$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143943.roa File: AS143943.roa (raw, json) Hash identifier: B1cNtGjwOXIB7xniTPIg95f4vLH3tk7d4CqPR7B9H+M= Subject key identifier: E0:81:BA:90:AE:A8:FD:B0:D5:B4:40:FA:06:85:F2:77:28:42:EF:A3 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 3C4700B1BC095BE0BD2841D9E5EF3B04221C4D3B Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143943.roa Signing time: Wed 04 Mar 2026 06:14:21 +0000 ROA not before: Wed 04 Mar 2026 06:09:21 +0000 ROA not after: Wed 03 Mar 2027 06:14:21 +0000 asID: 143943 IP address blocks: 240a:a50d::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:47:00:b1:bc:09:5b:e0:bd:28:41:d9:e5:ef:3b:04:22:1c:4d:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:09:21 2026 GMT Not After : Mar 3 06:14:21 2027 GMT Subject: CN=E081BA90AEA8FDB0D5B440FA0685F2772842EFA3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:91:fb:5b:f7:3d:ff:86:1b:a8:9d:6d:dc:4e: c1:cd:5e:cb:0f:9e:cb:3c:11:4d:49:b6:56:51:42: 4a:88:6a:c4:8d:92:4a:22:16:a3:64:59:f9:c5:f8: 28:73:6c:3d:98:7c:5b:b4:b0:68:5f:4f:07:11:11: 42:92:23:a7:77:5d:6f:c6:01:e9:ed:34:92:33:f5: 1e:1e:03:1f:1b:b9:8a:4d:bf:0f:8e:73:b4:3a:91: 69:ca:5e:c1:cc:7d:9b:f1:30:9e:d6:4e:9f:77:e0: c7:67:03:74:f7:c1:4a:cd:21:02:45:cb:84:8d:5a: fe:ab:bc:07:27:ba:0e:c5:94:67:a3:7f:05:09:60: 58:e0:a6:d0:f1:f3:e3:ac:e1:d5:fe:b3:b1:b5:71: cb:cf:ec:82:f9:1d:fb:7d:96:04:f9:fe:63:f4:b7: cd:5f:05:65:9c:40:16:0e:d9:5f:f7:f2:71:d2:59: 2f:d4:ae:f4:a2:fd:bc:27:f9:a7:c2:cc:b6:2f:28: 19:b0:99:02:53:6a:5d:b4:fe:b6:8a:10:1d:38:01: 00:6c:cb:30:4d:7d:85:a8:76:1b:de:a3:c8:f0:aa: aa:69:dc:17:92:31:57:09:32:94:16:f3:80:5d:aa: 85:fa:d5:0c:8c:e7:0d:12:cc:08:f0:e6:5e:8b:6b: c9:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:81:BA:90:AE:A8:FD:B0:D5:B4:40:FA:06:85:F2:77:28:42:EF:A3 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143943.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a50d::/32 Signature Algorithm: sha256WithRSAEncryption 64:e5:de:25:5a:49:ad:8a:cf:13:c9:b0:7d:4b:a9:d7:66:53: fa:3b:14:fc:fa:37:1f:14:c0:13:7c:b2:48:30:9f:2e:7f:97: 4e:b6:73:f8:d3:70:a2:86:6f:24:35:5f:67:7d:6e:64:fd:50: 5e:c9:d4:6f:ae:e4:cb:70:4b:59:37:62:a4:d5:0e:65:51:83: 24:ae:fe:bc:5b:d4:01:b7:0d:ea:4a:fb:47:6c:df:97:6c:92: c5:76:be:9e:0e:2d:40:de:de:b5:5f:f1:79:ff:ce:6c:64:b5: dc:f1:78:c5:0b:d6:7f:78:98:dc:41:1b:76:dd:94:dc:f3:c3: 45:4d:8e:31:55:56:47:0a:e3:bf:c9:a5:eb:22:51:df:60:18: 5a:6a:4b:bf:f0:3c:06:58:91:60:85:c7:c4:33:51:30:d0:00: 20:ec:4c:39:a2:44:d5:3f:ee:1a:2c:f0:b0:3f:72:ec:f5:fe: 08:4d:49:4f:eb:08:14:84:87:b2:29:08:a5:df:1b:56:7c:7e: 75:ba:7c:6f:2e:5b:fc:0c:fe:d9:0a:dc:68:7e:07:02:d2:cb: ad:42:03:d0:ff:e1:2d:5c:0a:35:9a:03:3f:3d:c2:26:e4:fe: 89:16:06:60:27:f6:43:67:4b:ed:9a:0f:2b:75:79:47:7e:83: 23:cc:da:71 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUPEcAsbwJW+C9KEHZ5e87BCIcTTswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDkyMVoX DTI3MDMwMzA2MTQyMVowMzExMC8GA1UEAxMoRTA4MUJBOTBBRUE4RkRCMEQ1QjQ0 MEZBMDY4NUYyNzcyODQyRUZBMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALyR+1v3Pf+GG6idbdxOwc1eyw+eyzwRTUm2VlFCSohqxI2SSiIWo2RZ+cX4 KHNsPZh8W7SwaF9PBxERQpIjp3ddb8YB6e00kjP1Hh4DHxu5ik2/D45ztDqRacpe wcx9m/EwntZOn3fgx2cDdPfBSs0hAkXLhI1a/qu8Bye6DsWUZ6N/BQlgWOCm0PHz 46zh1f6zsbVxy8/sgvkd+32WBPn+Y/S3zV8FZZxAFg7ZX/fycdJZL9Su9KL9vCf5 p8LMti8oGbCZAlNqXbT+tooQHTgBAGzLME19hah2G96jyPCqqmncF5IxVwkylBbz gF2qhfrVDIznDRLMCPDmXotrybUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTggbqQ rqj9sNW0QPoGhfJ3KELvozAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Mzk0My5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK pQ0wDQYJKoZIhvcNAQELBQADggEBAGTl3iVaSa2KzxPJsH1LqddmU/o7FPz6Nx8U wBN8skgwny5/l062c/jTcKKGbyQ1X2d9bmT9UF7J1G+u5MtwS1k3YqTVDmVRgySu /rxb1AG3DepK+0ds35dsksV2vp4OLUDe3rVf8Xn/zmxktdzxeMUL1n94mNxBG3bd lNzzw0VNjjFVVkcK47/JpesiUd9gGFpqS7/wPAZYkWCFx8QzUTDQACDsTDmiRNU/ 7hos8LA/cuz1/ghNSU/rCBSEh7IpCKXfG1Z8fnW6fG8uW/wM/tkK3Gh+BwLSy61C A9D/4S1cCjWaAz89wibk/okWBmAn9kNnS+2aDyt1eUd+gyPM2nE= -----END CERTIFICATE-----Generated at Sat Mar 28 11:49:25 2026 by rpki-client