$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143941.roa File: AS143941.roa (raw, json) Hash identifier: /45rJUtmngCzJINdV/MbLUxzwfVWzm7AORcUkmIwoBw= Subject key identifier: 79:EC:12:35:29:C2:02:2B:C6:64:60:11:2D:88:9C:2D:1B:90:25:AD Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2C994F1A137C6BD9A89E975242100F752C943F64 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143941.roa Signing time: Wed 04 Mar 2026 06:14:03 +0000 ROA not before: Wed 04 Mar 2026 06:09:03 +0000 ROA not after: Wed 03 Mar 2027 06:14:03 +0000 asID: 143941 IP address blocks: 240a:a50b::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:99:4f:1a:13:7c:6b:d9:a8:9e:97:52:42:10:0f:75:2c:94:3f:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:03 2026 GMT Not After : Mar 3 06:14:03 2027 GMT Subject: CN=79EC123529C2022BC66460112D889C2D1B9025AD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:f4:3e:16:2b:26:75:eb:bf:44:27:4d:50:62: 71:16:bf:bc:9e:c5:a7:bd:04:ae:e0:b5:53:81:d9: 81:db:5d:5a:63:2a:9b:83:81:b0:23:bf:bc:24:d3: 2b:f5:09:f4:45:4f:81:c4:de:23:ce:8e:cc:4f:00: b4:8b:97:71:68:3a:b0:88:34:45:b3:cf:86:7c:3d: e4:f4:66:09:3c:19:5b:09:bc:5e:af:11:1d:39:87: 9c:a0:30:d9:5e:fc:ca:b2:30:99:ec:08:5c:3c:0a: 91:cd:02:87:e4:29:6a:99:d9:23:df:99:f6:2b:c2: f3:68:8c:14:20:04:42:0a:0f:bf:78:a6:38:ba:ae: b4:b2:ee:98:4d:5b:f8:b7:60:57:6d:6f:e8:a9:2d: 4b:7a:e3:06:b6:2a:61:b9:f7:d4:9e:bd:d4:7e:5d: 3a:d4:b0:90:1c:36:c0:84:e1:56:38:be:d4:aa:9a: 90:ec:61:1a:bd:6f:f2:22:3a:4f:b3:0a:5c:ec:51: 81:6c:ed:2a:7f:c4:a0:6a:e9:85:1f:40:f7:89:6a: 50:b2:d3:23:8c:48:d5:34:a4:5c:55:b4:47:41:d0: 71:e5:6a:04:9f:c6:ca:f7:c5:4b:82:4f:0b:09:51: 7a:05:c9:3f:32:1e:5a:1a:e0:c0:a2:d9:e5:6a:7a: 00:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:EC:12:35:29:C2:02:2B:C6:64:60:11:2D:88:9C:2D:1B:90:25:AD X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143941.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a50b::/32 Signature Algorithm: sha256WithRSAEncryption a8:f5:1d:1d:33:d5:4d:1f:63:68:74:30:6c:4e:68:33:ef:e0: da:5d:a2:3c:ff:e8:6e:c7:83:3a:be:f7:ff:4e:d5:a6:53:8d: 43:0b:f4:72:01:f2:62:7b:5d:70:49:61:ab:b5:fd:00:bd:cf: b3:95:47:89:03:f4:d9:e6:4f:e1:5a:6b:45:8d:5c:60:1c:90: b4:11:bb:46:9a:5c:ae:a6:fe:b1:4d:b8:e1:a9:85:e6:d9:5f: e4:43:1c:fb:48:b3:dd:72:4a:9f:df:b6:20:9a:4a:5d:58:19: 28:bc:53:5b:5f:fe:e0:00:9b:bf:82:bb:77:f3:00:5c:0e:d6: 94:bf:59:eb:5a:de:af:31:ae:67:39:61:b1:8b:01:33:0e:77: e9:94:04:7d:d2:d8:18:0b:02:23:0e:93:69:d5:83:45:5f:fc: 67:c1:cc:43:63:41:9c:83:c1:af:94:b7:1b:37:3e:03:65:d4: af:ee:cb:a4:e5:78:7b:d5:9c:e5:00:25:34:fc:4f:30:89:cd: b0:47:38:e4:c0:7f:e2:46:29:b3:68:57:54:b8:bb:ee:c8:ea: 31:36:f0:88:6f:e0:e1:3e:5e:00:50:22:2f:17:3a:3d:22:c2: 90:3e:f2:ab:9c:d3:b1:1f:6c:98:90:28:8d:3a:92:45:a1:9d: 47:8f:a2:46 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIULJlPGhN8a9monpdSQhAPdSyUP2QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkwM1oX DTI3MDMwMzA2MTQwM1owMzExMC8GA1UEAxMoNzlFQzEyMzUyOUMyMDIyQkM2NjQ2 MDExMkQ4ODlDMkQxQjkwMjVBRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMb0PhYrJnXrv0QnTVBicRa/vJ7Fp70EruC1U4HZgdtdWmMqm4OBsCO/vCTT K/UJ9EVPgcTeI86OzE8AtIuXcWg6sIg0RbPPhnw95PRmCTwZWwm8Xq8RHTmHnKAw 2V78yrIwmewIXDwKkc0Ch+QpapnZI9+Z9ivC82iMFCAEQgoPv3imOLqutLLumE1b +LdgV21v6KktS3rjBrYqYbn31J691H5dOtSwkBw2wIThVji+1KqakOxhGr1v8iI6 T7MKXOxRgWztKn/EoGrphR9A94lqULLTI4xI1TSkXFW0R0HQceVqBJ/GyvfFS4JP CwlRegXJPzIeWhrgwKLZ5Wp6AC0CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR57BI1 KcICK8ZkYBEtiJwtG5AlrTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk0MS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pQswDQYJKoZIhvcNAQELBQADggEBAKj1HR0z1U0fY2h0MGxOaDPv4Npdojz/6G7H gzq+9/9O1aZTjUML9HIB8mJ7XXBJYau1/QC9z7OVR4kD9NnmT+Faa0WNXGAckLQR u0aaXK6m/rFNuOGphebZX+RDHPtIs91ySp/ftiCaSl1YGSi8U1tf/uAAm7+Cu3fz AFwO1pS/Weta3q8xrmc5YbGLATMOd+mUBH3S2BgLAiMOk2nVg0Vf/GfBzENjQZyD wa+Utxs3PgNl1K/uy6TleHvVnOUAJTT8TzCJzbBHOOTAf+JGKbNoV1S4u+7I6jE2 8Ihv4OE+XgBQIi8XOj0iwpA+8quc07EfbJiQKI06kkWhnUePokY= -----END CERTIFICATE-----Generated at Sat Mar 28 15:54:01 2026 by rpki-client