:10 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPkThqoQuVo92kvKQii54TeSABMYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDk1N1oX DTI3MDMwMzA2MTQ1N1owMzExMC8GA1UEAxMoODUxM0ZBODg2OTNCMTZDODUzNUNC MUJFMTI3OTZBMzdBQ0RFNjkxQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKfUqMaBAu8jPt1x1jinD1iM6uPGd5ntVaPSTafw88ObsrWAGgCT5YkjZdZA shJH4yBOV0QTDaVSRh/YdgAAH2OUc0IXQybXRa4IBzAYutf+nM1bVXvsPeOX0D36 rxBkjMxIEaAMUOaL3kV+WJM1o8MvyD0m0hinNKFFSweafI+hqwxCnOgflY626Sxx hwNmO2ga3FvEjVdPBfNzQZJ6d69Qcv3+9vXXI4aHZzZVb+ncqfpiRO3Y18FmDIeV nIxsjwkPjHAjL3xBstaS/Dr2HZ1qCZIv+Q99LzEfCv0tY7MDR5qT7WHYKYGdJeST U7ny3Dty/qCi9h8I1l1yc3N44b8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSFE/qI aTsWyFNcsb4SeWo3rN5pGjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk0MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pQowDQYJKoZIhvcNAQELBQADggEBABMzLm6F4SoCGSrrOfyL9UBrhmyRYgv4VH7+ P0g73S7+YUPNbh0GEwsmmL9d+9XhqL/vf3RFUWEYArK2hlGHO9fYL0fOynV+2wlR Vhl2QfzgPMRdvM4pvO9AlMDwf46ib23Ito0hwmKuqYd1Ofc42f7pHI1ZgFCJojat MPBwE/ed+8EXG1CXme8rzTOB11CAXQTbYacJulQcmU7ffolPolr8z+2tL+jaVDb2 1jK7YXuIDcaKuWkOhX50w2Z9osJCN5cXd7OnaQX7yDCQyRKBW3zHLOoJYSmFMqxk UEfg5sLmyuRu3D9n1qgOH/SYO0MyWUj5EYg17DfMi1m9rAEIoRA= -----END CERTIFICATE-----Generated at Sat Mar 28 14:30:42 2026 by rpki-client